wbrawner/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add host key for ssh url only.

Browse source 
Rewrite function `get_fqdn`.  It returns fqdn for all kinds of urls now.

`add_git_host_key` determines whether a url is ssh and whether its host
key should be added.
This commit is contained in:
Desmond O. Chang 2015-02-14 00:23:36 +08:00 committed by Toshio Kuratomi
parent 66a2f2923e
commit 58c3539196
1 changed files with 25 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
lib/ansible/module_utils/known_hosts.py
View file

@ -40,25 +40,38 @@ def add_git_host_key(module, url, accept_hostkey=True, create_dir=True):
""" idempotently add a git url hostkey """ """ idempotently add a git url hostkey """
fqdn = get_fqdn(url) if is_ssh_url(url):
if fqdn: fqdn = get_fqdn(url)
known_host = check_hostkey(module, fqdn)
if not known_host: if fqdn:
if accept_hostkey: known_host = check_hostkey(module, fqdn)
rc, out, err = add_host_key(module, fqdn, create_dir=create_dir) if not known_host:
if rc != 0: if accept_hostkey:
module.fail_json(msg="failed to add %s hostkey: %s" % (fqdn, out + err)) rc, out, err = add_host_key(module, fqdn, create_dir=create_dir)
else: if rc != 0:
module.fail_json(msg="%s has an unknown hostkey. Set accept_hostkey to True or manually add the hostkey prior to running the git module" % fqdn) module.fail_json(msg="failed to add %s hostkey: %s" % (fqdn, out + err))
else:
module.fail_json(msg="%s has an unknown hostkey. Set accept_hostkey to True or manually add the hostkey prior to running the git module" % fqdn)
def is_ssh_url(url):
""" check if url is ssh """
if "@" in url and "://" not in url:
return True
for scheme in "ssh://", "git+ssh://", "ssh+git://":
if url.startswith(scheme):
return True
return False
def get_fqdn(repo_url): def get_fqdn(repo_url):
""" chop the hostname out of a giturl """ """ chop the hostname out of a url """
result = None result = None
if "@" in repo_url and "://" not in repo_url: if "@" in repo_url and "://" not in repo_url:
# most likely a git@ or ssh+git@ type URL # most likely an user@host:path or user@host/path type URL
repo_url = repo_url.split("@", 1)[1] repo_url = repo_url.split("@", 1)[1]
if ":" in repo_url: if ":" in repo_url:
repo_url = repo_url.split(":")[0] repo_url = repo_url.split(":")[0]
@ -69,9 +82,6 @@ def get_fqdn(repo_url):
elif "://" in repo_url: elif "://" in repo_url:
# this should be something we can parse with urlparse # this should be something we can parse with urlparse
parts = urlparse.urlparse(repo_url) parts = urlparse.urlparse(repo_url)
if 'ssh' not in parts[0] and 'git' not in parts[0]:
# don't try and scan a hostname that's not ssh
return None
# parts[1] will be empty on python2.4 on ssh:// or git:// urls, so # parts[1] will be empty on python2.4 on ssh:// or git:// urls, so
# ensure we actually have a parts[1] before continuing. # ensure we actually have a parts[1] before continuing.
if parts[1] != '': if parts[1] != '':