ansible-pull: expand destinantion directoy to avoid purgin in / (#82030)

* expand destinantion directoy to avoid purgin in / bad things could happen and help alone is not enough
7 months ago · 8825e60add
parent 05259aa6ce
commit 8825e60add
3 changed files with 9 additions and 3 deletions
--- a/changelogs/fragments/pull_unfrack_dest.yml
+++ b/changelogs/fragments/pull_unfrack_dest.yml
@ -0,0 +1,2 @@
+bugfixes:
+  - ansible-pull now will expand relative paths for the ``-d|--directory`` option is now expanded before use.
--- a/lib/ansible/cli/pull.py
+++ b/lib/ansible/cli/pull.py
@ -28,6 +28,7 @@ from ansible.plugins.loader import module_loader
 from ansible.utils.cmd_functions import run_cmd
 from ansible.utils.display import Display

+
 display = Display()


@ -101,8 +102,8 @@ class PullCLI(CLI):
                                      'This is a useful way to disperse git requests')
        self.parser.add_argument('-f', '--force', dest='force', default=False, action='store_true',
                                 help='run the playbook even if the repository could not be updated')
-        self.parser.add_argument('-d', '--directory', dest='dest', default=None,
-                                 help='absolute path of repository checkout directory (relative paths are not supported)')
+        self.parser.add_argument('-d', '--directory', dest='dest', default=None, type=opt_help.unfrack_path(),
+                                 help='path to the directory to which Ansible will checkout the repository.')
        self.parser.add_argument('-U', '--url', dest='url', default=None, help='URL of the playbook repository')
        self.parser.add_argument('--full', dest='fullclone', action='store_true', help='Do a full clone, instead of a shallow one.')
        self.parser.add_argument('-C', '--checkout', dest='checkout',
@ -133,7 +134,6 @@ class PullCLI(CLI):
            hostname = socket.getfqdn()
            # use a hostname dependent directory, in case of $HOME on nfs
            options.dest = os.path.join(C.ANSIBLE_HOME, 'pull', hostname)
-        options.dest = os.path.expandvars(os.path.expanduser(options.dest))

        if os.path.exists(options.dest) and not os.path.isdir(options.dest):
            raise AnsibleOptionsError("%s is not a valid or accessible directory." % options.dest)
@ -313,6 +313,7 @@ class PullCLI(CLI):
        if context.CLIARGS['purge']:
            os.chdir('/')
            try:
+                display.debug("removing: %s" % context.CLIARGS['dest'])
                shutil.rmtree(context.CLIARGS['dest'])
            except Exception as e:
                display.error(u"Failed to remove %s: %s" % (context.CLIARGS['dest'], to_text(e)))
--- a/test/integration/targets/ansible-pull/runme.sh
+++ b/test/integration/targets/ansible-pull/runme.sh
@ -88,3 +88,6 @@ ANSIBLE_CONFIG='' ansible-pull -d "${pull_dir}" -U "${repo_dir}" "$@" multi_play
 pass_tests_multi

 ANSIBLE_CONFIG='' ansible-pull -d "${pull_dir}" -U "${repo_dir}" conn_secret.yml --connection-password-file "${repo_dir}/secret_connection_password" "$@"
+
+# fail if we try do delete /var/tmp
+ANSIBLE_CONFIG='' ansible-pull -d var/tmp -U "${repo_dir}" --purge "$@"