mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
Fix ansible_sudo_pass inventory variable so that it overrides setting of sudo password from the command line
This commit is contained in:
parent
6824f3a7cc
commit
ed9e164b80
2 changed files with 157 additions and 6 deletions
|
@ -361,7 +361,6 @@ class PlayContext(Base):
|
||||||
if exe_var in variables:
|
if exe_var in variables:
|
||||||
setattr(new_info, 'executable', variables.get(exe_var))
|
setattr(new_info, 'executable', variables.get(exe_var))
|
||||||
|
|
||||||
|
|
||||||
attrs_considered = []
|
attrs_considered = []
|
||||||
for (attr, variable_names) in iteritems(MAGIC_VARIABLE_MAPPING):
|
for (attr, variable_names) in iteritems(MAGIC_VARIABLE_MAPPING):
|
||||||
for variable_name in variable_names:
|
for variable_name in variable_names:
|
||||||
|
@ -377,17 +376,34 @@ class PlayContext(Base):
|
||||||
attrs_considered.append(attr)
|
attrs_considered.append(attr)
|
||||||
# no else, as no other vars should be considered
|
# no else, as no other vars should be considered
|
||||||
|
|
||||||
# make sure we get port defaults if needed
|
# become legacy updates -- from commandline
|
||||||
if new_info.port is None and C.DEFAULT_REMOTE_PORT is not None:
|
|
||||||
new_info.port = int(C.DEFAULT_REMOTE_PORT)
|
|
||||||
|
|
||||||
# become legacy updates
|
|
||||||
if not new_info.become_pass:
|
if not new_info.become_pass:
|
||||||
if new_info.become_method == 'sudo' and new_info.sudo_pass:
|
if new_info.become_method == 'sudo' and new_info.sudo_pass:
|
||||||
setattr(new_info, 'become_pass', new_info.sudo_pass)
|
setattr(new_info, 'become_pass', new_info.sudo_pass)
|
||||||
elif new_info.become_method == 'su' and new_info.su_pass:
|
elif new_info.become_method == 'su' and new_info.su_pass:
|
||||||
setattr(new_info, 'become_pass', new_info.su_pass)
|
setattr(new_info, 'become_pass', new_info.su_pass)
|
||||||
|
|
||||||
|
# become legacy updates -- from inventory file (inventory overrides
|
||||||
|
# commandline)
|
||||||
|
for become_pass_name in MAGIC_VARIABLE_MAPPING.get('become_pass'):
|
||||||
|
if become_pass_name in variables:
|
||||||
|
break
|
||||||
|
else: # This is a for-else
|
||||||
|
if new_info.become_method == 'sudo':
|
||||||
|
for sudo_pass_name in MAGIC_VARIABLE_MAPPING.get('sudo_pass'):
|
||||||
|
if sudo_pass_name in variables:
|
||||||
|
setattr(new_info, 'become_pass', variables[sudo_pass_name])
|
||||||
|
break
|
||||||
|
if new_info.become_method == 'sudo':
|
||||||
|
for su_pass_name in MAGIC_VARIABLE_MAPPING.get('su_pass'):
|
||||||
|
if su_pass_name in variables:
|
||||||
|
setattr(new_info, 'become_pass', variables[su_pass_name])
|
||||||
|
break
|
||||||
|
|
||||||
|
# make sure we get port defaults if needed
|
||||||
|
if new_info.port is None and C.DEFAULT_REMOTE_PORT is not None:
|
||||||
|
new_info.port = int(C.DEFAULT_REMOTE_PORT)
|
||||||
|
|
||||||
# special overrides for the connection setting
|
# special overrides for the connection setting
|
||||||
if len(delegated_vars) > 0:
|
if len(delegated_vars) > 0:
|
||||||
# in the event that we were using local before make sure to reset the
|
# in the event that we were using local before make sure to reset the
|
||||||
|
|
|
@ -166,3 +166,138 @@ class TestPlayContext(unittest.TestCase):
|
||||||
play_context.become_method = 'bad'
|
play_context.become_method = 'bad'
|
||||||
self.assertRaises(AnsibleError, play_context.make_become_cmd, cmd=default_cmd, executable="/bin/bash")
|
self.assertRaises(AnsibleError, play_context.make_become_cmd, cmd=default_cmd, executable="/bin/bash")
|
||||||
|
|
||||||
|
class TestTaskAndVariableOverrride(unittest.TestCase):
|
||||||
|
|
||||||
|
inventory_vars = (
|
||||||
|
('preferred_names',
|
||||||
|
dict(ansible_connection='local',
|
||||||
|
ansible_user='ansibull',
|
||||||
|
ansible_become_user='ansibull',
|
||||||
|
ansible_become_method='su',
|
||||||
|
ansible_become_pass='ansibullwuzhere',),
|
||||||
|
dict(connection='local',
|
||||||
|
remote_user='ansibull',
|
||||||
|
become_user='ansibull',
|
||||||
|
become_method='su',
|
||||||
|
become_pass='ansibullwuzhere',)
|
||||||
|
),
|
||||||
|
('alternate_names',
|
||||||
|
dict(ansible_become_password='ansibullwuzhere',),
|
||||||
|
dict(become_pass='ansibullwuzhere',)
|
||||||
|
),
|
||||||
|
('deprecated_names',
|
||||||
|
dict(ansible_ssh_user='ansibull',
|
||||||
|
ansible_sudo_user='ansibull',
|
||||||
|
ansible_sudo_pass='ansibullwuzhere',),
|
||||||
|
dict(remote_user='ansibull',
|
||||||
|
become_method='sudo',
|
||||||
|
become_user='ansibull',
|
||||||
|
become_pass='ansibullwuzhere',)
|
||||||
|
),
|
||||||
|
('deprecated_names2',
|
||||||
|
dict(ansible_ssh_user='ansibull',
|
||||||
|
ansible_su_user='ansibull',
|
||||||
|
ansible_su_pass='ansibullwuzhere',),
|
||||||
|
dict(remote_user='ansibull',
|
||||||
|
become_method='su',
|
||||||
|
become_user='ansibull',
|
||||||
|
become_pass='ansibullwuzhere',)
|
||||||
|
),
|
||||||
|
('deprecated_alt_names',
|
||||||
|
dict(ansible_sudo_password='ansibullwuzhere',),
|
||||||
|
dict(become_method='sudo',
|
||||||
|
become_pass='ansibullwuzhere',)
|
||||||
|
),
|
||||||
|
('deprecated_alt_names2',
|
||||||
|
dict(ansible_su_password='ansibullwuzhere',),
|
||||||
|
dict(become_method='su',
|
||||||
|
become_pass='ansibullwuzhere',)
|
||||||
|
),
|
||||||
|
('deprecated_and_preferred_names',
|
||||||
|
dict(ansible_user='ansibull',
|
||||||
|
ansible_ssh_user='badbull',
|
||||||
|
ansible_become_user='ansibull',
|
||||||
|
ansible_sudo_user='badbull',
|
||||||
|
ansible_become_method='su',
|
||||||
|
ansible_become_pass='ansibullwuzhere',
|
||||||
|
ansible_sudo_pass='badbull',
|
||||||
|
),
|
||||||
|
dict(connection='local',
|
||||||
|
remote_user='ansibull',
|
||||||
|
become_user='ansibull',
|
||||||
|
become_method='su',
|
||||||
|
become_pass='ansibullwuzhere',)
|
||||||
|
),
|
||||||
|
)
|
||||||
|
|
||||||
|
def setUp(self):
|
||||||
|
parser = CLI.base_parser(
|
||||||
|
runas_opts = True,
|
||||||
|
meta_opts = True,
|
||||||
|
runtask_opts = True,
|
||||||
|
vault_opts = True,
|
||||||
|
async_opts = True,
|
||||||
|
connect_opts = True,
|
||||||
|
subset_opts = True,
|
||||||
|
check_opts = True,
|
||||||
|
inventory_opts = True,
|
||||||
|
)
|
||||||
|
|
||||||
|
(options, args) = parser.parse_args(['-vv', '--check'])
|
||||||
|
|
||||||
|
mock_play = MagicMock()
|
||||||
|
mock_play.connection = 'mock'
|
||||||
|
mock_play.remote_user = 'mock'
|
||||||
|
mock_play.port = 1234
|
||||||
|
mock_play.become = True
|
||||||
|
mock_play.become_method = 'mock'
|
||||||
|
mock_play.become_user = 'mockroot'
|
||||||
|
mock_play.no_log = True
|
||||||
|
|
||||||
|
self.play_context = PlayContext(play=mock_play, options=options)
|
||||||
|
|
||||||
|
mock_task = MagicMock()
|
||||||
|
mock_task.connection = mock_play.connection
|
||||||
|
mock_task.remote_user = mock_play.remote_user
|
||||||
|
mock_task.no_log = mock_play.no_log
|
||||||
|
mock_task.become = mock_play.become
|
||||||
|
mock_task.become_method = mock_play.becom_method
|
||||||
|
mock_task.become_user = mock_play.become_user
|
||||||
|
mock_task.become_pass = 'mocktaskpass'
|
||||||
|
mock_task._local_action = False
|
||||||
|
mock_task.delegate_to = None
|
||||||
|
|
||||||
|
self.mock_task = mock_task
|
||||||
|
|
||||||
|
self.mock_templar = MagicMock()
|
||||||
|
|
||||||
|
def tearDown(self):
|
||||||
|
pass
|
||||||
|
|
||||||
|
def _check_vars_overridden(self):
|
||||||
|
self.assertEqual(play_context.connection, 'mock_inventory')
|
||||||
|
self.assertEqual(play_context.remote_user, 'mocktask')
|
||||||
|
self.assertEqual(play_context.port, 4321)
|
||||||
|
self.assertEqual(play_context.no_log, True)
|
||||||
|
self.assertEqual(play_context.become, True)
|
||||||
|
self.assertEqual(play_context.become_method, "mocktask")
|
||||||
|
self.assertEqual(play_context.become_user, "mocktaskroot")
|
||||||
|
self.assertEqual(play_context.become_pass, "mocktaskpass")
|
||||||
|
|
||||||
|
mock_task.no_log = False
|
||||||
|
play_context = play_context.set_task_and_variable_override(task=mock_task, variables=all_vars, templar=mock_templar)
|
||||||
|
self.assertEqual(play_context.no_log, False)
|
||||||
|
|
||||||
|
def test_override_magic_variables(self):
|
||||||
|
play_context = play_context.set_task_and_variable_override(task=self.mock_task, variables=all_vars, templar=self.mock_templar)
|
||||||
|
|
||||||
|
mock_play.connection = 'mock'
|
||||||
|
mock_play.remote_user = 'mock'
|
||||||
|
mock_play.port = 1234
|
||||||
|
mock_play.become_method = 'mock'
|
||||||
|
mock_play.become_user = 'mockroot'
|
||||||
|
mock_task.become_pass = 'mocktaskpass'
|
||||||
|
# Inventory vars override things set from cli vars (--become, -user,
|
||||||
|
# etc... [notably, not --extravars])
|
||||||
|
for test_name, all_vars, expected in self.inventory_vars:
|
||||||
|
yield self._check_vars_overriden, test_name, all_vars, expected
|
||||||
|
|
Loading…
Reference in a new issue