optionally supports waiting for the password to be available
This commit is contained in:
parent
110388be11
commit
1286364498
1 changed files with 53 additions and 6 deletions
|
@ -15,7 +15,7 @@ options:
|
||||||
required: true
|
required: true
|
||||||
key_file:
|
key_file:
|
||||||
description:
|
description:
|
||||||
- path to the file containing the key pair used on the instance
|
- Path to the file containing the key pair used on the instance.
|
||||||
required: true
|
required: true
|
||||||
key_passphrase:
|
key_passphrase:
|
||||||
version_added: "2.0"
|
version_added: "2.0"
|
||||||
|
@ -28,6 +28,18 @@ options:
|
||||||
required: false
|
required: false
|
||||||
default: null
|
default: null
|
||||||
aliases: [ 'aws_region', 'ec2_region' ]
|
aliases: [ 'aws_region', 'ec2_region' ]
|
||||||
|
wait:
|
||||||
|
version_added: "2.0"
|
||||||
|
description:
|
||||||
|
- Whether or not to wait for the password to be available before returning.
|
||||||
|
required: false
|
||||||
|
default: "no"
|
||||||
|
choices: [ "yes", "no" ]
|
||||||
|
wait_timeout:
|
||||||
|
version_added: "2.0"
|
||||||
|
description:
|
||||||
|
- Number of seconds to wait before giving up.
|
||||||
|
default: 120
|
||||||
|
|
||||||
extends_documentation_fragment: aws
|
extends_documentation_fragment: aws
|
||||||
'''
|
'''
|
||||||
|
@ -51,12 +63,24 @@ tasks:
|
||||||
region: us-east-1
|
region: us-east-1
|
||||||
key_file: "~/aws-creds/my_protected_test_key.pem"
|
key_file: "~/aws-creds/my_protected_test_key.pem"
|
||||||
key_passphrase: "secret"
|
key_passphrase: "secret"
|
||||||
|
|
||||||
|
# Example of waiting for a password
|
||||||
|
tasks:
|
||||||
|
- name: get the Administrator password
|
||||||
|
ec2_win_password:
|
||||||
|
profile: my-boto-profile
|
||||||
|
instance_id: i-XXXXXX
|
||||||
|
region: us-east-1
|
||||||
|
key_file: "~/aws-creds/my_test_key.pem"
|
||||||
|
wait: yes
|
||||||
|
wait_timeout: 45
|
||||||
'''
|
'''
|
||||||
|
|
||||||
from base64 import b64decode
|
from base64 import b64decode
|
||||||
from os.path import expanduser
|
from os.path import expanduser
|
||||||
from Crypto.Cipher import PKCS1_v1_5
|
from Crypto.Cipher import PKCS1_v1_5
|
||||||
from Crypto.PublicKey import RSA
|
from Crypto.PublicKey import RSA
|
||||||
|
import datetime
|
||||||
|
|
||||||
try:
|
try:
|
||||||
import boto.ec2
|
import boto.ec2
|
||||||
|
@ -70,6 +94,8 @@ def main():
|
||||||
instance_id = dict(required=True),
|
instance_id = dict(required=True),
|
||||||
key_file = dict(required=True),
|
key_file = dict(required=True),
|
||||||
key_passphrase = dict(default=None),
|
key_passphrase = dict(default=None),
|
||||||
|
wait = dict(type='bool', default=False),
|
||||||
|
wait_timeout = dict(default=120),
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
module = AnsibleModule(argument_spec=argument_spec)
|
module = AnsibleModule(argument_spec=argument_spec)
|
||||||
|
@ -80,11 +106,28 @@ def main():
|
||||||
instance_id = module.params.get('instance_id')
|
instance_id = module.params.get('instance_id')
|
||||||
key_file = expanduser(module.params.get('key_file'))
|
key_file = expanduser(module.params.get('key_file'))
|
||||||
key_passphrase = module.params.get('key_passphrase')
|
key_passphrase = module.params.get('key_passphrase')
|
||||||
|
wait = module.params.get('wait')
|
||||||
|
wait_timeout = int(module.params.get('wait_timeout'))
|
||||||
|
|
||||||
ec2 = ec2_connect(module)
|
ec2 = ec2_connect(module)
|
||||||
|
|
||||||
|
if wait:
|
||||||
|
start = datetime.datetime.now()
|
||||||
|
end = start + datetime.timedelta(seconds=wait_timeout)
|
||||||
|
|
||||||
|
while datetime.datetime.now() < end:
|
||||||
data = ec2.get_password_data(instance_id)
|
data = ec2.get_password_data(instance_id)
|
||||||
decoded = b64decode(data)
|
decoded = b64decode(data)
|
||||||
|
if wait and not decoded:
|
||||||
|
time.sleep(5)
|
||||||
|
else:
|
||||||
|
break
|
||||||
|
else:
|
||||||
|
data = ec2.get_password_data(instance_id)
|
||||||
|
decoded = b64decode(data)
|
||||||
|
|
||||||
|
if wait and datetime.datetime.now() >= end:
|
||||||
|
module.fail_json(msg = "wait for password timeout after %d seconds" % wait_timeout)
|
||||||
|
|
||||||
f = open(key_file, 'r')
|
f = open(key_file, 'r')
|
||||||
key = RSA.importKey(f.read(), key_passphrase)
|
key = RSA.importKey(f.read(), key_passphrase)
|
||||||
|
@ -98,6 +141,10 @@ def main():
|
||||||
|
|
||||||
if decrypted == None:
|
if decrypted == None:
|
||||||
module.exit_json(win_password='', changed=False)
|
module.exit_json(win_password='', changed=False)
|
||||||
|
else:
|
||||||
|
if wait:
|
||||||
|
elapsed = datetime.datetime.now() - start
|
||||||
|
module.exit_json(win_password=decrypted, changed=True, elapsed=elapsed.seconds)
|
||||||
else:
|
else:
|
||||||
module.exit_json(win_password=decrypted, changed=True)
|
module.exit_json(win_password=decrypted, changed=True)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue