module and vault fixes (#29663)
* module and vault fixes - fix module_path cli option and usage, which fixes #29653 - move --output to be in subset of vault cli, no need for all vault enabled cli to use it - added debug to loader to see directories added
This commit is contained in:
parent
88aa0b7645
commit
2165bac212
4 changed files with 21 additions and 16 deletions
|
@ -385,12 +385,16 @@ class CLI(with_metaclass(ABCMeta, object)):
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def unfrack_paths(option, opt, value, parser):
|
def unfrack_paths(option, opt, value, parser):
|
||||||
paths = getattr(parser.values, option.dest)
|
paths = getattr(parser.values, option.dest)
|
||||||
|
if paths is None:
|
||||||
|
paths = []
|
||||||
|
|
||||||
if isinstance(value, string_types):
|
if isinstance(value, string_types):
|
||||||
paths[:0] = [unfrackpath(x) for x in value.split(os.pathsep)]
|
paths[:0] = [unfrackpath(x) for x in value.split(os.pathsep) if x]
|
||||||
elif isinstance(value, list):
|
elif isinstance(value, list):
|
||||||
paths[:0] = [unfrackpath(x) for x in value]
|
paths[:0] = [unfrackpath(x) for x in value if x]
|
||||||
else:
|
else:
|
||||||
pass # FIXME: should we raise options error?
|
pass # FIXME: should we raise options error?
|
||||||
|
|
||||||
setattr(parser.values, option.dest, paths)
|
setattr(parser.values, option.dest, paths)
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
|
@ -419,8 +423,8 @@ class CLI(with_metaclass(ABCMeta, object)):
|
||||||
|
|
||||||
if module_opts:
|
if module_opts:
|
||||||
parser.add_option('-M', '--module-path', dest='module_path', default=None,
|
parser.add_option('-M', '--module-path', dest='module_path', default=None,
|
||||||
help="prepend path(s) to module library (default=%s)" % C.DEFAULT_MODULE_PATH,
|
help="prepend colon-separated path(s) to module library (default=%s)" % C.DEFAULT_MODULE_PATH,
|
||||||
action="callback", callback=CLI.unfrack_path, type='str')
|
action="callback", callback=CLI.unfrack_paths, type='str')
|
||||||
if runtask_opts:
|
if runtask_opts:
|
||||||
parser.add_option('-e', '--extra-vars', dest="extra_vars", action="append",
|
parser.add_option('-e', '--extra-vars', dest="extra_vars", action="append",
|
||||||
help="set additional variables as key=value or YAML/JSON, if filename prepend with @", default=[])
|
help="set additional variables as key=value or YAML/JSON, if filename prepend with @", default=[])
|
||||||
|
@ -436,9 +440,6 @@ class CLI(with_metaclass(ABCMeta, object)):
|
||||||
help="vault password file", action="callback", callback=CLI.unfrack_paths, type='string')
|
help="vault password file", action="callback", callback=CLI.unfrack_paths, type='string')
|
||||||
parser.add_option('--new-vault-password-file', default=[], dest='new_vault_password_files',
|
parser.add_option('--new-vault-password-file', default=[], dest='new_vault_password_files',
|
||||||
help="new vault password file for rekey", action="callback", callback=CLI.unfrack_paths, type='string')
|
help="new vault password file for rekey", action="callback", callback=CLI.unfrack_paths, type='string')
|
||||||
parser.add_option('--output', default=None, dest='output_file',
|
|
||||||
help='output file name for encrypt or decrypt; use - for stdout',
|
|
||||||
action="callback", callback=CLI.unfrack_path, type='string'),
|
|
||||||
parser.add_option('--vault-id', default=[], dest='vault_ids', action='append', type='string',
|
parser.add_option('--vault-id', default=[], dest='vault_ids', action='append', type='string',
|
||||||
help='the vault identity to use')
|
help='the vault identity to use')
|
||||||
parser.add_option('--new-vault-id', default=None, dest='new_vault_id', type='string',
|
parser.add_option('--new-vault-id', default=None, dest='new_vault_id', type='string',
|
||||||
|
|
|
@ -66,12 +66,20 @@ class VaultCLI(CLI):
|
||||||
self.new_encrypt_secret = None
|
self.new_encrypt_secret = None
|
||||||
self.new_encrypt_vault_id = None
|
self.new_encrypt_vault_id = None
|
||||||
|
|
||||||
|
self.can_output = ['encrypt', 'decrypt', 'encrypt_string']
|
||||||
|
|
||||||
super(VaultCLI, self).__init__(args)
|
super(VaultCLI, self).__init__(args)
|
||||||
|
|
||||||
def set_action(self):
|
def set_action(self):
|
||||||
|
|
||||||
super(VaultCLI, self).set_action()
|
super(VaultCLI, self).set_action()
|
||||||
|
|
||||||
|
# add output if needed
|
||||||
|
if self.action in self.can_output:
|
||||||
|
self.parser.add_option('--output', default=None, dest='output_file',
|
||||||
|
help='output file name for encrypt or decrypt; use - for stdout',
|
||||||
|
action="callback", callback=CLI.unfrack_path, type='string')
|
||||||
|
|
||||||
# options specific to self.actions
|
# options specific to self.actions
|
||||||
if self.action == "create":
|
if self.action == "create":
|
||||||
self.parser.set_usage("usage: %prog create [options] file_name")
|
self.parser.set_usage("usage: %prog create [options] file_name")
|
||||||
|
@ -113,16 +121,12 @@ class VaultCLI(CLI):
|
||||||
|
|
||||||
display.verbosity = self.options.verbosity
|
display.verbosity = self.options.verbosity
|
||||||
|
|
||||||
can_output = ['encrypt', 'decrypt', 'encrypt_string']
|
|
||||||
|
|
||||||
if self.options.vault_ids:
|
if self.options.vault_ids:
|
||||||
for vault_id in self.options.vault_ids:
|
for vault_id in self.options.vault_ids:
|
||||||
if u';' in vault_id:
|
if u';' in vault_id:
|
||||||
raise AnsibleOptionsError("'%s' is not a valid vault id. The character ';' is not allowed in vault ids" % vault_id)
|
raise AnsibleOptionsError("'%s' is not a valid vault id. The character ';' is not allowed in vault ids" % vault_id)
|
||||||
|
|
||||||
if self.action not in can_output:
|
if self.action not in self.can_output:
|
||||||
if self.options.output_file:
|
|
||||||
raise AnsibleOptionsError("The --output option can be used only with ansible-vault %s" % '/'.join(can_output))
|
|
||||||
if len(self.args) == 0:
|
if len(self.args) == 0:
|
||||||
raise AnsibleOptionsError("Vault requires at least one filename as a parameter")
|
raise AnsibleOptionsError("Vault requires at least one filename as a parameter")
|
||||||
else:
|
else:
|
||||||
|
@ -138,8 +142,7 @@ class VaultCLI(CLI):
|
||||||
if '-' in self.args or len(self.args) == 0 or self.options.encrypt_string_stdin_name:
|
if '-' in self.args or len(self.args) == 0 or self.options.encrypt_string_stdin_name:
|
||||||
self.encrypt_string_read_stdin = True
|
self.encrypt_string_read_stdin = True
|
||||||
|
|
||||||
# TODO: prompting from stdin and reading from stdin seem
|
# TODO: prompting from stdin and reading from stdin seem mutually exclusive, but verify that.
|
||||||
# mutually exclusive, but verify that.
|
|
||||||
if self.options.encrypt_string_prompt and self.encrypt_string_read_stdin:
|
if self.options.encrypt_string_prompt and self.encrypt_string_read_stdin:
|
||||||
raise AnsibleOptionsError('The --prompt option is not supported if also reading input from stdin')
|
raise AnsibleOptionsError('The --prompt option is not supported if also reading input from stdin')
|
||||||
|
|
||||||
|
|
|
@ -84,9 +84,9 @@ class TaskQueueManager:
|
||||||
self._start_at_done = False
|
self._start_at_done = False
|
||||||
|
|
||||||
# make sure any module paths (if specified) are added to the module_loader
|
# make sure any module paths (if specified) are added to the module_loader
|
||||||
if isinstance(options.module_path, list):
|
if options.module_path:
|
||||||
for path in options.module_path:
|
for path in options.module_path:
|
||||||
if path is not None:
|
if path:
|
||||||
module_loader.add_directory(path)
|
module_loader.add_directory(path)
|
||||||
|
|
||||||
# a special flag to help us exit cleanly
|
# a special flag to help us exit cleanly
|
||||||
|
|
|
@ -229,6 +229,7 @@ class PluginLoader:
|
||||||
# append the directory and invalidate the path cache
|
# append the directory and invalidate the path cache
|
||||||
self._extra_dirs.append(directory)
|
self._extra_dirs.append(directory)
|
||||||
self._paths = None
|
self._paths = None
|
||||||
|
display.debug('Added %s to loader search path' % (directory))
|
||||||
|
|
||||||
def find_plugin(self, name, mod_type='', ignore_deprecated=False, check_aliases=False):
|
def find_plugin(self, name, mod_type='', ignore_deprecated=False, check_aliases=False):
|
||||||
''' Find a plugin named name '''
|
''' Find a plugin named name '''
|
||||||
|
|
Loading…
Reference in a new issue