diff --git a/lib/ansible/executor/module_common.py b/lib/ansible/executor/module_common.py index bae447c7df..8402f21217 100644 --- a/lib/ansible/executor/module_common.py +++ b/lib/ansible/executor/module_common.py @@ -748,7 +748,8 @@ def _find_module_utils(module_name, b_module_data, module_path, module_args, tas # the write lock. Go ahead and read the data from disk # instead of re-creating it. try: - zipdata = open(cached_module_filename, 'rb').read() + with open(cached_module_filename, 'rb') as f: + zipdata = f.read() except IOError: raise AnsibleError('A different worker process failed to create module file. ' 'Look at traceback for that process for debugging information.') diff --git a/lib/ansible/module_utils/crypto.py b/lib/ansible/module_utils/crypto.py index bad31324e5..151ea958eb 100644 --- a/lib/ansible/module_utils/crypto.py +++ b/lib/ansible/module_utils/crypto.py @@ -80,15 +80,16 @@ def load_privatekey(path, passphrase=None): """Load the specified OpenSSL private key.""" try: - if passphrase: - privatekey = crypto.load_privatekey(crypto.FILETYPE_PEM, - open(path, 'rb').read(), - to_bytes(passphrase)) - else: - privatekey = crypto.load_privatekey(crypto.FILETYPE_PEM, - open(path, 'rb').read()) + with open(path, 'rb') as b_priv_key_fh: + priv_key_detail = b_priv_key_fh.read() - return privatekey + if passphrase: + return crypto.load_privatekey(crypto.FILETYPE_PEM, + priv_key_detail, + to_bytes(passphrase)) + else: + return crypto.load_privatekey(crypto.FILETYPE_PEM, + priv_key_detail) except (IOError, OSError) as exc: raise OpenSSLObjectError(exc) @@ -97,9 +98,9 @@ def load_certificate(path): """Load the specified certificate.""" try: - cert_content = open(path, 'rb').read() - cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert_content) - return cert + with open(path, 'rb') as cert_fh: + cert_content = cert_fh.read() + return crypto.load_certificate(crypto.FILETYPE_PEM, cert_content) except (IOError, OSError) as exc: raise OpenSSLObjectError(exc) @@ -108,9 +109,9 @@ def load_certificate_request(path): """Load the specified certificate signing request.""" try: - csr_content = open(path, 'rb').read() - csr = crypto.load_certificate_request(crypto.FILETYPE_PEM, csr_content) - return csr + with open(path, 'rb') as csr_fh: + csr_content = csr_fh.read() + return crypto.load_certificate_request(crypto.FILETYPE_PEM, csr_content) except (IOError, OSError) as exc: raise OpenSSLObjectError(exc) diff --git a/lib/ansible/module_utils/facts/virtual/linux.py b/lib/ansible/module_utils/facts/virtual/linux.py index 68edc14cb4..420b2d3ac9 100644 --- a/lib/ansible/module_utils/facts/virtual/linux.py +++ b/lib/ansible/module_utils/facts/virtual/linux.py @@ -195,7 +195,9 @@ class LinuxVirtual(Virtual): # Check whether this is a RHEV hypervisor (is vdsm running ?) for f in glob.glob('/proc/[0-9]*/comm'): try: - if open(f).read().rstrip() == 'vdsm': + with open(f) as virt_fh: + comm_content = virt_fh.read().rstrip() + if comm_content == 'vdsm': virtual_facts['virtualization_type'] = 'RHEV' break except Exception: diff --git a/lib/ansible/module_utils/network/aci/aci.py b/lib/ansible/module_utils/network/aci/aci.py index f697c8a02e..13f686bdd8 100644 --- a/lib/ansible/module_utils/network/aci/aci.py +++ b/lib/ansible/module_utils/network/aci/aci.py @@ -231,7 +231,9 @@ class ACIModule(object): self.params['certificate_name'] = os.path.basename(os.path.splitext(self.params['private_key'])[0]) try: - sig_key = load_privatekey(FILETYPE_PEM, open(self.params['private_key'], 'r').read()) + with open(self.params['private_key'], 'r') as priv_key_fh: + private_key_content = priv_key_fh.read() + sig_key = load_privatekey(FILETYPE_PEM, private_key_content) except Exception: self.module.fail_json(msg='Cannot load private key %s' % self.params['private_key']) diff --git a/lib/ansible/module_utils/network/common/config.py b/lib/ansible/module_utils/network/common/config.py index fe9b8894a5..5e6420c199 100644 --- a/lib/ansible/module_utils/network/common/config.py +++ b/lib/ansible/module_utils/network/common/config.py @@ -203,7 +203,8 @@ class NetworkConfig(object): self._items = self.parse(s) def loadfp(self, fp): - return self.load(open(fp).read()) + with open(fp) as f: + return self.load(f.read()) def parse(self, lines, comment_tokens=None): toplevel = re.compile(r'\S') diff --git a/lib/ansible/module_utils/rabbitmq.py b/lib/ansible/module_utils/rabbitmq.py index 21f784f7e1..d99f9bece2 100644 --- a/lib/ansible/module_utils/rabbitmq.py +++ b/lib/ansible/module_utils/rabbitmq.py @@ -88,12 +88,11 @@ class RabbitClient(): ''' Consider some file size limits here ''' def _read_file(self, path): try: - fh = open(path, "rb").read() + with open(path, "rb") as file_handle: + return file_handle.read() except IOError as e: self.module.fail_json(msg="Unable to open file %s: %s" % (path, to_native(e))) - return fh - @staticmethod def _check_file_mime_type(path): mime = MimeTypes() diff --git a/lib/ansible/modules/cloud/amazon/cloudformation.py b/lib/ansible/modules/cloud/amazon/cloudformation.py index c314cd923a..d57c69947f 100644 --- a/lib/ansible/modules/cloud/amazon/cloudformation.py +++ b/lib/ansible/modules/cloud/amazon/cloudformation.py @@ -623,7 +623,8 @@ def main(): stack_params['StackName'] = module.params['stack_name'] if module.params['template'] is not None: - stack_params['TemplateBody'] = open(module.params['template'], 'r').read() + with open(module.params['template'], 'r') as template_fh: + stack_params['TemplateBody'] = template_fh.read() elif module.params['template_body'] is not None: stack_params['TemplateBody'] = module.params['template_body'] elif module.params['template_url'] is not None: @@ -636,7 +637,8 @@ def main(): # can't check the policy when verifying. if module.params['stack_policy'] is not None and not module.check_mode and not module.params['create_changeset']: - stack_params['StackPolicyBody'] = open(module.params['stack_policy'], 'r').read() + with open(module.params['stack_policy'], 'r') as stack_policy_fh: + stack_params['StackPolicyBody'] = stack_policy_fh.read() template_parameters = module.params['template_parameters'] diff --git a/lib/ansible/modules/cloud/amazon/iam_cert.py b/lib/ansible/modules/cloud/amazon/iam_cert.py index ffa7fdabf6..3476bf052e 100644 --- a/lib/ansible/modules/cloud/amazon/iam_cert.py +++ b/lib/ansible/modules/cloud/amazon/iam_cert.py @@ -218,11 +218,14 @@ def cert_action(module, iam, name, cpath, new_name, new_path, state, def load_data(cert, key, cert_chain): # if paths are provided rather than lookups read the files and return the contents if cert and os.path.isfile(cert): - cert = open(cert, 'r').read().rstrip() + with open(cert, 'r') as cert_fh: + cert = cert_fh.read().rstrip() if key and os.path.isfile(key): - key = open(key, 'r').read().rstrip() + with open(key, 'r') as key_fh: + key = key_fh.read().rstrip() if cert_chain and os.path.isfile(cert_chain): - cert_chain = open(cert_chain, 'r').read() + with open(cert_chain, 'r') as cert_chain_fh: + cert_chain = cert_chain_fh.read() return cert, key, cert_chain diff --git a/lib/ansible/modules/cloud/openstack/os_keypair.py b/lib/ansible/modules/cloud/openstack/os_keypair.py index ac3e566a51..707fba0bd7 100644 --- a/lib/ansible/modules/cloud/openstack/os_keypair.py +++ b/lib/ansible/modules/cloud/openstack/os_keypair.py @@ -115,8 +115,8 @@ def main(): public_key = module.params['public_key'] if module.params['public_key_file']: - public_key = open(module.params['public_key_file']).read() - public_key = public_key.rstrip() + with open(module.params['public_key_file']) as public_key_fh: + public_key = public_key_fh.read().rstrip() sdk, cloud = openstack_cloud_from_module(module) try: diff --git a/lib/ansible/modules/crypto/openssl_pkcs12.py b/lib/ansible/modules/crypto/openssl_pkcs12.py index 9122766fe1..1f92134684 100644 --- a/lib/ansible/modules/crypto/openssl_pkcs12.py +++ b/lib/ansible/modules/crypto/openssl_pkcs12.py @@ -255,8 +255,9 @@ class Pkcs(crypto_utils.OpenSSLObject): try: self.remove() - - p12 = crypto.load_pkcs12(open(self.src, 'rb').read(), + with open(self.src, 'rb') as pkcs12_fh: + pkcs12_content = pkcs12_fh.read() + p12 = crypto.load_pkcs12(pkcs12_content, self.passphrase) pkey = crypto.dump_privatekey(crypto.FILETYPE_PEM, p12.get_privatekey()) diff --git a/lib/ansible/modules/crypto/openssl_publickey.py b/lib/ansible/modules/crypto/openssl_publickey.py index 8765daaba2..bfc3ade425 100644 --- a/lib/ansible/modules/crypto/openssl_publickey.py +++ b/lib/ansible/modules/crypto/openssl_publickey.py @@ -170,7 +170,8 @@ class PublicKey(crypto_utils.OpenSSLObject): if not self.check(module, perms_required=False) or self.force: try: if self.format == 'OpenSSH': - privatekey_content = open(self.privatekey_path, 'rb').read() + with open(self.privatekey_path, 'rb') as private_key_fh: + privatekey_content = private_key_fh.read() key = crypto_serialization.load_pem_private_key(privatekey_content, password=self.privatekey_passphrase, backend=default_backend()) @@ -212,7 +213,8 @@ class PublicKey(crypto_utils.OpenSSLObject): return False try: - publickey_content = open(self.path, 'rb').read() + with open(self.path, 'rb') as public_key_fh: + publickey_content = public_key_fh.read() if self.format == 'OpenSSH': current_publickey = crypto_serialization.load_ssh_public_key(publickey_content, backend=default_backend()) publickey_content = current_publickey.public_bytes(crypto_serialization.Encoding.PEM, diff --git a/lib/ansible/modules/files/assemble.py b/lib/ansible/modules/files/assemble.py index d1b26dd7bc..ce92191e08 100644 --- a/lib/ansible/modules/files/assemble.py +++ b/lib/ansible/modules/files/assemble.py @@ -128,7 +128,8 @@ def assemble_from_fragments(src_path, delimiter=None, compiled_regexp=None, igno fragment = os.path.join(src_path, f) if not os.path.isfile(fragment) or (ignore_hidden and os.path.basename(fragment).startswith('.')): continue - fragment_content = open(fragment, 'rb').read() + with open(fragment, 'rb') as fragment_fh: + fragment_content = fragment_fh.read() # always put a newline between fragments if the previous fragment didn't end with a newline. if add_newline: diff --git a/lib/ansible/modules/files/unarchive.py b/lib/ansible/modules/files/unarchive.py index 2060323cfc..f8a53101ea 100644 --- a/lib/ansible/modules/files/unarchive.py +++ b/lib/ansible/modules/files/unarchive.py @@ -170,7 +170,9 @@ ZIP_FILE_MODE_RE = re.compile(r'([r-][w-][SsTtx-]){3}') def crc32(path): ''' Return a CRC32 checksum of a file ''' - return binascii.crc32(open(path, 'rb').read()) & 0xffffffff + with open(path, 'rb') as f: + file_content = f.read() + return binascii.crc32(file_content) & 0xffffffff def shell_escape(string): diff --git a/lib/ansible/modules/net_tools/basics/slurp.py b/lib/ansible/modules/net_tools/basics/slurp.py index a92d3736f0..84c9ae2fa8 100644 --- a/lib/ansible/modules/net_tools/basics/slurp.py +++ b/lib/ansible/modules/net_tools/basics/slurp.py @@ -79,7 +79,9 @@ def main(): if not os.access(source, os.R_OK): module.fail_json(msg="file is not readable: %s" % source) - data = base64.b64encode(open(source, 'rb').read()) + with open(source, 'rb') as source_fh: + source_content = source_fh.read() + data = base64.b64encode(source_content) module.exit_json(content=data, source=source, encoding='base64') diff --git a/lib/ansible/modules/system/at.py b/lib/ansible/modules/system/at.py index f679c50189..9516687679 100644 --- a/lib/ansible/modules/system/at.py +++ b/lib/ansible/modules/system/at.py @@ -108,7 +108,8 @@ def get_matching_jobs(module, at_cmd, script_file): return matching_jobs # Read script_file into a string. - script_file_string = open(script_file).read().strip() + with open(script_file) as script_fh: + script_file_string = script_fh.read().strip() # Loop through the jobs. # If the script text is contained in a job add job number to list. diff --git a/lib/ansible/modules/system/service.py b/lib/ansible/modules/system/service.py index 8ed4189304..9d2f292563 100644 --- a/lib/ansible/modules/system/service.py +++ b/lib/ansible/modules/system/service.py @@ -686,12 +686,15 @@ class LinuxService(Service): override_file_name = "%s/%s.override" % (initpath, self.name) # Check to see if files contain the manual line in .conf and fail if True - if manreg.search(open(conf_file_name).read()): + with open(conf_file_name) as conf_file_fh: + conf_file_content = conf_file_fh.read() + if manreg.search(conf_file_content): self.module.fail_json(msg="manual stanza not supported in a .conf file") self.changed = False if os.path.exists(override_file_name): - override_file_contents = open(override_file_name).read() + with open(override_file_name) as override_fh: + override_file_contents = override_fh.read() # Remove manual stanza if present and service enabled if self.enable and manreg.search(override_file_contents): self.changed = True diff --git a/lib/ansible/modules/utilities/logic/async_status.py b/lib/ansible/modules/utilities/logic/async_status.py index 32dcdb2388..ed21eb27ce 100644 --- a/lib/ansible/modules/utilities/logic/async_status.py +++ b/lib/ansible/modules/utilities/logic/async_status.py @@ -77,8 +77,8 @@ def main(): data = None try: - data = open(log_path).read() - data = json.loads(data) + with open(log_path) as f: + data = json.loads(f.read()) except Exception: if not data: # file not written yet? That means it is running diff --git a/lib/ansible/modules/web_infrastructure/jenkins_plugin.py b/lib/ansible/modules/web_infrastructure/jenkins_plugin.py index 34dcc28889..16c0aef2e9 100644 --- a/lib/ansible/modules/web_infrastructure/jenkins_plugin.py +++ b/lib/ansible/modules/web_infrastructure/jenkins_plugin.py @@ -430,8 +430,9 @@ class JenkinsPlugin(object): md5sum_old = None if os.path.isfile(plugin_file): # Make the checksum of the currently installed plugin - md5sum_old = hashlib.md5( - open(plugin_file, 'rb').read()).hexdigest() + with open(plugin_file, 'rb') as md5_plugin_fh: + md5_plugin_content = md5_plugin_fh.read() + md5sum_old = hashlib.md5(md5_plugin_content).hexdigest() if self.params['version'] in [None, 'latest']: # Take latest version @@ -482,7 +483,9 @@ class JenkinsPlugin(object): plugin_data = self._download_updates() try: - sha1_old = hashlib.sha1(open(plugin_file, 'rb').read()) + with open(plugin_file, 'rb') as sha1_plugin_fh: + sha1_plugin_content = sha1_plugin_fh.read() + sha1_old = hashlib.sha1(sha1_plugin_content) except Exception as e: self.module.fail_json( msg="Cannot calculate SHA1 of the old plugin.", diff --git a/lib/ansible/plugins/action/assemble.py b/lib/ansible/plugins/action/assemble.py index 6fb394bd96..d874c7090b 100644 --- a/lib/ansible/plugins/action/assemble.py +++ b/lib/ansible/plugins/action/assemble.py @@ -52,7 +52,8 @@ class ActionModule(ActionBase): if not os.path.isfile(fragment) or (ignore_hidden and os.path.basename(fragment).startswith('.')): continue - fragment_content = open(self._loader.get_real_file(fragment, decrypt=decrypt), 'rb').read() + with open(self._loader.get_real_file(fragment, decrypt=decrypt), 'rb') as fragment_fh: + fragment_content = fragment_fh.read() # always put a newline between fragments if the previous fragment didn't end with a newline. if add_newline: diff --git a/lib/ansible/plugins/connection/saltstack.py b/lib/ansible/plugins/connection/saltstack.py index a93516950c..aacbf048f6 100644 --- a/lib/ansible/plugins/connection/saltstack.py +++ b/lib/ansible/plugins/connection/saltstack.py @@ -86,7 +86,8 @@ class Connection(ConnectionBase): out_path = self._normalize_path(out_path, '/') self._display.vvv("PUT %s TO %s" % (in_path, out_path), host=self.host) - content = open(in_path).read() + with open(in_path) as in_fh: + content = in_fh.read() self.client.cmd(self.host, 'file.write', [out_path, content]) # TODO test it diff --git a/lib/ansible/plugins/filter/network.py b/lib/ansible/plugins/filter/network.py index 6d54a90004..3f266fa5bf 100644 --- a/lib/ansible/plugins/filter/network.py +++ b/lib/ansible/plugins/filter/network.py @@ -93,7 +93,10 @@ def parse_cli(output, tmpl): except ImportError as exc: raise AnsibleError(to_native(exc)) - spec = yaml.safe_load(open(tmpl).read()) + with open(tmpl) as tmpl_fh: + tmpl_content = tmpl_fh.read() + + spec = yaml.safe_load(tmpl_content) obj = {} for name, attrs in iteritems(spec['keys']): @@ -330,7 +333,10 @@ def parse_xml(output, tmpl): except ImportError as exc: raise AnsibleError(to_native(exc)) - spec = yaml.safe_load(open(tmpl).read()) + with open(tmpl) as tmpl_fh: + tmpl_content = tmpl_fh.read() + + spec = yaml.safe_load(tmpl_content) obj = {} for name, attrs in iteritems(spec['keys']):