executor: do not blacklist host-vars for trusted context
This change lifts the host-vars blacklist for trusted context. Change-Id: I59c2829adf2a641dc6761aed930ab28471432a9a
This commit is contained in:
parent
d8fab33b58
commit
3acc00a30e
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
security:
|
||||
- |
|
||||
The add_host host-vars blacklist is no longer effective for trusted
|
||||
playbook.
|
|
@ -2450,7 +2450,8 @@ class AnsibleJob(object):
|
|||
if self.executor_variables_file is not None:
|
||||
cmd.extend(['-e@%s' % self.executor_variables_file])
|
||||
|
||||
cmd.extend(['-e', '@' + self.jobdir.ansible_vars_blacklist])
|
||||
if not playbook.trusted:
|
||||
cmd.extend(['-e', '@' + self.jobdir.ansible_vars_blacklist])
|
||||
|
||||
self.emitPlaybookBanner(playbook, 'START', phase)
|
||||
|
||||
|
|
Loading…
Reference in New Issue