added password prompting and become/sudo/su collapsing

2015-03-21 01:19:07 -04:00 · 2015-03-21 01:19:07 -04:00 · edb1bd25dd
commit edb1bd25dd
parent 9d3a63945d
3 changed files with 65 additions and 11 deletions
--- a/v2/ansible/utils/cli.py
+++ b/v2/ansible/utils/cli.py
@ -24,9 +24,11 @@ import optparse
 import os
 import time
 import yaml
 import getpass
 from ansible import __version__
 from ansible import constants as C
 from ansible.utils.unicode import to_bytes
 # FIXME: documentation for methods here, which have mostly been
 #        copied directly over from the old utils/__init__.py
@ -231,6 +233,51 @@ def _gitinfo():
    f.close()
    return result
 def ask_passwords(options):
    sshpass = None
    becomepass = None
    vaultpass = None
    become_prompt = ''
    if options.ask_pass:
        sshpass = getpass.getpass(prompt="SSH password: ")
        become_prompt = "%s password[defaults to SSH password]: " % options.become_method.upper()
        if sshpass:
            sshpass = to_bytes(sshpass, errors='strict', nonstring='simplerepr')
    else:
        become_prompt = "%s password: " % options.become_method.upper()
    if options.become_ask_pass:
        becomepass = getpass.getpass(prompt=become_prompt)
        if options.ask_pass and becomepass == '':
            becomepass = sshpass
        if becomepass:
            becomepass = to_bytes(becomepass)
    if options.ask_vault_pass:
        vaultpass = getpass.getpass(prompt="Vault password: ")
        if vaultpass:
            vaultpass = to_bytes(vaultpass, errors='strict', nonstring='simplerepr').strip()
    return (sshpass, becomepass, vaultpass)
 def normalize_become_options(options):
    ''' this keeps backwards compatibility with sudo/su options '''
    options.become_ask_pass = options.become_ask_pass or options.ask_sudo_pass or options.ask_su_pass or C.DEFAULT_BECOME_ASK_PASS
    options.become_user = options.become_user or options.sudo_user or options.su_user or C.DEFAULT_BECOME_USER
    if options.become:
        pass
    elif options.sudo:
        options.become = True
        options.become_method = 'sudo'
    elif options.su:
        options.become = True
        options.become_method = 'su'
 def validate_conflicts(parser, options):
    # Check for vault related conflicts
--- a/v2/bin/ansible
+++ b/v2/bin/ansible
@ -29,7 +29,7 @@ from ansible.inventory import Inventory
 from ansible.parsing import DataLoader
 from ansible.parsing.splitter import parse_kv
 from ansible.playbook.play import Play
-from ansible.utils.cli import base_parser, validate_conflicts
+from ansible.utils.cli import base_parser, validate_conflicts, normalize_become_options, ask_passwords
 from ansible.vars import VariableManager
 ########################################################
@ -79,11 +79,14 @@ class Cli(object):
        #-------------------------------------------------------------------------------
        # FIXME: the password asking stuff needs to be ported over still
        #-------------------------------------------------------------------------------
-        #sshpass    = None
+        sshpass    = None
-        #sudopass   = None
+        becomepass    = None
-        #su_pass    = None
+        vault_pass = None
-        #vault_pass = None
+
-        #
+        normalize_become_options(options)
        (sshpass, becomepass, vault_pass) = ask_passwords(options)
        #options.ask_pass = options.ask_pass or C.DEFAULT_ASK_PASS
        ## Never ask for an SSH password when we run with local connection
        #if options.connection == "local":
--- a/v2/bin/ansible-playbook
+++ b/v2/bin/ansible-playbook
@ -12,7 +12,7 @@ from ansible.parsing import DataLoader
 from ansible.parsing.splitter import parse_kv
 from ansible.playbook import Playbook
 from ansible.playbook.task import Task
-from ansible.utils.cli import base_parser, validate_conflicts
+from ansible.utils.cli import base_parser, validate_conflicts, normalize_become_options, ask_passwords
 from ansible.utils.unicode import to_unicode
 from ansible.utils.vars import combine_vars
 from ansible.utils.vault import read_vault_file
@ -55,11 +55,15 @@ def main(args):
    validate_conflicts(parser,options)
    # Manage passwords
    sshpass    = None
    becomepass    = None
    vault_pass = None
-    if options.ask_vault_pass:
+
-        # FIXME: prompt here
+    normalize_become_options(options)
-        pass
+    (sshpass, becomepass, vault_pass) = ask_passwords(options)
-    elif options.vault_password_file:
+
    if options.vault_password_file:
        # read vault_pass from a file
        vault_pass = read_vault_file(options.vault_password_file)