vars_prompt encrypt from mgw

This commit is contained in:
Rodney Quillo 2012-08-09 22:56:40 +08:00
parent a7cd16a016
commit d1f821361d
4 changed files with 67 additions and 8 deletions

View file

@ -32,6 +32,14 @@
- name: "release_version"
prompt: "Product release version"
private: False
- name: "my_password2"
prompt: "Enter password2"
private: True
encrypt: "md5_crypt"
confirm: True
salt_size: 7
salt: "foo"
# this is just a simple example to show that vars_prompt works, but
# you might ask for a tag to use with the git module or perhaps

View file

@ -380,15 +380,32 @@ class PlaybookCallbacks(object):
msg = "NOTIFIED: [%s]" % name
print banner(msg)
def on_vars_prompt(self, varname, private=True, prompt=None):
def on_vars_prompt(self, varname, private=True, prompt=None, encrypt=None, confirm=False, salt_size=None, salt=None):
if prompt:
msg = prompt
else:
msg = 'input for %s: ' % varname
if private:
return getpass.getpass(msg)
return raw_input(msg)
def prompt(prompt, private):
if private:
return getpass.getpass(prompt)
return raw_input(prompt)
if confirm:
while True:
result = prompt(msg, private)
second = prompt("confirm " + msg, private)
if result == second: break
print "***** VALUES ENTERED DO NOT MATCH ****"
else:
result = prompt(msg, private)
if encrypt:
result = utils.do_encrypt(result,encrypt,salt_size,salt)
return result
def on_setup(self):

View file

@ -129,7 +129,7 @@ class Play(object):
return self._tasks
def handlers(self):
''' return handler objects for this play '''
''' return handler objects for this play '''
return self._handlers
# *************************************************
@ -159,14 +159,23 @@ class Play(object):
for var in self.vars_prompt:
if not 'name' in var:
raise errors.AnsibleError("'vars_prompt' item is missing 'name:'")
vname = var['name']
prompt = "%s: " % var.get("prompt", vname)
private = var.get("private", True)
vars[vname] = self.playbook.callbacks.on_vars_prompt(vname, private, prompt)
confirm = var.get("confirm", False)
encrypt = var.get("encrypt", None)
salt_size = var.get("salt_size", None)
salt = var.get("salt", None)
vars[vname] = self.playbook.callbacks.on_vars_prompt(vname, private, prompt,encrypt, confirm, salt_size, salt)
elif type(self.vars_prompt) == dict:
for (vname, prompt) in self.vars_prompt.iteritems():
prompt = "%s: " % prompt
vars[vname] = self.playbook.callbacks.on_vars_prompt(vname, False, prompt)
prompt_msg = "%s: " % prompt
vars[vname] = self.playbook.callbacks.on_vars_prompt(varname=vname, private=False, prompt=prompt_msg)
else:
raise errors.AnsibleError("'vars_prompt' section is malformed, see docs")

View file

@ -42,6 +42,15 @@ try:
except ImportError:
from md5 import md5 as _md5
# vars_prompt_encrypt
PASSLIB_AVAILABLE = False
try:
import passlib.hash
PASSLIB_AVAILABLE = True
except:
pass
###############################################################
# UTILITY FUNCTIONS FOR COMMAND LINE TOOLS
###############################################################
@ -383,5 +392,21 @@ def base_parser(constants=C, usage="", output_opts=False, runas_opts=False, asyn
return parser
def do_encrypt(result, encrypt, salt_size=None, salt=None):
if PASSLIB_AVAILABLE:
try:
crypt = getattr(passlib.hash, encrypt)
except:
raise errors.AnsibleError("passlib does not support '%s' algorithm" % encrypt)
if salt_size:
result = crypt.encrypt(result, salt_size=salt_size)
elif salt:
result = crypt.encrypt(result, salt=salt)
else:
result = crypt.encrypt(result)
else:
raise errors.AnsibleError("passlib must be installed to encrypt vars_prompt values")
return result