ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-07-26 22:51:23 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

fix authorized_keys in check_mode

Browse source 
This change is in response to issue #1515.
Original pull request #1580.

The original problem is: in authorized_key module you have no idea about users
which will be created by Ansible at first run. I can propose next two ways to
solve this problem:

  1. Combine modules system/user.py and system/authorized_key.py in one module
     (so you will know everything about users in that module)
  2. Use small workaround: add my commit and always provide 'path' parameter
     for authorized_key module during runs with --check option.
This commit is contained in:
verm666 2015-07-01 07:04:45 -07:00 committed by Matt Clay
commit ac40d9f41a
1 changed files with 13 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

19
lib/ansible/modules/system/authorized_key.py
View file

@ -139,7 +139,7 @@ import shlex
class keydict(dict): class keydict(dict):
""" a dictionary that maintains the order of keys as they are added """ """ a dictionary that maintains the order of keys as they are added """
# http://stackoverflow.com/questions/2328235/pythonextend-the-dict-class # http://stackoverflow.com/questions/2328235/pythonextend-the-dict-class
def __init__(self, *args, **kw): def __init__(self, *args, **kw):
@ -147,7 +147,7 @@ class keydict(dict):
self.itemlist = super(keydict,self).keys() self.itemlist = super(keydict,self).keys()
def __setitem__(self, key, value): def __setitem__(self, key, value):
self.itemlist.append(key) self.itemlist.append(key)
super(keydict,self).__setitem__(key, value) super(keydict,self).__setitem__(key, value)
def __iter__(self): def __iter__(self):
return iter(self.itemlist) return iter(self.itemlist)
def keys(self): def keys(self):
@ -155,7 +155,7 @@ class keydict(dict):
def values(self): def values(self):
return [self[key] for key in self] return [self[key] for key in self]
def itervalues(self): def itervalues(self):
return (self[key] for key in self) return (self[key] for key in self)
def keyfile(module, user, write=False, path=None, manage_dir=True): def keyfile(module, user, write=False, path=None, manage_dir=True):
""" """
@ -169,6 +169,13 @@ def keyfile(module, user, write=False, path=None, manage_dir=True):
:return: full path string to authorized_keys for user :return: full path string to authorized_keys for user
""" """
if module.check_mode:
if path is None:
module.fail_json(msg="You must provide full path to key file in check mode")
else:
keysfile = path
return keysfile
try: try:
user_entry = pwd.getpwnam(user) user_entry = pwd.getpwnam(user)
except KeyError, e: except KeyError, e:
@ -215,8 +222,8 @@ def keyfile(module, user, write=False, path=None, manage_dir=True):
return keysfile return keysfile
def parseoptions(module, options): def parseoptions(module, options):
''' '''
reads a string containing ssh-key options reads a string containing ssh-key options
and returns a dictionary of those options and returns a dictionary of those options
''' '''
options_dict = keydict() #ordered dict options_dict = keydict() #ordered dict
@ -247,7 +254,7 @@ def parsekey(module, raw_key):
'ssh-ed25519', 'ssh-ed25519',
'ecdsa-sha2-nistp256', 'ecdsa-sha2-nistp256',
'ecdsa-sha2-nistp384', 'ecdsa-sha2-nistp384',
'ecdsa-sha2-nistp521', 'ecdsa-sha2-nistp521',
'ssh-dss', 'ssh-dss',
'ssh-rsa', 'ssh-rsa',
] ]