internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-05-07 22:02:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Moving ConnectionInformation -> PlayContext

Browse Source 
Also making PlayContext a child class of the Playbook Base class,
which gives it access to all of the FieldAttribute code to ensure
field values are correctly typed after post_validation

Fixes #11381
This commit is contained in:
James Cammarata
2015-07-21 12:12:22 -04:00
parent 919aaa5c42
commit e64989beb4
36 changed files with 477 additions and 459 deletions
Download Patch File Download Diff File Expand all files Collapse all files

408
lib/ansible/executor/connection_info.py
View File

@@ -1,408 +0,0 @@
# -*- coding: utf-8 -*-
# (c) 2012-2014, Michael DeHaan <michael.dehaan@gmail.com>
#
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# Make coding more python3-ish
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
import pipes
import random
import re
from ansible import constants as C
from ansible.template import Templar
from ansible.utils.boolean import boolean
from ansible.errors import AnsibleError
__all__ = ['ConnectionInformation']
SU_PROMPT_LOCALIZATIONS = [
'Password',
'암호',
'パスワード',
'Adgangskode',
'Contraseña',
'Contrasenya',
'Hasło',
'Heslo',
'Jelszó',
'Lösenord',
'Mật khẩu',
'Mot de passe',
'Parola',
'Parool',
'Pasahitza',
'Passord',
'Passwort',
'Salasana',
'Sandi',
'Senha',
'Wachtwoord',
'ססמה',
'Лозинка',
'Парола',
'Пароль',
'गुप्तशब्द',
'शब्दकूट',
'సంకేతపదము',
'හස්පදය',
'密码',
'密碼',
]
# the magic variable mapping dictionary below is used to translate
# host/inventory variables to fields in the ConnectionInformation
# object. The dictionary values are tuples, to account for aliases
# in variable names.
MAGIC_VARIABLE_MAPPING = dict(
connection = ('ansible_connection',),
remote_addr = ('ansible_ssh_host', 'ansible_host'),
remote_user = ('ansible_ssh_user', 'ansible_user'),
port = ('ansible_ssh_port', 'ansible_port'),
password = ('ansible_ssh_pass', 'ansible_password'),
private_key_file = ('ansible_ssh_private_key_file', 'ansible_private_key_file'),
shell = ('ansible_shell_type',),
become = ('ansible_become',),
become_method = ('ansible_become_method',),
become_user = ('ansible_become_user',),
become_pass = ('ansible_become_password','ansible_become_pass'),
become_exe = ('ansible_become_exe',),
become_flags = ('ansible_become_flags',),
sudo = ('ansible_sudo',),
sudo_user = ('ansible_sudo_user',),
sudo_pass = ('ansible_sudo_password', 'ansible_sudo_pass'),
sudo_exe = ('ansible_sudo_exe',),
sudo_flags = ('ansible_sudo_flags',),
su = ('ansible_su',),
su_user = ('ansible_su_user',),
su_pass = ('ansible_su_password', 'ansible_su_pass'),
su_exe = ('ansible_su_exe',),
su_flags = ('ansible_su_flags',),
)
SU_PROMPT_LOCALIZATIONS = [
'Password',
'암호',
'パスワード',
'Adgangskode',
'Contraseña',
'Contrasenya',
'Hasło',
'Heslo',
'Jelszó',
'Lösenord',
'Mật khẩu',
'Mot de passe',
'Parola',
'Parool',
'Pasahitza',
'Passord',
'Passwort',
'Salasana',
'Sandi',
'Senha',
'Wachtwoord',
'ססמה',
'Лозинка',
'Парола',
'Пароль',
'गुप्तशब्द',
'शब्दकूट',
'సంకేతపదము',
'හස්පදය',
'密码',
'密碼',
]
class ConnectionInformation:
'''
This class is used to consolidate the connection information for
hosts in a play and child tasks, where the task may override some
connection/authentication information.
'''
def __init__(self, play=None, options=None, passwords=None):
if passwords is None:
passwords = {}
# connection
self.connection = None
self.remote_addr = None
self.remote_user = None
self.password = passwords.get('conn_pass','')
self.port = None
self.private_key_file = C.DEFAULT_PRIVATE_KEY_FILE
self.timeout = C.DEFAULT_TIMEOUT
self.shell = None
# privilege escalation
self.become = None
self.become_method = None
self.become_user = None
self.become_pass = passwords.get('become_pass','')
self.become_exe = None
self.become_flags = None
self.prompt = None
self.success_key = None
# backwards compat
self.sudo_exe = None
self.sudo_flags = None
self.sudo_pass = None
self.su_exe = None
self.su_flags = None
self.su_pass = None
# general flags (should we move out?)
self.verbosity = 0
self.only_tags = set()
self.skip_tags = set()
self.no_log = False
self.check_mode = False
self.force_handlers = False
self.start_at_task = None
self.step = False
#TODO: just pull options setup to above?
# set options before play to allow play to override them
if options:
self.set_options(options)
if play:
self.set_play(play)
def set_play(self, play):
'''
Configures this connection information instance with data from
the play class.
'''
if play.connection:
self.connection = play.connection
if play.remote_user:
self.remote_user = play.remote_user
if play.port:
self.port = int(play.port)
if play.become is not None:
self.become = play.become
if play.become_method:
self.become_method = play.become_method
if play.become_user:
self.become_user = play.become_user
# non connection related
self.no_log = play.no_log
self.environment = play.environment
if play.force_handlers is not None:
self.force_handlers = play.force_handlers
def set_options(self, options):
'''
Configures this connection information instance with data from
options specified by the user on the command line. These have a
higher precedence than those set on the play or host.
'''
if options.connection:
self.connection = options.connection
self.remote_user = options.remote_user
self.private_key_file = options.private_key_file
# privilege escalation
self.become = options.become
self.become_method = options.become_method
self.become_user = options.become_user
# general flags (should we move out?)
if options.verbosity:
self.verbosity = options.verbosity
#if options.no_log:
# self.no_log = boolean(options.no_log)
if options.check:
self.check_mode = boolean(options.check)
if hasattr(options, 'force_handlers') and options.force_handlers:
self.force_handlers = boolean(options.force_handlers)
if hasattr(options, 'step') and options.step:
self.step = boolean(options.step)
if hasattr(options, 'start_at_task') and options.start_at_task:
self.start_at_task = options.start_at_task
# get the tag info from options, converting a comma-separated list
# of values into a proper list if need be. We check to see if the
# options have the attribute, as it is not always added via the CLI
if hasattr(options, 'tags'):
if isinstance(options.tags, list):
self.only_tags.update(options.tags)
elif isinstance(options.tags, basestring):
self.only_tags.update(options.tags.split(','))
if len(self.only_tags) == 0:
self.only_tags = set(['all'])
if hasattr(options, 'skip_tags'):
if isinstance(options.skip_tags, list):
self.skip_tags.update(options.skip_tags)
elif isinstance(options.skip_tags, basestring):
self.skip_tags.update(options.skip_tags.split(','))
def copy(self, ci):
'''
Copies the connection info from another connection info object, used
when merging in data from task overrides.
'''
for field in self._get_fields():
value = getattr(ci, field, None)
if isinstance(value, dict):
setattr(self, field, value.copy())
elif isinstance(value, set):
setattr(self, field, value.copy())
elif isinstance(value, list):
setattr(self, field, value[:])
else:
setattr(self, field, value)
def set_task_and_host_override(self, task, host):
'''
Sets attributes from the task if they are set, which will override
those from the play.
'''
new_info = ConnectionInformation()
new_info.copy(self)
# loop through a subset of attributes on the task object and set
# connection fields based on their values
for attr in ('connection', 'remote_user', 'become', 'become_user', 'become_pass', 'become_method', 'environment', 'no_log'):
if hasattr(task, attr):
attr_val = getattr(task, attr)
if attr_val is not None:
setattr(new_info, attr, attr_val)
# finally, use the MAGIC_VARIABLE_MAPPING dictionary to update this
# connection info object with 'magic' variables from inventory
variables = host.get_vars()
for (attr, variable_names) in MAGIC_VARIABLE_MAPPING.iteritems():
for variable_name in variable_names:
if variable_name in variables:
setattr(new_info, attr, variables[variable_name])
# become legacy updates
if not new_info.become_pass:
if new_info.become_method == 'sudo' and new_info.sudo_pass:
setattr(new_info, 'become_pass', new_info.sudo_pass)
elif new_info.become_method == 'su' and new_info.su_pass:
setattr(new_info, 'become_pass', new_info.su_pass)
return new_info
def make_become_cmd(self, cmd, executable=None):
""" helper function to create privilege escalation commands """
prompt = None
success_key = None
if executable is None:
executable = C.DEFAULT_EXECUTABLE
if self.become:
becomecmd = None
randbits = ''.join(chr(random.randint(ord('a'), ord('z'))) for x in xrange(32))
success_key = 'BECOME-SUCCESS-%s' % randbits
#executable = executable or '$SHELL'
success_cmd = pipes.quote('echo %s; %s' % (success_key, cmd))
if self.become_method == 'sudo':
# Rather than detect if sudo wants a password this time, -k makes sudo always ask for
# a password if one is required. Passing a quoted compound command to sudo (or sudo -s)
# directly doesn't work, so we shellquote it with pipes.quote() and pass the quoted
# string to the user's shell. We loop reading output until we see the randomly-generated
# sudo prompt set with the -p option.
prompt = '[sudo via ansible, key=%s] password: ' % randbits
exe = self.become_exe or self.sudo_exe or 'sudo'
flags = self.become_flags or self.sudo_flags or ''
becomecmd = '%s -k && %s %s -S -p "%s" -u %s %s -c %s' % \
(exe, exe, flags or C.DEFAULT_SUDO_FLAGS, prompt, self.become_user, executable, success_cmd)
elif self.become_method == 'su':
def detect_su_prompt(data):
SU_PROMPT_LOCALIZATIONS_RE = re.compile("|".join(['(\w+\'s )?' + x + ' ?: ?' for x in SU_PROMPT_LOCALIZATIONS]), flags=re.IGNORECASE)
return bool(SU_PROMPT_LOCALIZATIONS_RE.match(data))
prompt = detect_su_prompt
exe = self.become_exe or self.su_exe or 'su'
flags = self.become_flags or self.su_flags or ''
becomecmd = '%s %s %s -c "%s -c %s"' % (exe, flags, self.become_user, executable, success_cmd)
elif self.become_method == 'pbrun':
prompt='assword:'
exe = self.become_exe or 'pbrun'
flags = self.become_flags or ''
becomecmd = '%s -b %s -u %s %s' % (exe, flags, self.become_user, success_cmd)
elif self.become_method == 'pfexec':
exe = self.become_exe or 'pfexec'
flags = self.become_flags or ''
# No user as it uses it's own exec_attr to figure it out
becomecmd = '%s %s "%s"' % (exe, flags, success_cmd)
else:
raise AnsibleError("Privilege escalation method not found: %s" % self.become_method)
self.prompt = prompt
self.success_key = success_key
return ('%s -c ' % executable) + pipes.quote(becomecmd)
return cmd
def _get_fields(self):
return [i for i in self.__dict__.keys() if i[:1] != '_']
def post_validate(self, templar):
'''
Finalizes templated values which may be set on this objects fields.
'''
for field in self._get_fields():
value = templar.template(getattr(self, field))
setattr(self, field, value)
def update_vars(self, variables):
'''
Adds 'magic' variables relating to connections to the variable dictionary provided.
In case users need to access from the play, this is a legacy from runner.
'''
#FIXME: remove password? possibly add become/sudo settings
for special_var in ['ansible_connection', 'ansible_ssh_host', 'ansible_ssh_pass', 'ansible_ssh_port', 'ansible_ssh_user', 'ansible_ssh_private_key_file']:
if special_var not in variables:
for prop, varnames in MAGIC_VARIABLE_MAPPING.items():
if special_var in varnames:
variables[special_var] = getattr(self, prop)

8
lib/ansible/executor/play_iterator.py
View File

@@ -89,12 +89,12 @@ class PlayIterator:
FAILED_RESCUE = 4
FAILED_ALWAYS = 8
def __init__(self, inventory, play, connection_info, all_vars):
def __init__(self, inventory, play, play_context, all_vars):
self._play = play
self._blocks = []
for block in self._play.compile():
new_block = block.filter_tagged_tasks(connection_info, all_vars)
new_block = block.filter_tagged_tasks(play_context, all_vars)
if new_block.has_tasks():
self._blocks.append(new_block)
@@ -103,12 +103,12 @@ class PlayIterator:
self._host_states[host.name] = HostState(blocks=self._blocks)
# if we're looking to start at a specific task, iterate through
# the tasks for this host until we find the specified task
if connection_info.start_at_task is not None:
if play_context.start_at_task is not None:
while True:
(s, task) = self.get_next_task_for_host(host, peek=True)
if s.run_state == self.ITERATING_COMPLETE:
break
if task.get_name() != connection_info.start_at_task:
if task.get_name() != play_context.start_at_task:
self.get_next_task_for_host(host)
else:
break

6
lib/ansible/executor/process/worker.py
View File

@@ -94,7 +94,7 @@ class WorkerProcess(multiprocessing.Process):
try:
if not self._main_q.empty():
debug("there's work to be done!")
(host, task, basedir, job_vars, connection_info, shared_loader_obj) = self._main_q.get(block=False)
(host, task, basedir, job_vars, play_context, shared_loader_obj) = self._main_q.get(block=False)
debug("got a task/handler to work on: %s" % task)
# because the task queue manager starts workers (forks) before the
@@ -111,11 +111,11 @@ class WorkerProcess(multiprocessing.Process):
# apply the given task's information to the connection info,
# which may override some fields already set by the play or
# the options specified on the command line
new_connection_info = connection_info.set_task_and_host_override(task=task, host=host)
new_play_context = play_context.set_task_and_host_override(task=task, host=host)
# execute the task and build a TaskResult from the result
debug("running TaskExecutor() for %s/%s" % (host, task))
executor_result = TaskExecutor(host, task, job_vars, new_connection_info, self._new_stdin, self._loader, shared_loader_obj).run()
executor_result = TaskExecutor(host, task, job_vars, new_play_context, self._new_stdin, self._loader, shared_loader_obj).run()
debug("done running TaskExecutor() for %s/%s" % (host, task))
task_result = TaskResult(host, task, executor_result)

43
lib/ansible/executor/task_executor.py
View File

@@ -27,7 +27,6 @@ import time
from ansible import constants as C
from ansible.errors import AnsibleError, AnsibleParserError
from ansible.executor.connection_info import ConnectionInformation
from ansible.playbook.conditional import Conditional
from ansible.playbook.task import Task
from ansible.plugins import lookup_loader, connection_loader, action_loader
@@ -52,11 +51,11 @@ class TaskExecutor:
# the module
SQUASH_ACTIONS = frozenset(('apt', 'yum', 'pkgng', 'zypper', 'dnf'))
def __init__(self, host, task, job_vars, connection_info, new_stdin, loader, shared_loader_obj):
def __init__(self, host, task, job_vars, play_context, new_stdin, loader, shared_loader_obj):
self._host = host
self._task = task
self._job_vars = job_vars
self._connection_info = connection_info
self._play_context = play_context
self._new_stdin = new_stdin
self._loader = loader
self._shared_loader_obj = shared_loader_obj
@@ -208,11 +207,11 @@ class TaskExecutor:
# fields set from the play/task may be based on variables, so we have to
# do the same kind of post validation step on it here before we use it.
self._connection_info.post_validate(templar=templar)
self._play_context.post_validate(templar=templar)
# now that the connection information is finalized, we can add 'magic'
# now that the play context is finalized, we can add 'magic'
# variables to the variable dictionary
self._connection_info.update_vars(variables)
self._play_context.update_vars(variables)
# Evaluate the conditional (if any) for this task, which we do before running
# the final task post-validation. We do this before the post validation due to
@@ -362,7 +361,7 @@ class TaskExecutor:
'normal',
task=async_task,
connection=self._connection,
connection_info=self._connection_info,
play_context=self._play_context,
loader=self._loader,
templar=templar,
shared_loader_obj=self._shared_loader_obj,
@@ -392,16 +391,16 @@ class TaskExecutor:
# FIXME: delegate_to calculation should be done here
# FIXME: calculation of connection params/auth stuff should be done here
if not self._connection_info.remote_addr:
self._connection_info.remote_addr = self._host.ipv4_address
if not self._play_context.remote_addr:
self._play_context.remote_addr = self._host.ipv4_address
if self._task.delegate_to is not None:
self._compute_delegate(variables)
conn_type = self._connection_info.connection
conn_type = self._play_context.connection
if conn_type == 'smart':
conn_type = 'ssh'
if sys.platform.startswith('darwin') and self._connection_info.password:
if sys.platform.startswith('darwin') and self._play_context.password:
# due to a current bug in sshpass on OSX, which can trigger
# a kernel panic even for non-privileged users, we revert to
# paramiko on that OS when a SSH password is specified
@@ -413,7 +412,7 @@ class TaskExecutor:
if "Bad configuration option" in err:
conn_type = "paramiko"
connection = connection_loader.get(conn_type, self._connection_info, self._new_stdin)
connection = connection_loader.get(conn_type, self._play_context, self._new_stdin)
if not connection:
raise AnsibleError("the connection plugin '%s' was not found" % conn_type)
@@ -437,7 +436,7 @@ class TaskExecutor:
handler_name,
task=self._task,
connection=connection,
connection_info=self._connection_info,
play_context=self._play_context,
loader=self._loader,
templar=templar,
shared_loader_obj=self._shared_loader_obj,
@@ -458,16 +457,16 @@ class TaskExecutor:
this_info = {}
# get the real ssh_address for the delegate and allow ansible_ssh_host to be templated
#self._connection_info.remote_user = self._compute_delegate_user(self.delegate_to, delegate['inject'])
self._connection_info.remote_addr = this_info.get('ansible_ssh_host', self._task.delegate_to)
self._connection_info.port = this_info.get('ansible_ssh_port', self._connection_info.port)
self._connection_info.password = this_info.get('ansible_ssh_pass', self._connection_info.password)
self._connection_info.private_key_file = this_info.get('ansible_ssh_private_key_file', self._connection_info.private_key_file)
self._connection_info.connection = this_info.get('ansible_connection', C.DEFAULT_TRANSPORT)
self._connection_info.become_pass = this_info.get('ansible_sudo_pass', self._connection_info.become_pass)
#self._play_context.remote_user = self._compute_delegate_user(self.delegate_to, delegate['inject'])
self._play_context.remote_addr = this_info.get('ansible_ssh_host', self._task.delegate_to)
self._play_context.port = this_info.get('ansible_ssh_port', self._play_context.port)
self._play_context.password = this_info.get('ansible_ssh_pass', self._play_context.password)
self._play_context.private_key_file = this_info.get('ansible_ssh_private_key_file', self._play_context.private_key_file)
self._play_context.connection = this_info.get('ansible_connection', C.DEFAULT_TRANSPORT)
self._play_context.become_pass = this_info.get('ansible_sudo_pass', self._play_context.become_pass)
if self._connection_info.remote_addr in ('127.0.0.1', 'localhost'):
self._connection_info.connection = 'local'
if self._play_context.remote_addr in ('127.0.0.1', 'localhost'):
self._play_context.connection = 'local'
# Last chance to get private_key_file from global variables.
# this is useful if delegated host is not defined in the inventory

12
lib/ansible/executor/task_queue_manager.py
View File

@@ -27,11 +27,11 @@ import sys
from ansible import constants as C
from ansible.errors import AnsibleError
from ansible.executor.connection_info import ConnectionInformation
from ansible.executor.play_iterator import PlayIterator
from ansible.executor.process.worker import WorkerProcess
from ansible.executor.process.result import ResultProcess
from ansible.executor.stats import AggregateStats
from ansible.playbook.play_context import PlayContext
from ansible.plugins import callback_loader, strategy_loader
from ansible.template import Templar
@@ -236,10 +236,10 @@ class TaskQueueManager:
new_play = play.copy()
new_play.post_validate(templar)
connection_info = ConnectionInformation(new_play, self._options, self.passwords)
play_context = PlayContext(new_play, self._options, self.passwords)
for callback_plugin in self._callback_plugins:
if hasattr(callback_plugin, 'set_connection_info'):
callback_plugin.set_connection_info(connection_info)
if hasattr(callback_plugin, 'set_play_context'):
callback_plugin.set_play_context(play_context)
self.send_callback('v2_playbook_on_play_start', new_play)
@@ -252,10 +252,10 @@ class TaskQueueManager:
raise AnsibleError("Invalid play strategy specified: %s" % new_play.strategy, obj=play._ds)
# build the iterator
iterator = PlayIterator(inventory=self._inventory, play=new_play, connection_info=connection_info, all_vars=all_vars)
iterator = PlayIterator(inventory=self._inventory, play=new_play, play_context=play_context, all_vars=all_vars)
# and run the play using the strategy
return strategy.run(iterator, connection_info)
return strategy.run(iterator, play_context)
def cleanup(self):
debug("RUNNING CLEANUP")