Pass connection info via ansible config file

Pass the name of the remote user and the path to the private key to
ansible via the generated configuration file. This allows to re-use the
same connection info for nested ansible calls.

The other options, which affect how ansible runs the playbooks, should
remain on the command line.

Change-Id: Ic3be4f7e9fb52ac95b20ebbbc2f2d538a1fc80e6
This commit is contained in:
Martin André 2018-03-20 13:24:56 +01:00
parent 1c01c9b460
commit dde623f6e5
2 changed files with 29 additions and 23 deletions

View File

@ -30,6 +30,8 @@ from tripleo_common.inventory import TripleoInventory
def write_default_ansible_cfg(work_dir, def write_default_ansible_cfg(work_dir,
remote_user,
ssh_private_key,
base_ansible_cfg='/etc/ansible/ansible.cfg'): base_ansible_cfg='/etc/ansible/ansible.cfg'):
ansible_config_path = os.path.join(work_dir, 'ansible.cfg') ansible_config_path = os.path.join(work_dir, 'ansible.cfg')
shutil.copy(base_ansible_cfg, ansible_config_path) shutil.copy(base_ansible_cfg, ansible_config_path)
@ -45,6 +47,13 @@ def write_default_ansible_cfg(work_dir,
config.set('ssh_connection', 'ssh_args', config.set('ssh_connection', 'ssh_args',
'-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no') '-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no')
# Set connection info in config file so that subsequent/nested ansible
# calls can re-use it
if remote_user:
config.set('defaults', 'remote_user', remote_user)
if ssh_private_key:
config.set('defaults', 'private_key_file', ssh_private_key)
with open(ansible_config_path, 'w') as configfile: with open(ansible_config_path, 'w') as configfile:
config.write(configfile) config.write(configfile)
@ -162,9 +171,6 @@ class AnsibleAction(actions.Action):
if self.limit_hosts: if self.limit_hosts:
command.extend(['--limit', self.limit_hosts]) command.extend(['--limit', self.limit_hosts])
if self.remote_user:
command.extend(['--user', self.remote_user])
if self.become: if self.become:
command.extend(['--become']) command.extend(['--become'])
@ -189,9 +195,6 @@ class AnsibleAction(actions.Action):
if self.inventory: if self.inventory:
command.extend(['--inventory-file', self.inventory]) command.extend(['--inventory-file', self.inventory])
if self.ssh_private_key:
command.extend(['--private-key', self.ssh_private_key])
if self.extra_env_variables: if self.extra_env_variables:
if not isinstance(self.extra_env_variables, dict): if not isinstance(self.extra_env_variables, dict):
msg = "extra_env_variables must be a dict" msg = "extra_env_variables must be a dict"
@ -201,7 +204,10 @@ class AnsibleAction(actions.Action):
command.extend(['--gather-facts', self.gather_facts]) command.extend(['--gather-facts', self.gather_facts])
try: try:
ansible_config_path = write_default_ansible_cfg(self.work_dir) ansible_config_path = write_default_ansible_cfg(
self.work_dir,
self.remote_user,
self.ssh_private_key)
env_variables = { env_variables = {
'HOME': self.work_dir, 'HOME': self.work_dir,
'ANSIBLE_CONFIG': ansible_config_path 'ANSIBLE_CONFIG': ansible_config_path
@ -394,9 +400,6 @@ class AnsiblePlaybookAction(base.TripleOAction):
if self.module_path: if self.module_path:
command.extend(['--module-path', self.module_path]) command.extend(['--module-path', self.module_path])
if self.remote_user:
command.extend(['--user', self.remote_user])
if self.become: if self.become:
command.extend(['--become']) command.extend(['--become'])
@ -424,9 +427,6 @@ class AnsiblePlaybookAction(base.TripleOAction):
if self.inventory: if self.inventory:
command.extend(['--inventory-file', self.inventory]) command.extend(['--inventory-file', self.inventory])
if self.ssh_private_key:
command.extend(['--private-key', self.ssh_private_key])
if self.tags: if self.tags:
command.extend(['--tags', self.tags]) command.extend(['--tags', self.tags])
@ -442,7 +442,10 @@ class AnsiblePlaybookAction(base.TripleOAction):
command.extend(['--gather-facts', self.gather_facts]) command.extend(['--gather-facts', self.gather_facts])
try: try:
ansible_config_path = write_default_ansible_cfg(self.work_dir) ansible_config_path = write_default_ansible_cfg(
self.work_dir,
self.remote_user,
self.ssh_private_key)
env_variables = { env_variables = {
'HOME': self.work_dir, 'HOME': self.work_dir,
'ANSIBLE_CONFIG': ansible_config_path 'ANSIBLE_CONFIG': ansible_config_path

View File

@ -58,12 +58,13 @@ class AnsibleActionTest(base.TestCase):
'ANSIBLE_CONFIG': ansible_config_path 'ANSIBLE_CONFIG': ansible_config_path
} }
mock_write_cfg.assert_called_once_with(action.work_dir,
self.remote_user, None)
mock_execute.assert_called_once_with( mock_execute.assert_called_once_with(
'ansible', self.hosts, '-vvvvv', '--module-name', 'ansible', self.hosts, '-vvvvv', '--module-name', self.module,
self.module, '--user', self.remote_user, '--become', '--become', '--become-user', self.become_user, env_variables=env,
'--become-user', self.become_user, cwd=action.work_dir, log_errors=processutils.LogErrors.ALL
env_variables=env, cwd=action.work_dir,
log_errors=processutils.LogErrors.ALL
) )
@ -98,6 +99,9 @@ class AnsiblePlaybookActionTest(base.TestCase):
action.run(self.ctx) action.run(self.ctx)
mock_write_cfg.assert_called_once_with(action.work_dir,
self.remote_user, None)
pb = os.path.join(action.work_dir, 'playbook.yaml') pb = os.path.join(action.work_dir, 'playbook.yaml')
env = { env = {
'HOME': action.work_dir, 'HOME': action.work_dir,
@ -105,9 +109,8 @@ class AnsiblePlaybookActionTest(base.TestCase):
} }
mock_execute.assert_called_once_with( mock_execute.assert_called_once_with(
'ansible-playbook', '-v', pb, '--user', 'ansible-playbook', '-v', pb, '--become', '--become-user',
self.remote_user, '--become', '--become-user', self.become_user, self.become_user, '--extra-vars', json.dumps(self.extra_vars),
'--extra-vars', json.dumps(self.extra_vars),
env_variables=env, cwd=action.work_dir, env_variables=env, cwd=action.work_dir,
log_errors=processutils.LogErrors.ALL) log_errors=processutils.LogErrors.ALL)
@ -180,7 +183,7 @@ class CopyConfigFileTest(base.TestCase):
ansible_cfg_file.flush() ansible_cfg_file.flush()
resulting_ansible_config = ansible.write_default_ansible_cfg( resulting_ansible_config = ansible.write_default_ansible_cfg(
work_dir, base_ansible_cfg=ansible_cfg_path) work_dir, None, None, base_ansible_cfg=ansible_cfg_path)
self.assertEqual(resulting_ansible_config, self.assertEqual(resulting_ansible_config,
os.path.join(work_dir, 'ansible.cfg')) os.path.join(work_dir, 'ansible.cfg'))