1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

optionally supports waiting for the password to be available

This commit is contained in:
Rick Mendes 2015-06-09 08:55:58 -07:00 committed by Matt Clay
parent 110388be11
commit 1286364498

View file

@ -15,7 +15,7 @@ options:
required: true required: true
key_file: key_file:
description: description:
- path to the file containing the key pair used on the instance - Path to the file containing the key pair used on the instance.
required: true required: true
key_passphrase: key_passphrase:
version_added: "2.0" version_added: "2.0"
@ -28,6 +28,18 @@ options:
required: false required: false
default: null default: null
aliases: [ 'aws_region', 'ec2_region' ] aliases: [ 'aws_region', 'ec2_region' ]
wait:
version_added: "2.0"
description:
- Whether or not to wait for the password to be available before returning.
required: false
default: "no"
choices: [ "yes", "no" ]
wait_timeout:
version_added: "2.0"
description:
- Number of seconds to wait before giving up.
default: 120
extends_documentation_fragment: aws extends_documentation_fragment: aws
''' '''
@ -51,12 +63,24 @@ tasks:
region: us-east-1 region: us-east-1
key_file: "~/aws-creds/my_protected_test_key.pem" key_file: "~/aws-creds/my_protected_test_key.pem"
key_passphrase: "secret" key_passphrase: "secret"
# Example of waiting for a password
tasks:
- name: get the Administrator password
ec2_win_password:
profile: my-boto-profile
instance_id: i-XXXXXX
region: us-east-1
key_file: "~/aws-creds/my_test_key.pem"
wait: yes
wait_timeout: 45
''' '''
from base64 import b64decode from base64 import b64decode
from os.path import expanduser from os.path import expanduser
from Crypto.Cipher import PKCS1_v1_5 from Crypto.Cipher import PKCS1_v1_5
from Crypto.PublicKey import RSA from Crypto.PublicKey import RSA
import datetime
try: try:
import boto.ec2 import boto.ec2
@ -70,6 +94,8 @@ def main():
instance_id = dict(required=True), instance_id = dict(required=True),
key_file = dict(required=True), key_file = dict(required=True),
key_passphrase = dict(default=None), key_passphrase = dict(default=None),
wait = dict(type='bool', default=False),
wait_timeout = dict(default=120),
) )
) )
module = AnsibleModule(argument_spec=argument_spec) module = AnsibleModule(argument_spec=argument_spec)
@ -80,11 +106,28 @@ def main():
instance_id = module.params.get('instance_id') instance_id = module.params.get('instance_id')
key_file = expanduser(module.params.get('key_file')) key_file = expanduser(module.params.get('key_file'))
key_passphrase = module.params.get('key_passphrase') key_passphrase = module.params.get('key_passphrase')
wait = module.params.get('wait')
wait_timeout = int(module.params.get('wait_timeout'))
ec2 = ec2_connect(module) ec2 = ec2_connect(module)
data = ec2.get_password_data(instance_id) if wait:
decoded = b64decode(data) start = datetime.datetime.now()
end = start + datetime.timedelta(seconds=wait_timeout)
while datetime.datetime.now() < end:
data = ec2.get_password_data(instance_id)
decoded = b64decode(data)
if wait and not decoded:
time.sleep(5)
else:
break
else:
data = ec2.get_password_data(instance_id)
decoded = b64decode(data)
if wait and datetime.datetime.now() >= end:
module.fail_json(msg = "wait for password timeout after %d seconds" % wait_timeout)
f = open(key_file, 'r') f = open(key_file, 'r')
key = RSA.importKey(f.read(), key_passphrase) key = RSA.importKey(f.read(), key_passphrase)
@ -92,14 +135,18 @@ def main():
sentinel = 'password decryption failed!!!' sentinel = 'password decryption failed!!!'
try: try:
decrypted = cipher.decrypt(decoded, sentinel) decrypted = cipher.decrypt(decoded, sentinel)
except ValueError as e: except ValueError as e:
decrypted = None decrypted = None
if decrypted == None: if decrypted == None:
module.exit_json(win_password='', changed=False) module.exit_json(win_password='', changed=False)
else: else:
module.exit_json(win_password=decrypted, changed=True) if wait:
elapsed = datetime.datetime.now() - start
module.exit_json(win_password=decrypted, changed=True, elapsed=elapsed.seconds)
else:
module.exit_json(win_password=decrypted, changed=True)
# import module snippets # import module snippets
from ansible.module_utils.basic import * from ansible.module_utils.basic import *