module and vault fixes (#29663)

* module and vault fixes

- fix module_path cli option and usage, which fixes #29653
- move --output to be in subset of vault cli, no need for all vault enabled cli to use it
- added debug to loader to see directories added
This commit is contained in:
Brian Coca 2017-09-11 21:02:16 -04:00 committed by GitHub
parent 88aa0b7645
commit 2165bac212
4 changed files with 21 additions and 16 deletions

View file

@ -385,12 +385,16 @@ class CLI(with_metaclass(ABCMeta, object)):
@staticmethod @staticmethod
def unfrack_paths(option, opt, value, parser): def unfrack_paths(option, opt, value, parser):
paths = getattr(parser.values, option.dest) paths = getattr(parser.values, option.dest)
if paths is None:
paths = []
if isinstance(value, string_types): if isinstance(value, string_types):
paths[:0] = [unfrackpath(x) for x in value.split(os.pathsep)] paths[:0] = [unfrackpath(x) for x in value.split(os.pathsep) if x]
elif isinstance(value, list): elif isinstance(value, list):
paths[:0] = [unfrackpath(x) for x in value] paths[:0] = [unfrackpath(x) for x in value if x]
else: else:
pass # FIXME: should we raise options error? pass # FIXME: should we raise options error?
setattr(parser.values, option.dest, paths) setattr(parser.values, option.dest, paths)
@staticmethod @staticmethod
@ -419,8 +423,8 @@ class CLI(with_metaclass(ABCMeta, object)):
if module_opts: if module_opts:
parser.add_option('-M', '--module-path', dest='module_path', default=None, parser.add_option('-M', '--module-path', dest='module_path', default=None,
help="prepend path(s) to module library (default=%s)" % C.DEFAULT_MODULE_PATH, help="prepend colon-separated path(s) to module library (default=%s)" % C.DEFAULT_MODULE_PATH,
action="callback", callback=CLI.unfrack_path, type='str') action="callback", callback=CLI.unfrack_paths, type='str')
if runtask_opts: if runtask_opts:
parser.add_option('-e', '--extra-vars', dest="extra_vars", action="append", parser.add_option('-e', '--extra-vars', dest="extra_vars", action="append",
help="set additional variables as key=value or YAML/JSON, if filename prepend with @", default=[]) help="set additional variables as key=value or YAML/JSON, if filename prepend with @", default=[])
@ -436,9 +440,6 @@ class CLI(with_metaclass(ABCMeta, object)):
help="vault password file", action="callback", callback=CLI.unfrack_paths, type='string') help="vault password file", action="callback", callback=CLI.unfrack_paths, type='string')
parser.add_option('--new-vault-password-file', default=[], dest='new_vault_password_files', parser.add_option('--new-vault-password-file', default=[], dest='new_vault_password_files',
help="new vault password file for rekey", action="callback", callback=CLI.unfrack_paths, type='string') help="new vault password file for rekey", action="callback", callback=CLI.unfrack_paths, type='string')
parser.add_option('--output', default=None, dest='output_file',
help='output file name for encrypt or decrypt; use - for stdout',
action="callback", callback=CLI.unfrack_path, type='string'),
parser.add_option('--vault-id', default=[], dest='vault_ids', action='append', type='string', parser.add_option('--vault-id', default=[], dest='vault_ids', action='append', type='string',
help='the vault identity to use') help='the vault identity to use')
parser.add_option('--new-vault-id', default=None, dest='new_vault_id', type='string', parser.add_option('--new-vault-id', default=None, dest='new_vault_id', type='string',

View file

@ -66,12 +66,20 @@ class VaultCLI(CLI):
self.new_encrypt_secret = None self.new_encrypt_secret = None
self.new_encrypt_vault_id = None self.new_encrypt_vault_id = None
self.can_output = ['encrypt', 'decrypt', 'encrypt_string']
super(VaultCLI, self).__init__(args) super(VaultCLI, self).__init__(args)
def set_action(self): def set_action(self):
super(VaultCLI, self).set_action() super(VaultCLI, self).set_action()
# add output if needed
if self.action in self.can_output:
self.parser.add_option('--output', default=None, dest='output_file',
help='output file name for encrypt or decrypt; use - for stdout',
action="callback", callback=CLI.unfrack_path, type='string')
# options specific to self.actions # options specific to self.actions
if self.action == "create": if self.action == "create":
self.parser.set_usage("usage: %prog create [options] file_name") self.parser.set_usage("usage: %prog create [options] file_name")
@ -113,16 +121,12 @@ class VaultCLI(CLI):
display.verbosity = self.options.verbosity display.verbosity = self.options.verbosity
can_output = ['encrypt', 'decrypt', 'encrypt_string']
if self.options.vault_ids: if self.options.vault_ids:
for vault_id in self.options.vault_ids: for vault_id in self.options.vault_ids:
if u';' in vault_id: if u';' in vault_id:
raise AnsibleOptionsError("'%s' is not a valid vault id. The character ';' is not allowed in vault ids" % vault_id) raise AnsibleOptionsError("'%s' is not a valid vault id. The character ';' is not allowed in vault ids" % vault_id)
if self.action not in can_output: if self.action not in self.can_output:
if self.options.output_file:
raise AnsibleOptionsError("The --output option can be used only with ansible-vault %s" % '/'.join(can_output))
if len(self.args) == 0: if len(self.args) == 0:
raise AnsibleOptionsError("Vault requires at least one filename as a parameter") raise AnsibleOptionsError("Vault requires at least one filename as a parameter")
else: else:
@ -138,8 +142,7 @@ class VaultCLI(CLI):
if '-' in self.args or len(self.args) == 0 or self.options.encrypt_string_stdin_name: if '-' in self.args or len(self.args) == 0 or self.options.encrypt_string_stdin_name:
self.encrypt_string_read_stdin = True self.encrypt_string_read_stdin = True
# TODO: prompting from stdin and reading from stdin seem # TODO: prompting from stdin and reading from stdin seem mutually exclusive, but verify that.
# mutually exclusive, but verify that.
if self.options.encrypt_string_prompt and self.encrypt_string_read_stdin: if self.options.encrypt_string_prompt and self.encrypt_string_read_stdin:
raise AnsibleOptionsError('The --prompt option is not supported if also reading input from stdin') raise AnsibleOptionsError('The --prompt option is not supported if also reading input from stdin')

View file

@ -84,9 +84,9 @@ class TaskQueueManager:
self._start_at_done = False self._start_at_done = False
# make sure any module paths (if specified) are added to the module_loader # make sure any module paths (if specified) are added to the module_loader
if isinstance(options.module_path, list): if options.module_path:
for path in options.module_path: for path in options.module_path:
if path is not None: if path:
module_loader.add_directory(path) module_loader.add_directory(path)
# a special flag to help us exit cleanly # a special flag to help us exit cleanly

View file

@ -229,6 +229,7 @@ class PluginLoader:
# append the directory and invalidate the path cache # append the directory and invalidate the path cache
self._extra_dirs.append(directory) self._extra_dirs.append(directory)
self._paths = None self._paths = None
display.debug('Added %s to loader search path' % (directory))
def find_plugin(self, name, mod_type='', ignore_deprecated=False, check_aliases=False): def find_plugin(self, name, mod_type='', ignore_deprecated=False, check_aliases=False):
''' Find a plugin named name ''' ''' Find a plugin named name '''