Merge 22d8712ee4 into a7e666829e

changelogs/fragments/yaml_filters_ansilbe_yaml.yml

@@ -0,0 +1,2 @@
+minor_changes:
+  - filters from_yaml and from_yaml_all now accept 'Ansible specific Yaml', which includes vaults and `!unsafe` custom constructors.

lib/ansible/parsing/utils/yaml.py

@@ -41,12 +41,15 @@ def _handle_error(json_exc, yaml_exc, file_name, show_content):
     raise AnsibleParserError(n_err_msg, obj=err_obj, show_content=show_content, orig_exc=yaml_exc)
 
 
-def _safe_load(stream, file_name=None, vault_secrets=None):
+def _safe_load(stream, file_name=None, vault_secrets=None, all_docs=False):
     ''' Implements yaml.safe_load(), except using our custom loader class. '''
 
     loader = AnsibleLoader(stream, file_name, vault_secrets)
     try:
-        return loader.get_single_data()
+        if all_docs:
+            return loader.get_data()
+        else:
+            return loader.get_single_data()
     finally:
         try:
             loader.dispose()
@@ -54,7 +57,7 @@ def _safe_load(stream, file_name=None, vault_secrets=None):
             pass  # older versions of yaml don't have dispose function, ignore
 
 
-def from_yaml(data, file_name='<string>', show_content=True, vault_secrets=None, json_only=False):
+def from_yaml(data, file_name='<string>', show_content=True, vault_secrets=None, json_only=False, all_docs=False):
     '''
     Creates a python datastructure from the given data, which can be either
     a JSON or YAML string.
@@ -75,8 +78,12 @@ def from_yaml(data, file_name='<string>', show_content=True, vault_secrets=None,
 
         # must not be JSON, let the rest try
         try:
-            new_data = _safe_load(data, file_name=file_name, vault_secrets=vault_secrets)
+            new_data = _safe_load(data, file_name=file_name, vault_secrets=vault_secrets, all_docs=all_docs)
         except YAMLError as yaml_exc:
             _handle_error(json_exc, yaml_exc, file_name, show_content)
 
     return new_data
+
+
+def from_yaml_all(data, file_name='<string>', show_content=True, vault_secrets=None, json_only=False):
+    return from_yaml(data, file_name=file_name, show_content=show_content, vault_secrets=vault_secrets, json_only=json_only, all_docs=True)

lib/ansible/plugins/filter/core.py

@@ -27,8 +27,9 @@ from ansible.errors import AnsibleError, AnsibleFilterError, AnsibleFilterTypeEr
 from ansible.module_utils.six import string_types, integer_types, reraise, text_type
 from ansible.module_utils.common.text.converters import to_bytes, to_native, to_text
 from ansible.module_utils.common.collections import is_sequence
-from ansible.module_utils.common.yaml import yaml_load, yaml_load_all
 from ansible.parsing.ajson import AnsibleJSONEncoder
+from ansible.parsing.utils.yaml import from_yaml as yaml_load
+from ansible.parsing.utils.yaml import from_yaml_all as yaml_load_all
 from ansible.parsing.yaml.dumper import AnsibleDumper
 from ansible.template import recursive_check_defined
 from ansible.utils.display import Display

test/integration/targets/filter_core/tasks/main.yml

@@ -397,10 +397,13 @@
     that:
       - "'---\nbananas: yellow\napples: red'|from_yaml == {'bananas': 'yellow', 'apples': 'red'}"
       - "2|from_yaml == 2"
+      - "2|from_yaml == 2"
       - "'---\nbananas: yellow\n---\napples: red'|from_yaml_all|list == [{'bananas': 'yellow'}, {'apples': 'red'}]"
       - "2|from_yaml_all == 2"
       - "unsafe_fruit|from_yaml == {'bananas': 'yellow', 'apples': 'red'}"
       - "unsafe_fruit_all|from_yaml_all|list == [{'bananas': 'yellow'}, {'apples': 'red'}]"
+      # direclty check unsafe as 'indirect' is already made 'safe for yaml'
+      - "'---\nbananas: !unsafe yellow\napples: red'|from_yaml == {'bananas': 'yellow', 'apples': 'red'}"
   vars:
     unsafe_fruit: !unsafe |
       ---