External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-10 10:57:35 -02:30
Code Issues Packages Projects Releases Wiki Activity

Implement https://trello.com/c/Oznsyg2c - Always use ssh-agent to run playbooks whenever an SSH key is provided.

Browse Source
This commit is contained in:
Chris Church
2014-10-23 14:34:38 -04:00
parent 7834bfab70
commit 4eb0ed225b
2 changed files with 8 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
awx/main/tasks.py
View File

@@ -660,12 +660,6 @@ class RunJob(BaseTask):
except ValueError: except ValueError:
pass pass
# If private key isn't encrypted, pass the path on the command line.
ssh_key_path = kwargs.get('private_data_file', '')
use_ssh_agent = bool(creds and creds.has_encrypted_ssh_key_data)
if ssh_key_path and not use_ssh_agent:
args.append('--private-key=%s' % ssh_key_path)
if job.forks: # FIXME: Max limit? if job.forks: # FIXME: Max limit?
args.append('--forks=%d' % job.forks) args.append('--forks=%d' % job.forks)
if job.force_handlers: if job.force_handlers:
@@ -703,8 +697,9 @@ class RunJob(BaseTask):
# Add path to playbook (relative to project.local_path). # Add path to playbook (relative to project.local_path).
args.append(job.playbook) args.append(job.playbook)
# If ssh unlock password is needed, run using ssh-agent. # If using an SSH key, run using ssh-agent.
if ssh_key_path and use_ssh_agent: ssh_key_path = kwargs.get('private_data_file', '')
if ssh_key_path:
args = self.wrap_args_with_ssh_agent(args, ssh_key_path) args = self.wrap_args_with_ssh_agent(args, ssh_key_path)
return args return args

10
awx/main/tests/tasks.py
View File

@@ -459,7 +459,7 @@ class RunJobTest(BaseCeleryTest):
if expect_stdout: if expect_stdout:
self.assertTrue(job.result_stdout) self.assertTrue(job.result_stdout)
else: else:
self.assertFalse(job.result_stdout, self.assertTrue(job.result_stdout in ('', 'stdout capture is missing'),
u'expected no stdout, got:\n%s' % u'expected no stdout, got:\n%s' %
job.result_stdout) job.result_stdout)
if expect_traceback: if expect_traceback:
@@ -925,8 +925,8 @@ class RunJobTest(BaseCeleryTest):
self.assertTrue(job.signal_start()) self.assertTrue(job.signal_start())
job = Job.objects.get(pk=job.pk) job = Job.objects.get(pk=job.pk)
self.check_job_result(job, 'successful') self.check_job_result(job, 'successful')
self.assertTrue('"--private-key=' in job.job_args) self.assertFalse('"--private-key=' in job.job_args)
self.assertFalse('ssh-agent' in job.job_args) self.assertTrue('ssh-agent' in job.job_args)
def test_tag_and_task_options(self): def test_tag_and_task_options(self):
self.create_test_project(TEST_PLAYBOOK_WITH_TAGS) self.create_test_project(TEST_PLAYBOOK_WITH_TAGS)
@@ -1062,8 +1062,8 @@ class RunJobTest(BaseCeleryTest):
self.assertTrue(job.signal_start()) self.assertTrue(job.signal_start())
job = Job.objects.get(pk=job.pk) job = Job.objects.get(pk=job.pk)
self.check_job_result(job, 'successful') self.check_job_result(job, 'successful')
self.assertTrue('"--private-key=' in job.job_args) self.assertFalse('"--private-key=' in job.job_args)
self.assertFalse('ssh-agent' in job.job_args) self.assertTrue('ssh-agent' in job.job_args)
def test_locked_ssh_key_with_password(self): def test_locked_ssh_key_with_password(self):
self.create_test_credential(ssh_key_data=TEST_SSH_KEY_DATA_LOCKED, self.create_test_credential(ssh_key_data=TEST_SSH_KEY_DATA_LOCKED,