Fixes #6820 fix erroneous missing vault password error when using the template module

2014-04-04 13:05:33 -04:00 · 2014-04-04 13:05:33 -04:00 · 5a65dc3b6a
commit 5a65dc3b6a
parent 466ab0a9d6
4 changed files with 6 additions and 6 deletions
--- a/lib/ansible/runner/init.py
+++ b/lib/ansible/runner/init.py
@ -83,15 +83,16 @@ def _executor_hook(job_queue, result_queue, new_stdin):
 class HostVars(dict):
    ''' A special view of vars_cache that adds values from the inventory when needed. '''

-    def __init__(self, vars_cache, inventory):
+    def __init__(self, vars_cache, inventory, vault_password=None):
        self.vars_cache = vars_cache
        self.inventory = inventory
        self.lookup = dict()
        self.update(vars_cache)
+        self.vault_password = vault_password

    def __getitem__(self, host):
        if host not in self.lookup:
-            result = self.inventory.get_variables(host)
+            result = self.inventory.get_variables(host, vault_password=self.vault_password)
            result.update(self.vars_cache.get(host, {}))
            self.lookup[host] = result
        return self.lookup[host]
@ -563,7 +564,7 @@ class Runner(object):
        inject = utils.combine_vars(inject, module_vars)
        inject = utils.combine_vars(inject, combined_cache.get(host, {}))
        inject.setdefault('ansible_ssh_user', self.remote_user)
-        inject['hostvars'] = HostVars(combined_cache, self.inventory)
+        inject['hostvars'] = HostVars(combined_cache, self.inventory, vault_password=self.vault_pass)
        inject['group_names'] = host_variables.get('group_names', [])
        inject['groups']      = self.inventory.groups_list()
        inject['vars']        = self.module_vars
--- a/lib/ansible/runner/action_plugins/template.py
+++ b/lib/ansible/runner/action_plugins/template.py
@ -85,7 +85,7 @@ class ActionModule(object):

        # template the source data locally & get ready to transfer
        try:
-            resultant = template.template_from_file(self.runner.basedir, source, inject)
+            resultant = template.template_from_file(self.runner.basedir, source, inject, vault_password=self.runner.vault_pass)
        except Exception, e:
            result = dict(failed=True, msg=str(e))
            return ReturnData(conn=conn, comm_ok=False, result=result)
--- a/lib/ansible/utils/template.py
+++ b/lib/ansible/utils/template.py
@ -199,7 +199,7 @@ class J2Template(jinja2.environment.Template):
    def new_context(self, vars=None, shared=False, locals=None):
        return jinja2.runtime.Context(self.environment, vars.add_locals(locals), self.name, self.blocks)

-def template_from_file(basedir, path, vars):
+def template_from_file(basedir, path, vars, vault_password=None):
    ''' run a file through the templating engine '''

    fail_on_undefined = C.DEFAULT_UNDEFINED_VAR_BEHAVIOR
--- a/lib/ansible/utils/vault.py
+++ b/lib/ansible/utils/vault.py
@ -451,7 +451,6 @@ class VaultAES256(object):
        derivedkey = PBKDF2(password, salt, dkLen=(2 * keylength) + ivlength, 
                            count=10000, prf=pbkdf2_prf)

-        #import epdb; epdb.st()
        key1 = derivedkey[:keylength]
        key2 = derivedkey[keylength:(keylength * 2)]
        iv = derivedkey[(keylength * 2):(keylength * 2) + ivlength]