diff --git a/lib/ansible/module_utils/ios.py b/lib/ansible/module_utils/ios.py index acb2b352a5c..7c97f4c2552 100644 --- a/lib/ansible/module_utils/ios.py +++ b/lib/ansible/module_utils/ios.py @@ -19,8 +19,8 @@ import re -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.shell import Shell, Command, HAS_PARAMIKO +from ansible.module_utils.basic import AnsibleModule, env_fallback +from ansible.module_utils.shell import Shell, ShellError, Command, HAS_PARAMIKO from ansible.module_utils.netcfg import parse NET_PASSWD_RE = re.compile(r"[\r\n]?password: $", re.I) @@ -28,10 +28,11 @@ NET_PASSWD_RE = re.compile(r"[\r\n]?password: $", re.I) NET_COMMON_ARGS = dict( host=dict(required=True), port=dict(default=22, type='int'), - username=dict(required=True), - password=dict(no_log=True), - authorize=dict(default=False, type='bool'), - auth_pass=dict(no_log=True), + username=dict(fallback=(env_fallback, ['ANSIBLE_NET_USERNAME'])), + password=dict(no_log=True, fallback=(env_fallback, ['ANSIBLE_NET_PASSWORD'])), + ssh_keyfile=dict(fallback=(env_fallback, ['ANSIBLE_NET_SSH_KEYFILE']), type='path'), + authorize=dict(default=False, fallback=(env_fallback, ['ANSIBLE_NET_AUTHORIZE']), type='bool'), + auth_pass=dict(no_log=True, fallback=(env_fallback, ['ANSIBLE_NET_AUTH_PASS'])), provider=dict() ) @@ -72,12 +73,12 @@ class Cli(object): username = self.module.params['username'] password = self.module.params['password'] + key_filename = self.module.params['ssh_keyfile'] try: self.shell = Shell(kickstart=False, prompts_re=CLI_PROMPTS_RE, errors_re=CLI_ERRORS_RE) - self.shell.open(host, port=port, username=username, - password=password) + self.shell.open(host, port=port, username=username, password=password, key_filename=key_filename) except Exception, exc: msg = 'failed to connect to %s:%s - %s' % (host, port, str(exc)) self.module.fail_json(msg=msg) diff --git a/lib/ansible/module_utils/iosxr.py b/lib/ansible/module_utils/iosxr.py index 94b16040354..7d01b36dbac 100644 --- a/lib/ansible/module_utils/iosxr.py +++ b/lib/ansible/module_utils/iosxr.py @@ -19,7 +19,7 @@ import re -from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.basic import AnsibleModule, env_fallback from ansible.module_utils.shell import Shell, HAS_PARAMIKO from ansible.module_utils.netcfg import parse @@ -28,8 +28,9 @@ NET_PASSWD_RE = re.compile(r"[\r\n]?password: $", re.I) NET_COMMON_ARGS = dict( host=dict(required=True), port=dict(default=22, type='int'), - username=dict(required=True), - password=dict(no_log=True), + username=dict(fallback=(env_fallback, ['ANSIBLE_NET_USERNAME'])), + password=dict(no_log=True, fallback=(env_fallback, ['ANSIBLE_NET_PASSWORD'])), + ssh_keyfile=dict(fallback=(env_fallback, ['ANSIBLE_NET_SSH_KEYFILE']), type='path'), provider=dict() ) @@ -68,11 +69,11 @@ class Cli(object): username = self.module.params['username'] password = self.module.params['password'] + key_filename = self.module.params['ssh_keyfile'] try: - self.shell = Shell(kickstart=False, prompts_re=CLI_PROMPTS_RE, - errors_re=CLI_ERRORS_RE) - self.shell.open(host, port=port, username=username, password=password) + self.shell = Shell(kickstart=False, prompts_re=CLI_PROMPTS_RE, errors_re=CLI_ERRORS_RE) + self.shell.open(host, port=port, username=username, password=password, key_filename=key_filename) except Exception, exc: msg = 'failed to connecto to %s:%s - %s' % (host, port, str(exc)) self.module.fail_json(msg=msg) diff --git a/lib/ansible/module_utils/junos.py b/lib/ansible/module_utils/junos.py index 735f9a22dd3..27243904e2f 100644 --- a/lib/ansible/module_utils/junos.py +++ b/lib/ansible/module_utils/junos.py @@ -17,15 +17,16 @@ # along with Ansible. If not, see . # -from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.basic import AnsibleModule, env_fallback from ansible.module_utils.shell import Shell, HAS_PARAMIKO from ansible.module_utils.netcfg import parse NET_COMMON_ARGS = dict( host=dict(required=True), port=dict(default=22, type='int'), - username=dict(required=True), - password=dict(no_log=True), + username=dict(fallback=(env_fallback, ['ANSIBLE_NET_USERNAME'])), + password=dict(no_log=True, fallback=(env_fallback, ['ANSIBLE_NET_PASSWORD'])), + ssh_keyfile=dict(fallback=(env_fallback, ['ANSIBLE_NET_SSH_KEYFILE']), type='path'), provider=dict() ) @@ -49,11 +50,12 @@ class Cli(object): username = self.module.params['username'] password = self.module.params['password'] + key_filename = self.module.params['ssh_keyfile'] self.shell = Shell() try: - self.shell.open(host, port=port, username=username, password=password) + self.shell.open(host, port=port, username=username, password=password, key_filename=key_filename) except Exception, exc: msg = 'failed to connecto to %s:%s - %s' % (host, port, str(exc)) self.module.fail_json(msg=msg) diff --git a/lib/ansible/module_utils/openswitch.py b/lib/ansible/module_utils/openswitch.py index fc9f8e988fe..2e30028af68 100644 --- a/lib/ansible/module_utils/openswitch.py +++ b/lib/ansible/module_utils/openswitch.py @@ -29,7 +29,7 @@ try: except ImportError: HAS_OPS = False -from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.basic import AnsibleModule, env_fallback from ansible.module_utils.urls import fetch_url from ansible.module_utils.shell import Shell, HAS_PARAMIKO from ansible.module_utils.netcfg import parse @@ -39,8 +39,9 @@ NET_PASSWD_RE = re.compile(r"[\r\n]?password: $", re.I) NET_COMMON_ARGS = dict( host=dict(), port=dict(type='int'), - username=dict(), - password=dict(no_log=True), + username=dict(fallback=(env_fallback, ['ANSIBLE_NET_USERNAME'])), + password=dict(no_log=True, fallback=(env_fallback, ['ANSIBLE_NET_PASSWORD'])), + ssh_keyfile=dict(fallback=(env_fallback, ['ANSIBLE_NET_SSH_KEYFILE']), type='path'), use_ssl=dict(default=True, type='bool'), transport=dict(default='ssh', choices=['ssh', 'cli', 'rest']), provider=dict() @@ -154,9 +155,10 @@ class Cli(object): username = self.module.params['username'] password = self.module.params['password'] + key_filename = self.module.params['ssh_keyfile'] self.shell = Shell() - self.shell.open(host, port=port, username=username, password=password) + self.shell.open(host, port=port, username=username, password=password, key_filename=key_filename) def send(self, commands, encoding='text'): return self.shell.send(commands) diff --git a/lib/ansible/utils/module_docs_fragments/ios.py b/lib/ansible/utils/module_docs_fragments/ios.py index 4b6e53fc0cc..fe354b1f94b 100644 --- a/lib/ansible/utils/module_docs_fragments/ios.py +++ b/lib/ansible/utils/module_docs_fragments/ios.py @@ -39,20 +39,32 @@ options: description: - Configures the usename to use to authenticate the connection to the remote device. The value of I(username) is used to authenticate - the SSH session - required: true + the SSH session. If the value is not specified in the task, the + value of environment variable ANSIBLE_NET_USERNAME will be used instead. + required: false password: description: - - Specifies the password to use when authentication the connection to + - Specifies the password to use to authenticate the connection to the remote device. The value of I(password) is used to authenticate - the SSH session + the SSH session. If the value is not specified in the task, the + value of environment variable ANSIBLE_NET_PASSWORD will be used instead. required: false default: null + ssh_keyfile: + description: + - Specifies the SSH key to use to authenticate the connection to + the remote device. The value of I(ssh_keyfile) is the path to the + key used to authenticate the SSH session. If the value is not specified + in the task, the value of environment variable ANSIBLE_NET_SSH_KEYFILE + will be used instead. + required: false authorize: description: - Instructs the module to enter priviledged mode on the remote device before sending any commands. If not specified, the device will - attempt to excecute all commands in non-priviledged mode. + attempt to excecute all commands in non-priviledged mode. If the value + is not specified in the task, the value of environment variable + ANSIBLE_NET_AUTHORIZE will be used instead. required: false default: no choices: ['yes', 'no'] @@ -60,7 +72,8 @@ options: description: - Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument - does nothing + does nothing. If the value is not specified in the task, the value of + environment variable ANSIBLE_NET_AUTH_PASS will be used instead. required: false default: none provider: diff --git a/lib/ansible/utils/module_docs_fragments/iosxr.py b/lib/ansible/utils/module_docs_fragments/iosxr.py index 3b9959db47c..540de6024a2 100644 --- a/lib/ansible/utils/module_docs_fragments/iosxr.py +++ b/lib/ansible/utils/module_docs_fragments/iosxr.py @@ -39,15 +39,25 @@ options: description: - Configures the usename to use to authenticate the connection to the remote device. The value of I(username) is used to authenticate - the SSH session - required: true + the SSH session. If the value is not specified in the task, the + value of environment variable ANSIBLE_NET_USERNAME will be used instead. + required: false password: description: - - Specifies the password to use when authentication the connection to + - Specifies the password to use to authenticate the connection to the remote device. The value of I(password) is used to authenticate - the SSH session + the SSH session. If the value is not specified in the task, the + value of environment variable ANSIBLE_NET_PASSWORD will be used instead. required: false default: null + ssh_keyfile: + description: + - Specifies the SSH key to use to authenticate the connection to + the remote device. The value of I(ssh_keyfile) is the path to the + key used to authenticate the SSH session. If the value is not specified + in the task, the value of environment variable ANSIBLE_NET_SSH_KEYFILE + will be used instead. + required: false provider: description: - Convience method that allows all M(iosxr) arguments to be passed as diff --git a/lib/ansible/utils/module_docs_fragments/junos.py b/lib/ansible/utils/module_docs_fragments/junos.py index 96627288ca7..4f8646bcfb5 100644 --- a/lib/ansible/utils/module_docs_fragments/junos.py +++ b/lib/ansible/utils/module_docs_fragments/junos.py @@ -39,15 +39,25 @@ options: description: - Configures the usename to use to authenticate the connection to the remote device. The value of I(username) is used to authenticate - the SSH session - required: true + the SSH session. If the value is not specified in the task, the + value of environment variable ANSIBLE_NET_USERNAME will be used instead. + required: false password: description: - - Specifies the password to use when authentication the connection to + - Specifies the password to use to authenticate the connection to the remote device. The value of I(password) is used to authenticate - the SSH session + the SSH session. If the value is not specified in the task, the + value of environment variable ANSIBLE_NET_PASSWORD will be used instead. required: false default: null + ssh_keyfile: + description: + - Specifies the SSH key to use to authenticate the connection to + the remote device. The value of I(ssh_keyfile) is the path to the key + used to authenticate the SSH session. If the value is not specified in + the task, the value of environment variable ANSIBLE_NET_SSH_KEYFILE + will be used instead. + required: false provider: description: - Convience method that allows all M(ios) arguments to be passed as diff --git a/lib/ansible/utils/module_docs_fragments/openswitch.py b/lib/ansible/utils/module_docs_fragments/openswitch.py index 7a223ce7617..3a2bcdb3dfb 100644 --- a/lib/ansible/utils/module_docs_fragments/openswitch.py +++ b/lib/ansible/utils/module_docs_fragments/openswitch.py @@ -44,16 +44,25 @@ options: the remote device. The value of I(username) is used to authenticate either the CLI login or the eAPI authentication depending on which transport is used. Note this argument does not affect the SSH - transport. - required: true + transport. If the value is not specified in the task, the value of + environment variable ANSIBLE_NET_USERNAME will be used instead. + required: false password: description: - - Specifies the password to use when authentication the connection to + - Specifies the password to use to authenticate the connection to the remote device. This is a common argument used for either I(cli) or I(rest) transports. Note this argument does not affect the SSH - transport + transport. If the value is not specified in the task, the value of + environment variable ANSIBLE_NET_PASSWORD will be used instead. required: false default: null + ssh_keyfile: + description: + - Specifies the SSH key to use to authenticate the connection to + the remote device. This argument is only used for the I(cli) + transports. If the value is not specified in the task, the value of + environment variable ANSIBLE_NET_SSH_KEYFILE will be used instead. + required: false transport: description: - Configures the transport connection to use when connecting to the