Make privilege escalation password configurable
Add parameter `become_password` into node list discovery and Ansible executor. Change-Id: Ifa3dc7c84a08171792bb4a18794cf37c2c658d8d
This commit is contained in:
parent
8bdb893209
commit
da22323dfd
|
@ -125,7 +125,7 @@ Options = collections.namedtuple(
|
|||
class AnsibleRunner(object):
|
||||
def __init__(self, remote_user='root', password=None, forks=100,
|
||||
jump_host=None, jump_user=None, private_key_file=None,
|
||||
become=None, serial=None):
|
||||
become=None, become_password=None, serial=None):
|
||||
super(AnsibleRunner, self).__init__()
|
||||
|
||||
ssh_common_args = SSH_COMMON_ARGS
|
||||
|
@ -135,7 +135,7 @@ class AnsibleRunner(object):
|
|||
jump_user=jump_user or remote_user,
|
||||
private_key_file=private_key_file)
|
||||
|
||||
self.passwords = dict(conn_pass=password, become_pass=password)
|
||||
self.passwords = dict(conn_pass=password, become_pass=become_password)
|
||||
self.options = Options(
|
||||
connection='smart',
|
||||
module_path=os.pathsep.join(get_module_paths()),
|
||||
|
@ -275,7 +275,8 @@ class AnsibleRunner(object):
|
|||
return {
|
||||
'ansible_user': host.auth.get('username'),
|
||||
'ansible_ssh_pass': host.auth.get('password'),
|
||||
'ansible_become': host.auth.get('sudo'),
|
||||
'ansible_become': host.auth.get('become') or host.auth.get('sudo'),
|
||||
'ansible_become_password': host.auth.get('become_password'),
|
||||
'ansible_ssh_private_key_file': host.auth.get('private_key_file'),
|
||||
'ansible_ssh_common_args': ssh_common_args,
|
||||
}
|
||||
|
|
|
@ -24,6 +24,8 @@ AUTH_SCHEMA = {
|
|||
'password': {'type': 'string'},
|
||||
'sudo': {'type': 'boolean'},
|
||||
'private_key_file': {'type': 'string'},
|
||||
'become': {'type': 'boolean'},
|
||||
'become_password': {'type': 'string'},
|
||||
'jump': {
|
||||
'type': 'object',
|
||||
'properties': {
|
||||
|
@ -69,6 +71,8 @@ class NodeListDiscover(node_discover.NodeDiscover):
|
|||
- ip: 10.0.0.53
|
||||
mac: aa:bb:cc:dd:ee:03
|
||||
fqdn: node3.local
|
||||
become: true
|
||||
become_password: my_secret_password
|
||||
|
||||
node parameters:
|
||||
|
||||
|
@ -81,6 +85,8 @@ class NodeListDiscover(node_discover.NodeDiscover):
|
|||
- **username** - SSH username (optional)
|
||||
- **password** - SSH password (optional)
|
||||
- **private_key_file** - SSH key file (optional)
|
||||
- **become** - True if privilege escalation is used (optional)
|
||||
- **become_password** - privilege escalation password (optional)
|
||||
- **jump** - SSH proxy parameters (optional):
|
||||
- **host** - SSH proxy host
|
||||
- **username** - SSH proxy user
|
||||
|
|
|
@ -133,7 +133,16 @@ class AnsibleRunnerTestCase(test.TestCase):
|
|||
remote_user='root', scp_extra_args=None, sftp_extra_args=None,
|
||||
ssh_common_args=executor.SSH_COMMON_ARGS,
|
||||
ssh_extra_args=None, verbosity=100),
|
||||
dict(conn_pass='foobar', become_pass='foobar'),
|
||||
dict(conn_pass='foobar', become_pass=None),
|
||||
), (
|
||||
dict(remote_user='root', password='foobar', become_password='secret'),
|
||||
dict(become=None, become_method='sudo', become_user='root',
|
||||
check=False, connection='smart', forks=100,
|
||||
private_key_file=None,
|
||||
remote_user='root', scp_extra_args=None, sftp_extra_args=None,
|
||||
ssh_common_args=executor.SSH_COMMON_ARGS,
|
||||
ssh_extra_args=None, verbosity=100),
|
||||
dict(conn_pass='foobar', become_pass='secret'),
|
||||
), (
|
||||
dict(remote_user='root', jump_host='jhost.com',
|
||||
private_key_file='/path/my.key'),
|
||||
|
@ -279,6 +288,7 @@ class AnsibleRunnerTestCase(test.TestCase):
|
|||
'ansible_user': 'foo',
|
||||
'ansible_ssh_pass': 'bar',
|
||||
'ansible_become': True,
|
||||
'ansible_become_password': None,
|
||||
'ansible_ssh_private_key_file': None,
|
||||
'ansible_ssh_common_args': None,
|
||||
},
|
||||
|
@ -286,6 +296,7 @@ class AnsibleRunnerTestCase(test.TestCase):
|
|||
'ansible_user': None,
|
||||
'ansible_ssh_pass': None,
|
||||
'ansible_become': None,
|
||||
'ansible_become_password': None,
|
||||
'ansible_ssh_private_key_file': None,
|
||||
'ansible_ssh_common_args':
|
||||
'-o UserKnownHostsFile=/dev/null '
|
||||
|
|
Loading…
Reference in New Issue