diff --git a/source_control/git b/source_control/git index 41cf53133d5..86ae1043de7 100644 --- a/source_control/git +++ b/source_control/git @@ -49,6 +49,21 @@ options: version_added: "1.5" description: - Add the hostkey for the repo url if not already added. + sshopts: + required: false + default: None + version_added: "1.5" + description: + - Creates a wrapper script and exports the path as GIT_SSH + which git then automatically uses to override ssh arguments. + An example value could be "-o StrictHostKeyChecking=no" + keyfile: + requird: false + default: None + version_added: "1.5" + description: + - Uses the same wrapper method as sshopts to pass + "-i " to the ssh arguments used by git reference: required: false default: null @@ -124,6 +139,45 @@ EXAMPLES = ''' import re import tempfile +def write_ssh_wrapper(): + fh = tempfile.NamedTemporaryFile(delete=False) + wrapper_path = fh.name + template = """#!/bin/sh +if [ -z "$GIT_SSH_OPTS" ]; then + BASEOPTS="" +else + BASEOPTS=$GIT_SSH_OPTS +fi + +if [ -z "$GIT_KEY" ]; then + ssh $BASEOPTS "$@" +else + ssh -i "$GIT_KEY" $BASEOPTS "$@" +fi +""" + fh.write(template) + fh.close() + st = os.stat(wrapper_path) + os.chmod(wrapper_path, st.st_mode | stat.S_IEXEC) + return wrapper_path + +def set_git_ssh(ssh_wrapper, key_file, ssh_opts): + + if os.environ.get("GIT_SSH"): + del os.environ["GIT_SSH"] + os.environ["GIT_SSH"] = ssh_wrapper + + if os.environ.get("GIT_KEY"): + del os.environ["GIT_KEY"] + + if key_file: + os.environ["GIT_KEY"] = key_file + + if os.environ.get("GIT_SSH_OPTS"): + del os.environ["GIT_SSH_OPTS"] + + if ssh_opts: + os.environ["GIT_SSH_OPTS"] = ssh_opts def get_version(git_path, dest, ref="HEAD"): ''' samples the version of the git repo ''' @@ -199,7 +253,7 @@ def get_remote_head(git_path, module, dest, version, remote, bare): # appears to be a sha1. return as-is since it appears # cannot check for a specific sha1 on remote return version - (rc, out, err) = module.run_command(cmd, check_rc=True) + (rc, out, err) = module.run_command(cmd, check_rc=True ) if len(out) < 1: module.fail_json(msg="Could not determine remote revision for %s" % version) rev = out.split()[0] @@ -360,6 +414,8 @@ def main(): depth=dict(default=None, type='int'), update=dict(default='yes', type='bool'), accept_hostkey=dict(default='no', type='bool'), + keyfile=dict(default=None, required=False), + sshopts=dict(default=None, required=False), executable=dict(default=None), bare=dict(default='no', type='bool'), ), @@ -376,6 +432,17 @@ def main(): bare = module.params['bare'] reference = module.params['reference'] git_path = module.params['executable'] or module.get_bin_path('git', True) + + key_file = module.params['keyfile'] + ssh_opts = module.params['sshopts'] + + # create a wrapper script and export + # GIT_SSH= as an environment variable + # for git to use the wrapper script + ssh_wrapper = None + if key_file or ssh_opts: + ssh_wrapper = write_ssh_wrapper() + set_git_ssh(ssh_wrapper, key_file, ssh_opts) # add the git repo's hostkey #if module.params['accept_hostkey']: @@ -438,6 +505,10 @@ def main(): if before != after or local_mods: changed = True + # cleanup the wrapper script + if ssh_wrapper: + os.remove(ssh_wrapper) + module.exit_json(changed=changed, before=before, after=after) # import module snippets