ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-07-27 07:01:22 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

Add an "accept_hostkey" parameter to the git module to help automatically

Browse source 
accept hostkeys for git repos and prevent task hangs when the key is unknown
This commit is contained in:
James Tanner 2014-01-11 10:35:33 -05:00
commit 8665b0638a
2 changed files with 72 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

58
lib/ansible/module_utils/known_hosts.py Normal file
View file

@ -0,0 +1,58 @@
def add_git_host_key(module, url, accept_hostkey=True):
""" idempotently add a git url hostkey """
if accept_hostkey:
fqdn = get_fqdn(module.params['repo'])
if fqdn:
known_host = check_hostkey(module, fqdn)
if not known_host:
rc, out, err = add_host_key(module, fqdn)
if rc != 0:
module.fail_json(msg="failed to add %s hostkey: %s" % (fqdn, out + err))
def get_fqdn(repo_url):
""" chop the hostname out of a giturl """
result = None
if "@" in repo_url:
repo_url = repo_url.split("@", 1)[1]
if ":" in repo_url:
repo_url = repo_url.split(":")[0]
result = repo_url
elif "/" in repo_url:
repo_url = repo_url.split("/")[0]
result = repo_url
return result
def check_hostkey(module, fqdn):
""" use ssh-keygen to check if key is known """
result = False
keygen_cmd = module.get_bin_path('ssh-keygen', True)
this_cmd = keygen_cmd + " -H -F " + fqdn
rc, out, err = module.run_command(this_cmd)
if rc == 0:
if out != "":
result = True
return result
def add_host_key(module, fqdn, key_type="rsa"):
""" use ssh-keyscan to add the hostkey """
result = False
keyscan_cmd = module.get_bin_path('ssh-keyscan', True)
this_cmd = "%s -t %s %s >> ~/.ssh/known_hosts" % (keyscan_cmd, key_type, fqdn)
rc, out, err = module.run_command(this_cmd)
return rc, out, err

14
library/source_control/git
View file

@ -43,6 +43,12 @@ options:
- What version of the repository to check out. This can be the - What version of the repository to check out. This can be the
full 40-character I(SHA-1) hash, the literal string C(HEAD), a full 40-character I(SHA-1) hash, the literal string C(HEAD), a
branch name, or a tag name. branch name, or a tag name.
accept_hostkey:
required: false
default: true
version_added: "1.5"
description:
- Add the hostkey for the repo url if not already added.
reference: reference:
required: false required: false
default: null default: null
@ -118,6 +124,7 @@ EXAMPLES = '''
import re import re
import tempfile import tempfile
def get_version(git_path, dest, ref="HEAD"): def get_version(git_path, dest, ref="HEAD"):
''' samples the version of the git repo ''' ''' samples the version of the git repo '''
os.chdir(dest) os.chdir(dest)
@ -352,6 +359,7 @@ def main():
force=dict(default='yes', type='bool'), force=dict(default='yes', type='bool'),
depth=dict(default=None, type='int'), depth=dict(default=None, type='int'),
update=dict(default='yes', type='bool'), update=dict(default='yes', type='bool'),
accept_hostkey=dict(default='yes', type='bool'),
executable=dict(default=None), executable=dict(default=None),
bare=dict(default='no', type='bool'), bare=dict(default='no', type='bool'),
), ),
@ -369,6 +377,10 @@ def main():
reference = module.params['reference'] reference = module.params['reference']
git_path = module.params['executable'] or module.get_bin_path('git', True) git_path = module.params['executable'] or module.get_bin_path('git', True)
# add the git repo's hostkey
if module.params['accept_hostkey']:
add_git_host_key(module, repo, accept_hostkey=True)
if bare: if bare:
gitconfig = os.path.join(dest, 'config') gitconfig = os.path.join(dest, 'config')
else: else:
@ -430,4 +442,6 @@ def main():
# import module snippets # import module snippets
from ansible.module_utils.basic import * from ansible.module_utils.basic import *
from ansible.module_utils.known_hosts import *
main() main()