make fifo a helper for easier testing, fixed proot check

2026-01-11 18:09:57 -03:30 · 2016-04-06 15:18:28 -04:00 · 2016-04-06 15:18:28 -04:00 · 2a3e5dd0c0
commit 2a3e5dd0c0
parent e8b35533e4
1 changed files with 17 additions and 6 deletions
--- a/awx/main/tasks.py
+++ b/awx/main/tasks.py
@ -392,10 +392,9 @@ class BaseTask(Task):
                    data += '\n'
                # For credentials used with ssh-add, write to a named pipe which
                # will be read then closed, instead of leaving the SSH key on disk.
-                if name in ('credential', 'scm_credential', 'ad_hoc_credential') and not ssh_too_old:
+                if name in ('credential', 'network_credential', 'scm_credential', 'ad_hoc_credential') and not ssh_too_old:
                    path = os.path.join(kwargs.get('private_data_dir', tempfile.gettempdir()), name)
-                    os.mkfifo(path, 0600)
-                    thread.start_new_thread(lambda p, d: open(p, 'w').write(d), (path, data))
+                    self.open_fifo_write(path)
                else:
                    handle, path = tempfile.mkstemp(dir=kwargs.get('private_data_dir', None))
                    f = os.fdopen(handle, 'w')
@ -405,6 +404,14 @@ class BaseTask(Task):
                private_data_files[name] = path
        return private_data_files

+    def open_fifo_write(self, path):
+        '''open_fifo_write opens the fifo named pipe in a new thread.
+        This blocks until the the calls to ssh-agent/ssh-add have read the
+        credential information from the pipe.
+        '''
+        os.mkfifo(path, 0600)
+        thread.start_new_thread(lambda p, d: open(p, 'w').write(d), (path, data))
+
    def build_passwords(self, instance, **kwargs):
        '''
        Build a dictionary of passwords for responding to prompts.
@ -435,7 +442,7 @@ class BaseTask(Task):
            env['VIRTUAL_ENV'] = settings.ANSIBLE_VENV_PATH
            env['PATH'] = os.path.join(settings.ANSIBLE_VENV_PATH, "bin") + ":" + env['PATH']
            env['PYTHONPATH'] = os.path.join(settings.ANSIBLE_VENV_PATH, "lib/python2.7/site-packages/") + ":"
-        if self.should_use_proot:
+        if self.should_use_proot(instance, **kwargs):
            env['PROOT_TMP_DIR'] = tower_settings.AWX_PROOT_BASE_PATH
        return env

@ -700,7 +707,6 @@ class RunJob(BaseTask):
        private_data = {}
        # If we were sent SSH credentials, decrypt them and send them
        # back (they will be written to a temporary file).
-
        for cred_name in job_credentials:
            credential = getattr(job, cred_name, None)
            if credential:
@ -949,7 +955,12 @@ class RunJob(BaseTask):
        '''
        If using an SSH key, return the path for use by ssh-agent.
        '''
-        return kwargs.get('private_data_files', {}).get('credential', '')
+        private_data_files = kwargs.get('private_data_files', {})
+        if 'credential' in private_data_files:
+            return private_data_files.get('credential')
+        elif 'network_credential' in private_data_files:
+            return private_data_files.get('network_credential')
+        return ''

    def should_use_proot(self, instance, **kwargs):
        '''