From 762e8656c53da69ade439b17c92bc26c8f14609b Mon Sep 17 00:00:00 2001
From: Chris Church <chris@ninemoreminutes.com>
Date: Tue, 1 Apr 2014 20:35:36 -0400
Subject: [PATCH] Use ssh-agent for encrypted ssh_key_data even when
 ssh_key_unlock is empty.

---
 awx/main/tasks.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/awx/main/tasks.py b/awx/main/tasks.py
index 9971293661..43d5074787 100644
--- a/awx/main/tasks.py
+++ b/awx/main/tasks.py
@@ -403,7 +403,9 @@ class RunJob(BaseTask):
                     value = kwargs.get(field, decrypt_field(creds, 'password'))
                 else:
                     value = kwargs.get(field, decrypt_field(creds, field))
-                if value not in ('', 'ASK'):
+                if field == 'ssh_key_unlock' and value != 'ASK':
+                    passwords[field] = value
+                elif value not in ('', 'ASK'):
                     passwords[field] = value
         return passwords
 
@@ -487,7 +489,8 @@ class RunJob(BaseTask):
 
         # If private key isn't encrypted, pass the path on the command line.
         ssh_key_path = kwargs.get('private_data_file', '')
-        use_ssh_agent = bool(kwargs.get('passwords', {}).get('ssh_key_unlock', ''))
+        ssh_key_unlock = kwargs.get('passwords', {}).get('ssh_key_unlock', None)
+        use_ssh_agent = bool(ssh_key_unlock is not None)
         if ssh_key_path and not use_ssh_agent:
             args.append('--private-key=%s' % ssh_key_path)