Allow ansible_ssh_args to be set as an inventory variable

Before this change, ssh_args could be set only in the [ssh_connection] section of ansible.cfg, and was applied to all hosts. Now it's possible to set ansible_ssh_args as an inventory variable (directly, or through group_vars or host_vars) to selectively override the global setting. Note that the default ControlPath settings are applied only if ssh_args is not set, and this is true of ansible_ssh_args as well. So if you want to override ssh_args but continue to set ControlPath, you'll need to repeat the appropriate options when setting ansible_ssh_args. (If you only need to add options to the default ssh_args, you may be able to use the ansible_ssh_extra_args inventory variable instead.)
2015-08-10 20:48:50 +05:30 · 2015-08-10 20:48:50 +05:30 · 49f8edd035
commit 49f8edd035
parent 37c1a5b679
2 changed files with 9 additions and 4 deletions
--- a/docsite/rst/intro_inventory.rst
+++ b/docsite/rst/intro_inventory.rst
@ -211,9 +211,11 @@ SSH connection::
      The ssh password to use (this is insecure, we strongly recommend using --ask-pass or SSH keys)
    ansible_ssh_private_key_file
      Private key file used by ssh.  Useful if using multiple keys and you don't want to use SSH agent.
+    ansible_ssh_args
+      This setting overrides any ``ssh_args`` configured in ``ansible.cfg``.
    ansible_ssh_extra_args
      Additional arguments for ssh. Useful to configure a ``ProxyCommand`` for a certain host (or group).
-      This is used in addition to any ``ssh_args`` configured in ``ansible.cfg``.
+      This is used in addition to any ``ssh_args`` configured in ``ansible.cfg`` or the inventory.

 Privilege escalation (see :doc:`Ansible Privilege Escalation<become>` for further details)::

--- a/lib/ansible/plugins/connections/ssh.py
+++ b/lib/ansible/plugins/connections/ssh.py
@ -59,11 +59,14 @@ class Connection(ConnectionBase):

        self.host = self._play_context.remote_addr
        self.ssh_extra_args = ''
+        self.ssh_args = ''

    def set_host_overrides(self, host):
        v = host.get_vars()
        if 'ansible_ssh_extra_args' in v:
            self.ssh_extra_args = v['ansible_ssh_extra_args']
+        if 'ansible_ssh_args' in v:
+            self.ssh_args = v['ansible_ssh_args']

    @property
    def transport(self):
@ -78,10 +81,10 @@ class Connection(ConnectionBase):
        if self._connected:
            return self

-        extra_args = C.ANSIBLE_SSH_ARGS
-        if extra_args is not None:
+        ssh_args = self.ssh_args or C.ANSIBLE_SSH_ARGS
+        if ssh_args is not None:
            # make sure there is no empty string added as this can produce weird errors
-            self._common_args += [x.strip() for x in shlex.split(extra_args) if x.strip()]
+            self._common_args += [x.strip() for x in shlex.split(ssh_args) if x.strip()]
        else:
            self._common_args += (
                "-o", "ControlMaster=auto",