Use a regexp to filter out arguments instead
pipes.quote is a bit overzealous for what we want to do, quoting ; and other characters that you most likely want to use in your shell invocations. The regexp is the best I could come up with to be able to only replace the parts of the arguments that shouldn't be executed.
This commit is contained in:
parent
880328c10f
commit
6477bdc6fc
2 changed files with 24 additions and 14 deletions
|
@ -22,8 +22,8 @@ import subprocess
|
||||||
import sys
|
import sys
|
||||||
import datetime
|
import datetime
|
||||||
import traceback
|
import traceback
|
||||||
|
import re
|
||||||
import shlex
|
import shlex
|
||||||
import pipes
|
|
||||||
import os
|
import os
|
||||||
|
|
||||||
DOCUMENTATION = '''
|
DOCUMENTATION = '''
|
||||||
|
@ -131,7 +131,6 @@ class CommandModule(AnsibleModule):
|
||||||
def _load_params(self):
|
def _load_params(self):
|
||||||
''' read the input and return a dictionary and the arguments string '''
|
''' read the input and return a dictionary and the arguments string '''
|
||||||
args = MODULE_ARGS
|
args = MODULE_ARGS
|
||||||
items = shlex.split(args)
|
|
||||||
params = {}
|
params = {}
|
||||||
params['chdir'] = None
|
params['chdir'] = None
|
||||||
params['shell'] = False
|
params['shell'] = False
|
||||||
|
@ -139,14 +138,13 @@ class CommandModule(AnsibleModule):
|
||||||
args = args.replace("#USE_SHELL", "")
|
args = args.replace("#USE_SHELL", "")
|
||||||
params['shell'] = True
|
params['shell'] = True
|
||||||
|
|
||||||
check_args = shlex.split(args)
|
r = re.compile(r'(^|\s)(creates|removes|chdir)=(?P<quote>[\'"])?(.*?)(?(quote)(?<!\\)(?P=quote))((?<!\\)(?=\s)|$)')
|
||||||
l_args = []
|
for m in r.finditer(args):
|
||||||
for x in check_args:
|
v = m.group(4).replace("\\", "")
|
||||||
if x.startswith("creates="):
|
if m.group(2) == "creates":
|
||||||
# do not run the command if the line contains creates=filename
|
# do not run the command if the line contains creates=filename
|
||||||
# and the filename already exists. This allows idempotence
|
# and the filename already exists. This allows idempotence
|
||||||
# of command executions.
|
# of command executions.
|
||||||
(k,v) = x.split("=",1)
|
|
||||||
if os.path.exists(v):
|
if os.path.exists(v):
|
||||||
self.exit_json(
|
self.exit_json(
|
||||||
cmd=args,
|
cmd=args,
|
||||||
|
@ -156,11 +154,10 @@ class CommandModule(AnsibleModule):
|
||||||
stderr=False,
|
stderr=False,
|
||||||
rc=0
|
rc=0
|
||||||
)
|
)
|
||||||
elif x.startswith("removes="):
|
elif m.group(2) == "removes":
|
||||||
# do not run the command if the line contains removes=filename
|
# do not run the command if the line contains removes=filename
|
||||||
# and the filename do not exists. This allows idempotence
|
# and the filename do not exists. This allows idempotence
|
||||||
# of command executions.
|
# of command executions.
|
||||||
(k,v) = x.split("=",1)
|
|
||||||
if not os.path.exists(v):
|
if not os.path.exists(v):
|
||||||
self.exit_json(
|
self.exit_json(
|
||||||
cmd=args,
|
cmd=args,
|
||||||
|
@ -170,17 +167,15 @@ class CommandModule(AnsibleModule):
|
||||||
stderr=False,
|
stderr=False,
|
||||||
rc=0
|
rc=0
|
||||||
)
|
)
|
||||||
elif x.startswith("chdir="):
|
elif m.group(2) == "chdir":
|
||||||
(k,v) = x.split("=", 1)
|
|
||||||
v = os.path.expanduser(v)
|
v = os.path.expanduser(v)
|
||||||
if not (os.path.exists(v) and os.path.isdir(v)):
|
if not (os.path.exists(v) and os.path.isdir(v)):
|
||||||
self.fail_json(msg="cannot change to directory '%s': path does not exist" % v)
|
self.fail_json(msg="cannot change to directory '%s': path does not exist" % v)
|
||||||
elif v[0] != '/':
|
elif v[0] != '/':
|
||||||
self.fail_json(msg="the path for 'chdir' argument must be fully qualified")
|
self.fail_json(msg="the path for 'chdir' argument must be fully qualified")
|
||||||
params['chdir'] = v
|
params['chdir'] = v
|
||||||
else:
|
args = r.sub("", args)
|
||||||
l_args.append(x)
|
params['args'] = args
|
||||||
params['args'] = " ".join([pipes.quote(x) for x in l_args])
|
|
||||||
return (params, params['args'])
|
return (params, params['args'])
|
||||||
|
|
||||||
main()
|
main()
|
||||||
|
|
|
@ -138,6 +138,21 @@ class TestRunner(unittest.TestCase):
|
||||||
assert 'failed' not in result
|
assert 'failed' not in result
|
||||||
assert result['rc'] == 0
|
assert result['rc'] == 0
|
||||||
|
|
||||||
|
result = self._run('command', [ "creates='/tmp/ansible command test'", "chdir=/tmp", "touch", "'ansible command test'" ])
|
||||||
|
assert 'changed' in result
|
||||||
|
assert result['rc'] == 0
|
||||||
|
|
||||||
|
result = self._run('command', [ "creates='/tmp/ansible command test'", "false" ])
|
||||||
|
assert 'skipped' in result
|
||||||
|
|
||||||
|
result = self._run('shell', [ "removes=/tmp/ansible\\ command\\ test", "chdir=/tmp", "rm -f 'ansible command test'; echo $?" ])
|
||||||
|
assert 'changed' in result
|
||||||
|
assert result['rc'] == 0
|
||||||
|
assert result['stdout'] == '0'
|
||||||
|
|
||||||
|
result = self._run('shell', [ "removes=/tmp/ansible\\ command\\ test", "false" ])
|
||||||
|
assert 'skipped' in result
|
||||||
|
|
||||||
def test_git(self):
|
def test_git(self):
|
||||||
self._run('file',['path=/tmp/gitdemo','state=absent'])
|
self._run('file',['path=/tmp/gitdemo','state=absent'])
|
||||||
self._run('file',['path=/tmp/gd','state=absent'])
|
self._run('file',['path=/tmp/gd','state=absent'])
|
||||||
|
|
Loading…
Reference in a new issue