Fixes #6820 fix erroneous missing vault password error when using the template module

pull/6870/head
James Tanner 11 years ago
parent 466ab0a9d6
commit 5a65dc3b6a

@ -83,15 +83,16 @@ def _executor_hook(job_queue, result_queue, new_stdin):
class HostVars(dict): class HostVars(dict):
''' A special view of vars_cache that adds values from the inventory when needed. ''' ''' A special view of vars_cache that adds values from the inventory when needed. '''
def __init__(self, vars_cache, inventory): def __init__(self, vars_cache, inventory, vault_password=None):
self.vars_cache = vars_cache self.vars_cache = vars_cache
self.inventory = inventory self.inventory = inventory
self.lookup = dict() self.lookup = dict()
self.update(vars_cache) self.update(vars_cache)
self.vault_password = vault_password
def __getitem__(self, host): def __getitem__(self, host):
if host not in self.lookup: if host not in self.lookup:
result = self.inventory.get_variables(host) result = self.inventory.get_variables(host, vault_password=self.vault_password)
result.update(self.vars_cache.get(host, {})) result.update(self.vars_cache.get(host, {}))
self.lookup[host] = result self.lookup[host] = result
return self.lookup[host] return self.lookup[host]
@ -563,7 +564,7 @@ class Runner(object):
inject = utils.combine_vars(inject, module_vars) inject = utils.combine_vars(inject, module_vars)
inject = utils.combine_vars(inject, combined_cache.get(host, {})) inject = utils.combine_vars(inject, combined_cache.get(host, {}))
inject.setdefault('ansible_ssh_user', self.remote_user) inject.setdefault('ansible_ssh_user', self.remote_user)
inject['hostvars'] = HostVars(combined_cache, self.inventory) inject['hostvars'] = HostVars(combined_cache, self.inventory, vault_password=self.vault_pass)
inject['group_names'] = host_variables.get('group_names', []) inject['group_names'] = host_variables.get('group_names', [])
inject['groups'] = self.inventory.groups_list() inject['groups'] = self.inventory.groups_list()
inject['vars'] = self.module_vars inject['vars'] = self.module_vars

@ -85,7 +85,7 @@ class ActionModule(object):
# template the source data locally & get ready to transfer # template the source data locally & get ready to transfer
try: try:
resultant = template.template_from_file(self.runner.basedir, source, inject) resultant = template.template_from_file(self.runner.basedir, source, inject, vault_password=self.runner.vault_pass)
except Exception, e: except Exception, e:
result = dict(failed=True, msg=str(e)) result = dict(failed=True, msg=str(e))
return ReturnData(conn=conn, comm_ok=False, result=result) return ReturnData(conn=conn, comm_ok=False, result=result)

@ -199,7 +199,7 @@ class J2Template(jinja2.environment.Template):
def new_context(self, vars=None, shared=False, locals=None): def new_context(self, vars=None, shared=False, locals=None):
return jinja2.runtime.Context(self.environment, vars.add_locals(locals), self.name, self.blocks) return jinja2.runtime.Context(self.environment, vars.add_locals(locals), self.name, self.blocks)
def template_from_file(basedir, path, vars): def template_from_file(basedir, path, vars, vault_password=None):
''' run a file through the templating engine ''' ''' run a file through the templating engine '''
fail_on_undefined = C.DEFAULT_UNDEFINED_VAR_BEHAVIOR fail_on_undefined = C.DEFAULT_UNDEFINED_VAR_BEHAVIOR

@ -451,7 +451,6 @@ class VaultAES256(object):
derivedkey = PBKDF2(password, salt, dkLen=(2 * keylength) + ivlength, derivedkey = PBKDF2(password, salt, dkLen=(2 * keylength) + ivlength,
count=10000, prf=pbkdf2_prf) count=10000, prf=pbkdf2_prf)
#import epdb; epdb.st()
key1 = derivedkey[:keylength] key1 = derivedkey[:keylength]
key2 = derivedkey[keylength:(keylength * 2)] key2 = derivedkey[keylength:(keylength * 2)]
iv = derivedkey[(keylength * 2):(keylength * 2) + ivlength] iv = derivedkey[(keylength * 2):(keylength * 2) + ivlength]

Loading…
Cancel
Save