mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
vars_prompt encrypt from mgw
This commit is contained in:
parent
a7cd16a016
commit
d1f821361d
4 changed files with 67 additions and 8 deletions
|
@ -33,6 +33,14 @@
|
||||||
prompt: "Product release version"
|
prompt: "Product release version"
|
||||||
private: False
|
private: False
|
||||||
|
|
||||||
|
- name: "my_password2"
|
||||||
|
prompt: "Enter password2"
|
||||||
|
private: True
|
||||||
|
encrypt: "md5_crypt"
|
||||||
|
confirm: True
|
||||||
|
salt_size: 7
|
||||||
|
salt: "foo"
|
||||||
|
|
||||||
# this is just a simple example to show that vars_prompt works, but
|
# this is just a simple example to show that vars_prompt works, but
|
||||||
# you might ask for a tag to use with the git module or perhaps
|
# you might ask for a tag to use with the git module or perhaps
|
||||||
# a package version to use with the yum module.
|
# a package version to use with the yum module.
|
||||||
|
|
|
@ -380,15 +380,32 @@ class PlaybookCallbacks(object):
|
||||||
msg = "NOTIFIED: [%s]" % name
|
msg = "NOTIFIED: [%s]" % name
|
||||||
print banner(msg)
|
print banner(msg)
|
||||||
|
|
||||||
def on_vars_prompt(self, varname, private=True, prompt=None):
|
def on_vars_prompt(self, varname, private=True, prompt=None, encrypt=None, confirm=False, salt_size=None, salt=None):
|
||||||
|
|
||||||
if prompt:
|
if prompt:
|
||||||
msg = prompt
|
msg = prompt
|
||||||
else:
|
else:
|
||||||
msg = 'input for %s: ' % varname
|
msg = 'input for %s: ' % varname
|
||||||
if private:
|
|
||||||
return getpass.getpass(msg)
|
def prompt(prompt, private):
|
||||||
return raw_input(msg)
|
if private:
|
||||||
|
return getpass.getpass(prompt)
|
||||||
|
return raw_input(prompt)
|
||||||
|
|
||||||
|
|
||||||
|
if confirm:
|
||||||
|
while True:
|
||||||
|
result = prompt(msg, private)
|
||||||
|
second = prompt("confirm " + msg, private)
|
||||||
|
if result == second: break
|
||||||
|
print "***** VALUES ENTERED DO NOT MATCH ****"
|
||||||
|
else:
|
||||||
|
result = prompt(msg, private)
|
||||||
|
|
||||||
|
if encrypt:
|
||||||
|
result = utils.do_encrypt(result,encrypt,salt_size,salt)
|
||||||
|
|
||||||
|
return result
|
||||||
|
|
||||||
def on_setup(self):
|
def on_setup(self):
|
||||||
|
|
||||||
|
|
|
@ -159,14 +159,23 @@ class Play(object):
|
||||||
for var in self.vars_prompt:
|
for var in self.vars_prompt:
|
||||||
if not 'name' in var:
|
if not 'name' in var:
|
||||||
raise errors.AnsibleError("'vars_prompt' item is missing 'name:'")
|
raise errors.AnsibleError("'vars_prompt' item is missing 'name:'")
|
||||||
|
|
||||||
vname = var['name']
|
vname = var['name']
|
||||||
prompt = "%s: " % var.get("prompt", vname)
|
prompt = "%s: " % var.get("prompt", vname)
|
||||||
private = var.get("private", True)
|
private = var.get("private", True)
|
||||||
vars[vname] = self.playbook.callbacks.on_vars_prompt(vname, private, prompt)
|
|
||||||
|
confirm = var.get("confirm", False)
|
||||||
|
encrypt = var.get("encrypt", None)
|
||||||
|
salt_size = var.get("salt_size", None)
|
||||||
|
salt = var.get("salt", None)
|
||||||
|
|
||||||
|
vars[vname] = self.playbook.callbacks.on_vars_prompt(vname, private, prompt,encrypt, confirm, salt_size, salt)
|
||||||
|
|
||||||
elif type(self.vars_prompt) == dict:
|
elif type(self.vars_prompt) == dict:
|
||||||
for (vname, prompt) in self.vars_prompt.iteritems():
|
for (vname, prompt) in self.vars_prompt.iteritems():
|
||||||
prompt = "%s: " % prompt
|
prompt_msg = "%s: " % prompt
|
||||||
vars[vname] = self.playbook.callbacks.on_vars_prompt(vname, False, prompt)
|
vars[vname] = self.playbook.callbacks.on_vars_prompt(varname=vname, private=False, prompt=prompt_msg)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
raise errors.AnsibleError("'vars_prompt' section is malformed, see docs")
|
raise errors.AnsibleError("'vars_prompt' section is malformed, see docs")
|
||||||
|
|
||||||
|
|
|
@ -42,6 +42,15 @@ try:
|
||||||
except ImportError:
|
except ImportError:
|
||||||
from md5 import md5 as _md5
|
from md5 import md5 as _md5
|
||||||
|
|
||||||
|
# vars_prompt_encrypt
|
||||||
|
PASSLIB_AVAILABLE = False
|
||||||
|
|
||||||
|
try:
|
||||||
|
import passlib.hash
|
||||||
|
PASSLIB_AVAILABLE = True
|
||||||
|
except:
|
||||||
|
pass
|
||||||
|
|
||||||
###############################################################
|
###############################################################
|
||||||
# UTILITY FUNCTIONS FOR COMMAND LINE TOOLS
|
# UTILITY FUNCTIONS FOR COMMAND LINE TOOLS
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -383,5 +392,21 @@ def base_parser(constants=C, usage="", output_opts=False, runas_opts=False, asyn
|
||||||
|
|
||||||
return parser
|
return parser
|
||||||
|
|
||||||
|
def do_encrypt(result, encrypt, salt_size=None, salt=None):
|
||||||
|
if PASSLIB_AVAILABLE:
|
||||||
|
try:
|
||||||
|
crypt = getattr(passlib.hash, encrypt)
|
||||||
|
except:
|
||||||
|
raise errors.AnsibleError("passlib does not support '%s' algorithm" % encrypt)
|
||||||
|
|
||||||
|
if salt_size:
|
||||||
|
result = crypt.encrypt(result, salt_size=salt_size)
|
||||||
|
elif salt:
|
||||||
|
result = crypt.encrypt(result, salt=salt)
|
||||||
|
else:
|
||||||
|
result = crypt.encrypt(result)
|
||||||
|
else:
|
||||||
|
raise errors.AnsibleError("passlib must be installed to encrypt vars_prompt values")
|
||||||
|
|
||||||
|
return result
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue