ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Code Releases Activity

win_copy: added decrypt option (#31291)

Browse source
This commit is contained in:
Jordan Borean 2017-10-10 08:21:25 +10:00 committed by GitHub
parent 1353aae456
commit f2bc89a880
3 changed files with 77 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/ansible/modules/windows/win_copy.py
View file

@ -28,6 +28,12 @@ options:
specified value. This is for simple values, for anything complex or with specified value. This is for simple values, for anything complex or with
formatting please switch to the template module. formatting please switch to the template module.
version_added: "2.3" version_added: "2.3"
decrypt:
description:
- This option controls the autodecryption of source files using vault.
type: bool
default: 'yes'
version_added: "2.5"
dest: dest:
description: description:
- Remote absolute path where the file should be copied to. If src is a - Remote absolute path where the file should be copied to. If src is a

12
lib/ansible/plugins/action/win_copy.py
View file

@ -22,7 +22,7 @@ from ansible.plugins.action import ActionBase
from ansible.utils.hashing import checksum from ansible.utils.hashing import checksum
def _walk_dirs(topdir, loader, base_path=None, local_follow=False, trailing_slash_detector=None, checksum_check=False): def _walk_dirs(topdir, loader, decrypt=True, base_path=None, local_follow=False, trailing_slash_detector=None, checksum_check=False):
""" """
Walk a filesystem tree returning enough information to copy the files. Walk a filesystem tree returning enough information to copy the files.
This is similar to the _walk_dirs function in ``copy.py`` but returns This is similar to the _walk_dirs function in ``copy.py`` but returns
@ -31,6 +31,7 @@ def _walk_dirs(topdir, loader, base_path=None, local_follow=False, trailing_slas
:arg topdir: The directory that the filesystem tree is rooted at :arg topdir: The directory that the filesystem tree is rooted at
:arg loader: The self._loader object from ActionBase :arg loader: The self._loader object from ActionBase
:kwarg decrypt: Whether to decrypt a file encrypted with ansible-vault
:kwarg base_path: The initial directory structure to strip off of the :kwarg base_path: The initial directory structure to strip off of the
files for the destination directory. If this is None (the default), files for the destination directory. If this is None (the default),
the base_path is set to ``top_dir``. the base_path is set to ``top_dir``.
@ -101,7 +102,7 @@ def _walk_dirs(topdir, loader, base_path=None, local_follow=False, trailing_slas
if os.path.islink(filepath): if os.path.islink(filepath):
# Dereference the symlnk # Dereference the symlnk
real_file = loader.get_real_file(os.path.realpath(filepath), decrypt=True) real_file = loader.get_real_file(os.path.realpath(filepath), decrypt=decrypt)
if local_follow and os.path.isfile(real_file): if local_follow and os.path.isfile(real_file):
# Add the file pointed to by the symlink # Add the file pointed to by the symlink
r_files['files'].append( r_files['files'].append(
@ -116,7 +117,7 @@ def _walk_dirs(topdir, loader, base_path=None, local_follow=False, trailing_slas
r_files['symlinks'].append({"src": os.readlink(filepath), "dest": dest_filepath}) r_files['symlinks'].append({"src": os.readlink(filepath), "dest": dest_filepath})
else: else:
# Just a normal file # Just a normal file
real_file = loader.get_real_file(filepath, decrypt=True) real_file = loader.get_real_file(filepath, decrypt=decrypt)
r_files['files'].append( r_files['files'].append(
{ {
"src": real_file, "src": real_file,
@ -340,6 +341,7 @@ class ActionModule(ActionBase):
remote_src = boolean(self._task.args.get('remote_src', False), strict=False) remote_src = boolean(self._task.args.get('remote_src', False), strict=False)
local_follow = boolean(self._task.args.get('local_follow', False), strict=False) local_follow = boolean(self._task.args.get('local_follow', False), strict=False)
force = boolean(self._task.args.get('force', True), strict=False) force = boolean(self._task.args.get('force', True), strict=False)
decrypt = boolean(self._task.args.get('decrypt', True), strict=False)
result['src'] = source result['src'] = source
result['dest'] = dest result['dest'] = dest
@ -414,7 +416,7 @@ class ActionModule(ActionBase):
result['operation'] = 'folder_copy' result['operation'] = 'folder_copy'
# Get a list of the files we want to replicate on the remote side # Get a list of the files we want to replicate on the remote side
source_files = _walk_dirs(source, self._loader, local_follow=local_follow, source_files = _walk_dirs(source, self._loader, decrypt=decrypt, local_follow=local_follow,
trailing_slash_detector=self._connection._shell.path_has_trailing_slash, trailing_slash_detector=self._connection._shell.path_has_trailing_slash,
checksum_check=force) checksum_check=force)
@ -430,7 +432,7 @@ class ActionModule(ActionBase):
# If the local file does not exist, get_real_file() raises AnsibleFileNotFound # If the local file does not exist, get_real_file() raises AnsibleFileNotFound
try: try:
source_full = self._loader.get_real_file(source, decrypt=True) source_full = self._loader.get_real_file(source, decrypt=decrypt)
except AnsibleFileNotFound as e: except AnsibleFileNotFound as e:
result['failed'] = True result['failed'] = True
result['msg'] = "could not find src=%s, %s" % (source_full, to_text(e)) result['msg'] = "could not find src=%s, %s" % (source_full, to_text(e))

64
test/integration/targets/win_copy/tasks/tests.yml
View file

@ -443,6 +443,70 @@
state: absent state: absent
delegate_to: localhost delegate_to: localhost
- name: copy an encrypted file without decrypting
win_copy:
src: '{{role_path}}/files-different/vault/vault-file'
dest: '{{test_win_copy_path}}\vault-file'
decrypt: no
register: copy_encrypted_file
- name: get stat of copied encrypted file without decrypting
win_stat:
path: '{{test_win_copy_path}}\vault-file'
register: copy_encrypted_file_result
- name: assert result of copy an encrypted file without decrypting
assert:
that:
- copy_encrypted_file|changed
- copy_encrypted_file_result.stat.checksum == "74a89620002d253f38834ee5b06cddd28956a43d"
- name: copy an encrypted file without decrypting (idempotent)
win_copy:
src: '{{role_path}}/files-different/vault/vault-file'
dest: '{{test_win_copy_path}}\vault-file'
decrypt: no
register: copy_encrypted_file_again
- name: assert result of copy an encrypted file without decrypting (idempotent)
assert:
that:
- not copy_encrypted_file_again|changed
- name: copy folder with encrypted files without decrypting
win_copy:
src: '{{role_path}}/files-different/vault/'
dest: '{{test_win_copy_path}}\encrypted-test'
decrypt: no
register: copy_encrypted_file
- name: get result of copy folder with encrypted files without decrypting
win_find:
paths: '{{test_win_copy_path}}\encrypted-test'
recurse: yes
patterns: '*vault*'
register: copy_encrypted_file_result
- name: assert result of copy folder with encrypted files without decrypting
assert:
that:
- copy_encrypted_file|changed
- copy_encrypted_file_result.files|count == 2
- copy_encrypted_file_result.files[0].checksum == "834563c94127730ecfa42dfc1e1821bbda2e51da"
- copy_encrypted_file_result.files[1].checksum == "74a89620002d253f38834ee5b06cddd28956a43d"
- name: copy folder with encrypted files without decrypting (idempotent)
win_copy:
src: '{{role_path}}/files-different/vault/'
dest: '{{test_win_copy_path}}\encrypted-test'
decrypt: no
register: copy_encrypted_file_again
- name: assert result of copy folder with encrypted files without decrypting (idempotent)
assert:
that:
- not copy_encrypted_file_again|changed
- name: remove test folder after local to remote tests - name: remove test folder after local to remote tests
win_file: win_file:
path: '{{test_win_copy_path}}' path: '{{test_win_copy_path}}'