From f12c6e0946ce0f8bd31ffed48cb8fcf1961024af Mon Sep 17 00:00:00 2001 From: Brian Coca Date: Wed, 20 Sep 2017 14:53:25 -0400 Subject: [PATCH] moved from eval to templating + literal_eval --- lib/ansible/config/base.yml | 4 ++-- lib/ansible/config/manager.py | 13 ++----------- lib/ansible/constants.py | 23 +++++++++++++++-------- 3 files changed, 19 insertions(+), 21 deletions(-) diff --git a/lib/ansible/config/base.yml b/lib/ansible/config/base.yml index 1b016d79d0..504b17ce5b 100644 --- a/lib/ansible/config/base.yml +++ b/lib/ansible/config/base.yml @@ -723,7 +723,7 @@ DEFAULT_MODULE_COMPRESSION: # - name: ansible_module_compression DEFAULT_MODULE_LANG: name: Target language environment - default: eval(os.getenv('LANG', 'en_US.UTF-8')) + default: "{{CONTROLER_LANG}}" description: "Language locale setting to use for modules when they execute on the target, if empty it defaults to 'en_US.UTF-8'" env: [{name: ANSIBLE_MODULE_LANG}] ini: @@ -1255,7 +1255,7 @@ INVENTORY_ENABLED: type: list INVENTORY_IGNORE_EXTS: name: Inventory ignore extensions - default: eval(BLACKLIST_EXTS + ( '~', '.orig', '.ini', '.cfg', '.retry')) + default: "{{(BLACKLIST_EXTS + ( '~', '.orig', '.ini', '.cfg', '.retry'))}}" description: List of extensions to ignore when using a directory as an inventory source env: [{name: ANSIBLE_INVENTORY_IGNORE}] ini: diff --git a/lib/ansible/config/manager.py b/lib/ansible/config/manager.py index 860d1dfd2a..46024a3404 100644 --- a/lib/ansible/config/manager.py +++ b/lib/ansible/config/manager.py @@ -317,18 +317,9 @@ class ConfigManager(object): if value is None: value = defs[config].get('default') origin = 'default' - # FIXME: moved eval to constants as this does not have access to previous vars - if plugin_type is None and isinstance(value, string_types) and (value.startswith('eval(') and value.endswith(')')): + # skip typing as this is a temlated default that will be resolved later in constants, which has needed vars + if plugin_type is None and isinstance(value, string_types) and (value.startswith('{{') and value.endswith('}}')): return value, origin - #default_value = defs[config].get('default') - #if plugin_type is None and isinstance(default_value, string_types) and (default_value.startswith('eval(') and default_value.endswith(')')): - # try: - # eval_string = default_value.replace('eval(', '', 1)[:-1] - # value = eval(eval_string) # FIXME: safe eval? - # except: - # value = default_value - #else: - # value = default_value # ensure correct type try: diff --git a/lib/ansible/constants.py b/lib/ansible/constants.py index 744b67f63c..049febd2c9 100644 --- a/lib/ansible/constants.py +++ b/lib/ansible/constants.py @@ -7,6 +7,9 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type import os # used to set lang and for backwards compat get_config + +from ast import literal_eval +from jinja2 import Template from string import ascii_letters, digits from ansible.module_utils._text import to_text @@ -57,7 +60,6 @@ def set_constant(name, value, export=vars()): ### CONSTANTS ### yes, actual ones -BLACKLIST_EXTS = ('.pyc', '.pyo', '.swp', '.bak', '~', '.rpm', '.md', '.txt') BECOME_METHODS = ['sudo', 'su', 'pbrun', 'pfexec', 'doas', 'dzdo', 'ksu', 'runas', 'pmrun'] BECOME_ERROR_STRINGS = { 'sudo': 'Sorry, try again.', @@ -79,7 +81,9 @@ BECOME_MISSING_STRINGS = { 'ksu': 'No password given', 'pmrun': '' } # FIXME: deal with i18n +BLACKLIST_EXTS = ('.pyc', '.pyo', '.swp', '.bak', '~', '.rpm', '.md', '.txt') BOOL_TRUE = BOOLEANS_TRUE +CONTROLER_LANG = os.getenv('LANG', 'en_US.UTF-8') DEFAULT_BECOME_PASS = None DEFAULT_PASSWORD_CHARS = to_text(ascii_letters + digits + ".,:-_", errors='strict') # characters included in auto-generated passwords DEFAULT_SUDO_PASS = None @@ -105,13 +109,16 @@ for setting in config.data.get_settings(): value = setting.value if setting.origin == 'default' and \ isinstance(setting.value, string_types) and \ - (setting.value.startswith('eval(') and setting.value.endswith(')')): + (setting.value.startswith('{{') and setting.value.endswith('}}')): try: - # FIXME: find better way to do in manager class and/or ensure types - eval_string = setting.value.replace('eval(', '', 1)[:-1] - value = ensure_type(eval(eval_string), setting.type) # FIXME: safe eval? + t = Template(setting.value) + value = t.render(vars()) + try: + value = literal_eval(value) + except ValueError: + pass # not a python data structure except: - # FIXME: should we warn? - pass + pass # not templatable + value = ensure_type(value, setting.name) - set_constant(setting.name, value or setting.value) + set_constant(setting.name, value)