Fixes #4108 Add sshopts and keyfile parameters to the git module

This commit is contained in:
James Tanner 2014-01-23 16:22:43 -05:00
parent de6afab8dc
commit 07f9733e96

View file

@ -49,6 +49,21 @@ options:
version_added: "1.5" version_added: "1.5"
description: description:
- Add the hostkey for the repo url if not already added. - Add the hostkey for the repo url if not already added.
sshopts:
required: false
default: None
version_added: "1.5"
description:
- Creates a wrapper script and exports the path as GIT_SSH
which git then automatically uses to override ssh arguments.
An example value could be "-o StrictHostKeyChecking=no"
keyfile:
requird: false
default: None
version_added: "1.5"
description:
- Uses the same wrapper method as sshopts to pass
"-i <keyfile>" to the ssh arguments used by git
reference: reference:
required: false required: false
default: null default: null
@ -124,6 +139,45 @@ EXAMPLES = '''
import re import re
import tempfile import tempfile
def write_ssh_wrapper():
fh = tempfile.NamedTemporaryFile(delete=False)
wrapper_path = fh.name
template = """#!/bin/sh
if [ -z "$GIT_SSH_OPTS" ]; then
BASEOPTS=""
else
BASEOPTS=$GIT_SSH_OPTS
fi
if [ -z "$GIT_KEY" ]; then
ssh $BASEOPTS "$@"
else
ssh -i "$GIT_KEY" $BASEOPTS "$@"
fi
"""
fh.write(template)
fh.close()
st = os.stat(wrapper_path)
os.chmod(wrapper_path, st.st_mode | stat.S_IEXEC)
return wrapper_path
def set_git_ssh(ssh_wrapper, key_file, ssh_opts):
if os.environ.get("GIT_SSH"):
del os.environ["GIT_SSH"]
os.environ["GIT_SSH"] = ssh_wrapper
if os.environ.get("GIT_KEY"):
del os.environ["GIT_KEY"]
if key_file:
os.environ["GIT_KEY"] = key_file
if os.environ.get("GIT_SSH_OPTS"):
del os.environ["GIT_SSH_OPTS"]
if ssh_opts:
os.environ["GIT_SSH_OPTS"] = ssh_opts
def get_version(git_path, dest, ref="HEAD"): def get_version(git_path, dest, ref="HEAD"):
''' samples the version of the git repo ''' ''' samples the version of the git repo '''
@ -199,7 +253,7 @@ def get_remote_head(git_path, module, dest, version, remote, bare):
# appears to be a sha1. return as-is since it appears # appears to be a sha1. return as-is since it appears
# cannot check for a specific sha1 on remote # cannot check for a specific sha1 on remote
return version return version
(rc, out, err) = module.run_command(cmd, check_rc=True) (rc, out, err) = module.run_command(cmd, check_rc=True )
if len(out) < 1: if len(out) < 1:
module.fail_json(msg="Could not determine remote revision for %s" % version) module.fail_json(msg="Could not determine remote revision for %s" % version)
rev = out.split()[0] rev = out.split()[0]
@ -360,6 +414,8 @@ def main():
depth=dict(default=None, type='int'), depth=dict(default=None, type='int'),
update=dict(default='yes', type='bool'), update=dict(default='yes', type='bool'),
accept_hostkey=dict(default='no', type='bool'), accept_hostkey=dict(default='no', type='bool'),
keyfile=dict(default=None, required=False),
sshopts=dict(default=None, required=False),
executable=dict(default=None), executable=dict(default=None),
bare=dict(default='no', type='bool'), bare=dict(default='no', type='bool'),
), ),
@ -376,6 +432,17 @@ def main():
bare = module.params['bare'] bare = module.params['bare']
reference = module.params['reference'] reference = module.params['reference']
git_path = module.params['executable'] or module.get_bin_path('git', True) git_path = module.params['executable'] or module.get_bin_path('git', True)
key_file = module.params['keyfile']
ssh_opts = module.params['sshopts']
# create a wrapper script and export
# GIT_SSH=<path> as an environment variable
# for git to use the wrapper script
ssh_wrapper = None
if key_file or ssh_opts:
ssh_wrapper = write_ssh_wrapper()
set_git_ssh(ssh_wrapper, key_file, ssh_opts)
# add the git repo's hostkey # add the git repo's hostkey
#if module.params['accept_hostkey']: #if module.params['accept_hostkey']:
@ -438,6 +505,10 @@ def main():
if before != after or local_mods: if before != after or local_mods:
changed = True changed = True
# cleanup the wrapper script
if ssh_wrapper:
os.remove(ssh_wrapper)
module.exit_json(changed=changed, before=before, after=after) module.exit_json(changed=changed, before=before, after=after)
# import module snippets # import module snippets