From b6c52ce1158223c14a70882ed7ccf96b10bd01c4 Mon Sep 17 00:00:00 2001 From: James Cammarata Date: Wed, 1 Jul 2015 11:32:44 -0400 Subject: [PATCH] Allow role variables to be optionally kept in a private scope --- examples/ansible.cfg | 5 +++++ lib/ansible/constants.py | 1 + lib/ansible/vars/__init__.py | 6 ++++-- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/examples/ansible.cfg b/examples/ansible.cfg index 3800a9ea46..ac10f62d9e 100644 --- a/examples/ansible.cfg +++ b/examples/ansible.cfg @@ -71,6 +71,11 @@ timeout = 10 # this can also be set to 'merge'. #hash_behaviour = replace +# by default, variables from roles will be visible in the global variable +# scope. To prevent this, the following option can be enabled, and only +# tasks and handlers within the role will see the variables there +#private_role_vars = yes + # list any Jinja2 extensions to enable here: #jinja2_extensions = jinja2.ext.do,jinja2.ext.i18n diff --git a/lib/ansible/constants.py b/lib/ansible/constants.py index db0cabb10f..b291c371b8 100644 --- a/lib/ansible/constants.py +++ b/lib/ansible/constants.py @@ -129,6 +129,7 @@ DEFAULT_MANAGED_STR = get_config(p, DEFAULTS, 'ansible_managed', None, DEFAULT_SYSLOG_FACILITY = get_config(p, DEFAULTS, 'syslog_facility', 'ANSIBLE_SYSLOG_FACILITY', 'LOG_USER') DEFAULT_KEEP_REMOTE_FILES = get_config(p, DEFAULTS, 'keep_remote_files', 'ANSIBLE_KEEP_REMOTE_FILES', False, boolean=True) DEFAULT_HASH_BEHAVIOUR = get_config(p, DEFAULTS, 'hash_behaviour', 'ANSIBLE_HASH_BEHAVIOUR', 'replace') +DEFAULT_PRIVATE_ROLE_VARS = get_config(p, DEFAULTS, 'private_role_vars', 'ANSIBLE_PRIVATE_ROLE_VARS', False, boolean=True) DEFAULT_JINJA2_EXTENSIONS = get_config(p, DEFAULTS, 'jinja2_extensions', 'ANSIBLE_JINJA2_EXTENSIONS', None) DEFAULT_EXECUTABLE = get_config(p, DEFAULTS, 'executable', 'ANSIBLE_EXECUTABLE', '/bin/sh') DEFAULT_GATHERING = get_config(p, DEFAULTS, 'gathering', 'ANSIBLE_GATHERING', 'implicit').lower() diff --git a/lib/ansible/vars/__init__.py b/lib/ansible/vars/__init__.py index 4e8d6bda3c..6531b6a320 100644 --- a/lib/ansible/vars/__init__.py +++ b/lib/ansible/vars/__init__.py @@ -197,8 +197,10 @@ class VariableManager: # whether or not vars files errors should be fatal at this # stage, or just base it on whether a host was specified? pass - for role in play.get_roles(): - all_vars = self._combine_vars(all_vars, role.get_vars()) + + if not C.DEFAULT_PRIVATE_ROLE_VARS: + for role in play.get_roles(): + all_vars = self._combine_vars(all_vars, role.get_vars()) if host: all_vars = self._combine_vars(all_vars, self._vars_cache.get(host.get_name(), dict()))