cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #11219 from Erethon/devel

Browse source 
ansible-pull: Add option to verify gpg signature of a commit
This commit is contained in:
Brian Coca 2015-06-10 10:24:21 -04:00
commit 09e1d3abf0
1 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
lib/ansible/cli/pull.py
View file

@ -70,7 +70,9 @@ class PullCLI(CLI):
help='adds the hostkey for the repo url if not already added') help='adds the hostkey for the repo url if not already added')
self.parser.add_option('-m', '--module-name', dest='module_name', default=self.DEFAULT_REPO_TYPE, self.parser.add_option('-m', '--module-name', dest='module_name', default=self.DEFAULT_REPO_TYPE,
help='Repository module name, which ansible will use to check out the repo. Default is %s.' % self.DEFAULT_REPO_TYPE) help='Repository module name, which ansible will use to check out the repo. Default is %s.' % self.DEFAULT_REPO_TYPE)
self.parser.add_option('--verify-commit', dest='verify', default=False, action='store_true',
help='verify GPG signature of checked out commit, if it fails abort running the playbook.'
' This needs the corresponding VCS module to support such an operation')
self.options, self.args = self.parser.parse_args() self.options, self.args = self.parser.parse_args()
@ -127,6 +129,9 @@ class PullCLI(CLI):
if self.options.private_key_file: if self.options.private_key_file:
repo_opts += ' key_file=%s' % self.options.private_key_file repo_opts += ' key_file=%s' % self.options.private_key_file
if self.options.verify:
repo_opts += ' verify_commit=yes'
path = module_loader.find_plugin(self.options.module_name) path = module_loader.find_plugin(self.options.module_name)
if path is None: if path is None:
raise AnsibleOptionsError(("module '%s' not found.\n" % self.options.module_name)) raise AnsibleOptionsError(("module '%s' not found.\n" % self.options.module_name))