mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
win_copy: added decrypt option (#31291)
This commit is contained in:
parent
1353aae456
commit
f2bc89a880
3 changed files with 77 additions and 5 deletions
|
@ -28,6 +28,12 @@ options:
|
||||||
specified value. This is for simple values, for anything complex or with
|
specified value. This is for simple values, for anything complex or with
|
||||||
formatting please switch to the template module.
|
formatting please switch to the template module.
|
||||||
version_added: "2.3"
|
version_added: "2.3"
|
||||||
|
decrypt:
|
||||||
|
description:
|
||||||
|
- This option controls the autodecryption of source files using vault.
|
||||||
|
type: bool
|
||||||
|
default: 'yes'
|
||||||
|
version_added: "2.5"
|
||||||
dest:
|
dest:
|
||||||
description:
|
description:
|
||||||
- Remote absolute path where the file should be copied to. If src is a
|
- Remote absolute path where the file should be copied to. If src is a
|
||||||
|
|
|
@ -22,7 +22,7 @@ from ansible.plugins.action import ActionBase
|
||||||
from ansible.utils.hashing import checksum
|
from ansible.utils.hashing import checksum
|
||||||
|
|
||||||
|
|
||||||
def _walk_dirs(topdir, loader, base_path=None, local_follow=False, trailing_slash_detector=None, checksum_check=False):
|
def _walk_dirs(topdir, loader, decrypt=True, base_path=None, local_follow=False, trailing_slash_detector=None, checksum_check=False):
|
||||||
"""
|
"""
|
||||||
Walk a filesystem tree returning enough information to copy the files.
|
Walk a filesystem tree returning enough information to copy the files.
|
||||||
This is similar to the _walk_dirs function in ``copy.py`` but returns
|
This is similar to the _walk_dirs function in ``copy.py`` but returns
|
||||||
|
@ -31,6 +31,7 @@ def _walk_dirs(topdir, loader, base_path=None, local_follow=False, trailing_slas
|
||||||
|
|
||||||
:arg topdir: The directory that the filesystem tree is rooted at
|
:arg topdir: The directory that the filesystem tree is rooted at
|
||||||
:arg loader: The self._loader object from ActionBase
|
:arg loader: The self._loader object from ActionBase
|
||||||
|
:kwarg decrypt: Whether to decrypt a file encrypted with ansible-vault
|
||||||
:kwarg base_path: The initial directory structure to strip off of the
|
:kwarg base_path: The initial directory structure to strip off of the
|
||||||
files for the destination directory. If this is None (the default),
|
files for the destination directory. If this is None (the default),
|
||||||
the base_path is set to ``top_dir``.
|
the base_path is set to ``top_dir``.
|
||||||
|
@ -101,7 +102,7 @@ def _walk_dirs(topdir, loader, base_path=None, local_follow=False, trailing_slas
|
||||||
|
|
||||||
if os.path.islink(filepath):
|
if os.path.islink(filepath):
|
||||||
# Dereference the symlnk
|
# Dereference the symlnk
|
||||||
real_file = loader.get_real_file(os.path.realpath(filepath), decrypt=True)
|
real_file = loader.get_real_file(os.path.realpath(filepath), decrypt=decrypt)
|
||||||
if local_follow and os.path.isfile(real_file):
|
if local_follow and os.path.isfile(real_file):
|
||||||
# Add the file pointed to by the symlink
|
# Add the file pointed to by the symlink
|
||||||
r_files['files'].append(
|
r_files['files'].append(
|
||||||
|
@ -116,7 +117,7 @@ def _walk_dirs(topdir, loader, base_path=None, local_follow=False, trailing_slas
|
||||||
r_files['symlinks'].append({"src": os.readlink(filepath), "dest": dest_filepath})
|
r_files['symlinks'].append({"src": os.readlink(filepath), "dest": dest_filepath})
|
||||||
else:
|
else:
|
||||||
# Just a normal file
|
# Just a normal file
|
||||||
real_file = loader.get_real_file(filepath, decrypt=True)
|
real_file = loader.get_real_file(filepath, decrypt=decrypt)
|
||||||
r_files['files'].append(
|
r_files['files'].append(
|
||||||
{
|
{
|
||||||
"src": real_file,
|
"src": real_file,
|
||||||
|
@ -340,6 +341,7 @@ class ActionModule(ActionBase):
|
||||||
remote_src = boolean(self._task.args.get('remote_src', False), strict=False)
|
remote_src = boolean(self._task.args.get('remote_src', False), strict=False)
|
||||||
local_follow = boolean(self._task.args.get('local_follow', False), strict=False)
|
local_follow = boolean(self._task.args.get('local_follow', False), strict=False)
|
||||||
force = boolean(self._task.args.get('force', True), strict=False)
|
force = boolean(self._task.args.get('force', True), strict=False)
|
||||||
|
decrypt = boolean(self._task.args.get('decrypt', True), strict=False)
|
||||||
|
|
||||||
result['src'] = source
|
result['src'] = source
|
||||||
result['dest'] = dest
|
result['dest'] = dest
|
||||||
|
@ -414,7 +416,7 @@ class ActionModule(ActionBase):
|
||||||
result['operation'] = 'folder_copy'
|
result['operation'] = 'folder_copy'
|
||||||
|
|
||||||
# Get a list of the files we want to replicate on the remote side
|
# Get a list of the files we want to replicate on the remote side
|
||||||
source_files = _walk_dirs(source, self._loader, local_follow=local_follow,
|
source_files = _walk_dirs(source, self._loader, decrypt=decrypt, local_follow=local_follow,
|
||||||
trailing_slash_detector=self._connection._shell.path_has_trailing_slash,
|
trailing_slash_detector=self._connection._shell.path_has_trailing_slash,
|
||||||
checksum_check=force)
|
checksum_check=force)
|
||||||
|
|
||||||
|
@ -430,7 +432,7 @@ class ActionModule(ActionBase):
|
||||||
|
|
||||||
# If the local file does not exist, get_real_file() raises AnsibleFileNotFound
|
# If the local file does not exist, get_real_file() raises AnsibleFileNotFound
|
||||||
try:
|
try:
|
||||||
source_full = self._loader.get_real_file(source, decrypt=True)
|
source_full = self._loader.get_real_file(source, decrypt=decrypt)
|
||||||
except AnsibleFileNotFound as e:
|
except AnsibleFileNotFound as e:
|
||||||
result['failed'] = True
|
result['failed'] = True
|
||||||
result['msg'] = "could not find src=%s, %s" % (source_full, to_text(e))
|
result['msg'] = "could not find src=%s, %s" % (source_full, to_text(e))
|
||||||
|
|
|
@ -443,6 +443,70 @@
|
||||||
state: absent
|
state: absent
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
|
|
||||||
|
- name: copy an encrypted file without decrypting
|
||||||
|
win_copy:
|
||||||
|
src: '{{role_path}}/files-different/vault/vault-file'
|
||||||
|
dest: '{{test_win_copy_path}}\vault-file'
|
||||||
|
decrypt: no
|
||||||
|
register: copy_encrypted_file
|
||||||
|
|
||||||
|
- name: get stat of copied encrypted file without decrypting
|
||||||
|
win_stat:
|
||||||
|
path: '{{test_win_copy_path}}\vault-file'
|
||||||
|
register: copy_encrypted_file_result
|
||||||
|
|
||||||
|
- name: assert result of copy an encrypted file without decrypting
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- copy_encrypted_file|changed
|
||||||
|
- copy_encrypted_file_result.stat.checksum == "74a89620002d253f38834ee5b06cddd28956a43d"
|
||||||
|
|
||||||
|
- name: copy an encrypted file without decrypting (idempotent)
|
||||||
|
win_copy:
|
||||||
|
src: '{{role_path}}/files-different/vault/vault-file'
|
||||||
|
dest: '{{test_win_copy_path}}\vault-file'
|
||||||
|
decrypt: no
|
||||||
|
register: copy_encrypted_file_again
|
||||||
|
|
||||||
|
- name: assert result of copy an encrypted file without decrypting (idempotent)
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- not copy_encrypted_file_again|changed
|
||||||
|
|
||||||
|
- name: copy folder with encrypted files without decrypting
|
||||||
|
win_copy:
|
||||||
|
src: '{{role_path}}/files-different/vault/'
|
||||||
|
dest: '{{test_win_copy_path}}\encrypted-test'
|
||||||
|
decrypt: no
|
||||||
|
register: copy_encrypted_file
|
||||||
|
|
||||||
|
- name: get result of copy folder with encrypted files without decrypting
|
||||||
|
win_find:
|
||||||
|
paths: '{{test_win_copy_path}}\encrypted-test'
|
||||||
|
recurse: yes
|
||||||
|
patterns: '*vault*'
|
||||||
|
register: copy_encrypted_file_result
|
||||||
|
|
||||||
|
- name: assert result of copy folder with encrypted files without decrypting
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- copy_encrypted_file|changed
|
||||||
|
- copy_encrypted_file_result.files|count == 2
|
||||||
|
- copy_encrypted_file_result.files[0].checksum == "834563c94127730ecfa42dfc1e1821bbda2e51da"
|
||||||
|
- copy_encrypted_file_result.files[1].checksum == "74a89620002d253f38834ee5b06cddd28956a43d"
|
||||||
|
|
||||||
|
- name: copy folder with encrypted files without decrypting (idempotent)
|
||||||
|
win_copy:
|
||||||
|
src: '{{role_path}}/files-different/vault/'
|
||||||
|
dest: '{{test_win_copy_path}}\encrypted-test'
|
||||||
|
decrypt: no
|
||||||
|
register: copy_encrypted_file_again
|
||||||
|
|
||||||
|
- name: assert result of copy folder with encrypted files without decrypting (idempotent)
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- not copy_encrypted_file_again|changed
|
||||||
|
|
||||||
- name: remove test folder after local to remote tests
|
- name: remove test folder after local to remote tests
|
||||||
win_file:
|
win_file:
|
||||||
path: '{{test_win_copy_path}}'
|
path: '{{test_win_copy_path}}'
|
||||||
|
|
Loading…
Reference in a new issue