1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

vars_prompt encrypt from mgw

This commit is contained in:
Rodney Quillo 2012-08-09 22:56:40 +08:00
parent a7cd16a016
commit d1f821361d
4 changed files with 67 additions and 8 deletions

View file

@ -33,6 +33,14 @@
prompt: "Product release version" prompt: "Product release version"
private: False private: False
- name: "my_password2"
prompt: "Enter password2"
private: True
encrypt: "md5_crypt"
confirm: True
salt_size: 7
salt: "foo"
# this is just a simple example to show that vars_prompt works, but # this is just a simple example to show that vars_prompt works, but
# you might ask for a tag to use with the git module or perhaps # you might ask for a tag to use with the git module or perhaps
# a package version to use with the yum module. # a package version to use with the yum module.

View file

@ -380,15 +380,32 @@ class PlaybookCallbacks(object):
msg = "NOTIFIED: [%s]" % name msg = "NOTIFIED: [%s]" % name
print banner(msg) print banner(msg)
def on_vars_prompt(self, varname, private=True, prompt=None): def on_vars_prompt(self, varname, private=True, prompt=None, encrypt=None, confirm=False, salt_size=None, salt=None):
if prompt: if prompt:
msg = prompt msg = prompt
else: else:
msg = 'input for %s: ' % varname msg = 'input for %s: ' % varname
if private:
return getpass.getpass(msg) def prompt(prompt, private):
return raw_input(msg) if private:
return getpass.getpass(prompt)
return raw_input(prompt)
if confirm:
while True:
result = prompt(msg, private)
second = prompt("confirm " + msg, private)
if result == second: break
print "***** VALUES ENTERED DO NOT MATCH ****"
else:
result = prompt(msg, private)
if encrypt:
result = utils.do_encrypt(result,encrypt,salt_size,salt)
return result
def on_setup(self): def on_setup(self):

View file

@ -159,14 +159,23 @@ class Play(object):
for var in self.vars_prompt: for var in self.vars_prompt:
if not 'name' in var: if not 'name' in var:
raise errors.AnsibleError("'vars_prompt' item is missing 'name:'") raise errors.AnsibleError("'vars_prompt' item is missing 'name:'")
vname = var['name'] vname = var['name']
prompt = "%s: " % var.get("prompt", vname) prompt = "%s: " % var.get("prompt", vname)
private = var.get("private", True) private = var.get("private", True)
vars[vname] = self.playbook.callbacks.on_vars_prompt(vname, private, prompt)
confirm = var.get("confirm", False)
encrypt = var.get("encrypt", None)
salt_size = var.get("salt_size", None)
salt = var.get("salt", None)
vars[vname] = self.playbook.callbacks.on_vars_prompt(vname, private, prompt,encrypt, confirm, salt_size, salt)
elif type(self.vars_prompt) == dict: elif type(self.vars_prompt) == dict:
for (vname, prompt) in self.vars_prompt.iteritems(): for (vname, prompt) in self.vars_prompt.iteritems():
prompt = "%s: " % prompt prompt_msg = "%s: " % prompt
vars[vname] = self.playbook.callbacks.on_vars_prompt(vname, False, prompt) vars[vname] = self.playbook.callbacks.on_vars_prompt(varname=vname, private=False, prompt=prompt_msg)
else: else:
raise errors.AnsibleError("'vars_prompt' section is malformed, see docs") raise errors.AnsibleError("'vars_prompt' section is malformed, see docs")

View file

@ -42,6 +42,15 @@ try:
except ImportError: except ImportError:
from md5 import md5 as _md5 from md5 import md5 as _md5
# vars_prompt_encrypt
PASSLIB_AVAILABLE = False
try:
import passlib.hash
PASSLIB_AVAILABLE = True
except:
pass
############################################################### ###############################################################
# UTILITY FUNCTIONS FOR COMMAND LINE TOOLS # UTILITY FUNCTIONS FOR COMMAND LINE TOOLS
############################################################### ###############################################################
@ -383,5 +392,21 @@ def base_parser(constants=C, usage="", output_opts=False, runas_opts=False, asyn
return parser return parser
def do_encrypt(result, encrypt, salt_size=None, salt=None):
if PASSLIB_AVAILABLE:
try:
crypt = getattr(passlib.hash, encrypt)
except:
raise errors.AnsibleError("passlib does not support '%s' algorithm" % encrypt)
if salt_size:
result = crypt.encrypt(result, salt_size=salt_size)
elif salt:
result = crypt.encrypt(result, salt=salt)
else:
result = crypt.encrypt(result)
else:
raise errors.AnsibleError("passlib must be installed to encrypt vars_prompt values")
return result