mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-07-25 22:30:22 -07:00
Add an "accept_hostkey" parameter to the git module to help automatically
accept hostkeys for git repos and prevent task hangs when the key is unknown
This commit is contained in:
parent
b0940f0c68
commit
8665b0638a
2 changed files with 72 additions and 0 deletions
58
lib/ansible/module_utils/known_hosts.py
Normal file
58
lib/ansible/module_utils/known_hosts.py
Normal file
|
@ -0,0 +1,58 @@
|
||||||
|
def add_git_host_key(module, url, accept_hostkey=True):
|
||||||
|
|
||||||
|
""" idempotently add a git url hostkey """
|
||||||
|
|
||||||
|
if accept_hostkey:
|
||||||
|
|
||||||
|
fqdn = get_fqdn(module.params['repo'])
|
||||||
|
|
||||||
|
if fqdn:
|
||||||
|
known_host = check_hostkey(module, fqdn)
|
||||||
|
if not known_host:
|
||||||
|
rc, out, err = add_host_key(module, fqdn)
|
||||||
|
if rc != 0:
|
||||||
|
module.fail_json(msg="failed to add %s hostkey: %s" % (fqdn, out + err))
|
||||||
|
|
||||||
|
def get_fqdn(repo_url):
|
||||||
|
|
||||||
|
""" chop the hostname out of a giturl """
|
||||||
|
|
||||||
|
result = None
|
||||||
|
if "@" in repo_url:
|
||||||
|
repo_url = repo_url.split("@", 1)[1]
|
||||||
|
if ":" in repo_url:
|
||||||
|
repo_url = repo_url.split(":")[0]
|
||||||
|
result = repo_url
|
||||||
|
elif "/" in repo_url:
|
||||||
|
repo_url = repo_url.split("/")[0]
|
||||||
|
result = repo_url
|
||||||
|
|
||||||
|
return result
|
||||||
|
|
||||||
|
|
||||||
|
def check_hostkey(module, fqdn):
|
||||||
|
|
||||||
|
""" use ssh-keygen to check if key is known """
|
||||||
|
|
||||||
|
result = False
|
||||||
|
keygen_cmd = module.get_bin_path('ssh-keygen', True)
|
||||||
|
this_cmd = keygen_cmd + " -H -F " + fqdn
|
||||||
|
rc, out, err = module.run_command(this_cmd)
|
||||||
|
|
||||||
|
if rc == 0:
|
||||||
|
if out != "":
|
||||||
|
result = True
|
||||||
|
|
||||||
|
return result
|
||||||
|
|
||||||
|
def add_host_key(module, fqdn, key_type="rsa"):
|
||||||
|
|
||||||
|
""" use ssh-keyscan to add the hostkey """
|
||||||
|
|
||||||
|
result = False
|
||||||
|
keyscan_cmd = module.get_bin_path('ssh-keyscan', True)
|
||||||
|
this_cmd = "%s -t %s %s >> ~/.ssh/known_hosts" % (keyscan_cmd, key_type, fqdn)
|
||||||
|
rc, out, err = module.run_command(this_cmd)
|
||||||
|
|
||||||
|
return rc, out, err
|
||||||
|
|
|
@ -43,6 +43,12 @@ options:
|
||||||
- What version of the repository to check out. This can be the
|
- What version of the repository to check out. This can be the
|
||||||
full 40-character I(SHA-1) hash, the literal string C(HEAD), a
|
full 40-character I(SHA-1) hash, the literal string C(HEAD), a
|
||||||
branch name, or a tag name.
|
branch name, or a tag name.
|
||||||
|
accept_hostkey:
|
||||||
|
required: false
|
||||||
|
default: true
|
||||||
|
version_added: "1.5"
|
||||||
|
description:
|
||||||
|
- Add the hostkey for the repo url if not already added.
|
||||||
reference:
|
reference:
|
||||||
required: false
|
required: false
|
||||||
default: null
|
default: null
|
||||||
|
@ -118,6 +124,7 @@ EXAMPLES = '''
|
||||||
import re
|
import re
|
||||||
import tempfile
|
import tempfile
|
||||||
|
|
||||||
|
|
||||||
def get_version(git_path, dest, ref="HEAD"):
|
def get_version(git_path, dest, ref="HEAD"):
|
||||||
''' samples the version of the git repo '''
|
''' samples the version of the git repo '''
|
||||||
os.chdir(dest)
|
os.chdir(dest)
|
||||||
|
@ -352,6 +359,7 @@ def main():
|
||||||
force=dict(default='yes', type='bool'),
|
force=dict(default='yes', type='bool'),
|
||||||
depth=dict(default=None, type='int'),
|
depth=dict(default=None, type='int'),
|
||||||
update=dict(default='yes', type='bool'),
|
update=dict(default='yes', type='bool'),
|
||||||
|
accept_hostkey=dict(default='yes', type='bool'),
|
||||||
executable=dict(default=None),
|
executable=dict(default=None),
|
||||||
bare=dict(default='no', type='bool'),
|
bare=dict(default='no', type='bool'),
|
||||||
),
|
),
|
||||||
|
@ -369,6 +377,10 @@ def main():
|
||||||
reference = module.params['reference']
|
reference = module.params['reference']
|
||||||
git_path = module.params['executable'] or module.get_bin_path('git', True)
|
git_path = module.params['executable'] or module.get_bin_path('git', True)
|
||||||
|
|
||||||
|
# add the git repo's hostkey
|
||||||
|
if module.params['accept_hostkey']:
|
||||||
|
add_git_host_key(module, repo, accept_hostkey=True)
|
||||||
|
|
||||||
if bare:
|
if bare:
|
||||||
gitconfig = os.path.join(dest, 'config')
|
gitconfig = os.path.join(dest, 'config')
|
||||||
else:
|
else:
|
||||||
|
@ -430,4 +442,6 @@ def main():
|
||||||
|
|
||||||
# import module snippets
|
# import module snippets
|
||||||
from ansible.module_utils.basic import *
|
from ansible.module_utils.basic import *
|
||||||
|
from ansible.module_utils.known_hosts import *
|
||||||
|
|
||||||
main()
|
main()
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue