|
|
|
@ -258,8 +258,8 @@ def check_conditional(conditional, basedir, inject, fail_on_undefined=False):
|
|
|
|
conditional = template.template(basedir, presented, inject)
|
|
|
|
conditional = template.template(basedir, presented, inject)
|
|
|
|
val = conditional.strip()
|
|
|
|
val = conditional.strip()
|
|
|
|
if val == presented:
|
|
|
|
if val == presented:
|
|
|
|
# the templating failed, meaning most likely a
|
|
|
|
# the templating failed, meaning most likely a
|
|
|
|
# variable was undefined. If we happened to be
|
|
|
|
# variable was undefined. If we happened to be
|
|
|
|
# looking for an undefined variable, return True,
|
|
|
|
# looking for an undefined variable, return True,
|
|
|
|
# otherwise fail
|
|
|
|
# otherwise fail
|
|
|
|
if "is undefined" in conditional:
|
|
|
|
if "is undefined" in conditional:
|
|
|
|
@ -282,7 +282,7 @@ def is_executable(path):
|
|
|
|
or stat.S_IXOTH & os.stat(path)[stat.ST_MODE])
|
|
|
|
or stat.S_IXOTH & os.stat(path)[stat.ST_MODE])
|
|
|
|
|
|
|
|
|
|
|
|
def unfrackpath(path):
|
|
|
|
def unfrackpath(path):
|
|
|
|
'''
|
|
|
|
'''
|
|
|
|
returns a path that is free of symlinks, environment
|
|
|
|
returns a path that is free of symlinks, environment
|
|
|
|
variables, relative path traversals and symbols (~)
|
|
|
|
variables, relative path traversals and symbols (~)
|
|
|
|
example:
|
|
|
|
example:
|
|
|
|
@ -511,10 +511,10 @@ def process_common_errors(msg, probline, column):
|
|
|
|
|
|
|
|
|
|
|
|
if ":{{" in replaced and "}}" in replaced:
|
|
|
|
if ":{{" in replaced and "}}" in replaced:
|
|
|
|
msg = msg + """
|
|
|
|
msg = msg + """
|
|
|
|
This one looks easy to fix. YAML thought it was looking for the start of a
|
|
|
|
This one looks easy to fix. YAML thought it was looking for the start of a
|
|
|
|
hash/dictionary and was confused to see a second "{". Most likely this was
|
|
|
|
hash/dictionary and was confused to see a second "{". Most likely this was
|
|
|
|
meant to be an ansible template evaluation instead, so we have to give the
|
|
|
|
meant to be an ansible template evaluation instead, so we have to give the
|
|
|
|
parser a small hint that we wanted a string instead. The solution here is to
|
|
|
|
parser a small hint that we wanted a string instead. The solution here is to
|
|
|
|
just quote the entire value.
|
|
|
|
just quote the entire value.
|
|
|
|
|
|
|
|
|
|
|
|
For instance, if the original line was:
|
|
|
|
For instance, if the original line was:
|
|
|
|
@ -529,9 +529,9 @@ It should be written as:
|
|
|
|
|
|
|
|
|
|
|
|
elif len(probline) and len(probline) > 1 and len(probline) > column and probline[column] == ":" and probline.count(':') > 1:
|
|
|
|
elif len(probline) and len(probline) > 1 and len(probline) > column and probline[column] == ":" and probline.count(':') > 1:
|
|
|
|
msg = msg + """
|
|
|
|
msg = msg + """
|
|
|
|
This one looks easy to fix. There seems to be an extra unquoted colon in the line
|
|
|
|
This one looks easy to fix. There seems to be an extra unquoted colon in the line
|
|
|
|
and this is confusing the parser. It was only expecting to find one free
|
|
|
|
and this is confusing the parser. It was only expecting to find one free
|
|
|
|
colon. The solution is just add some quotes around the colon, or quote the
|
|
|
|
colon. The solution is just add some quotes around the colon, or quote the
|
|
|
|
entire line after the first colon.
|
|
|
|
entire line after the first colon.
|
|
|
|
|
|
|
|
|
|
|
|
For instance, if the original line was:
|
|
|
|
For instance, if the original line was:
|
|
|
|
@ -543,7 +543,7 @@ It can be written as:
|
|
|
|
copy: src=file.txt dest='/path/filename:with_colon.txt'
|
|
|
|
copy: src=file.txt dest='/path/filename:with_colon.txt'
|
|
|
|
|
|
|
|
|
|
|
|
Or:
|
|
|
|
Or:
|
|
|
|
|
|
|
|
|
|
|
|
copy: 'src=file.txt dest=/path/filename:with_colon.txt'
|
|
|
|
copy: 'src=file.txt dest=/path/filename:with_colon.txt'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -563,8 +563,8 @@ Or:
|
|
|
|
unbalanced = True
|
|
|
|
unbalanced = True
|
|
|
|
if match:
|
|
|
|
if match:
|
|
|
|
msg = msg + """
|
|
|
|
msg = msg + """
|
|
|
|
This one looks easy to fix. It seems that there is a value started
|
|
|
|
This one looks easy to fix. It seems that there is a value started
|
|
|
|
with a quote, and the YAML parser is expecting to see the line ended
|
|
|
|
with a quote, and the YAML parser is expecting to see the line ended
|
|
|
|
with the same kind of quote. For instance:
|
|
|
|
with the same kind of quote. For instance:
|
|
|
|
|
|
|
|
|
|
|
|
when: "ok" in result.stdout
|
|
|
|
when: "ok" in result.stdout
|
|
|
|
@ -582,9 +582,9 @@ or equivalently:
|
|
|
|
|
|
|
|
|
|
|
|
if unbalanced:
|
|
|
|
if unbalanced:
|
|
|
|
msg = msg + """
|
|
|
|
msg = msg + """
|
|
|
|
We could be wrong, but this one looks like it might be an issue with
|
|
|
|
We could be wrong, but this one looks like it might be an issue with
|
|
|
|
unbalanced quotes. If starting a value with a quote, make sure the
|
|
|
|
unbalanced quotes. If starting a value with a quote, make sure the
|
|
|
|
line ends with the same set of quotes. For instance this arbitrary
|
|
|
|
line ends with the same set of quotes. For instance this arbitrary
|
|
|
|
example:
|
|
|
|
example:
|
|
|
|
|
|
|
|
|
|
|
|
foo: "bad" "wolf"
|
|
|
|
foo: "bad" "wolf"
|
|
|
|
@ -625,8 +625,8 @@ Note: The error may actually appear before this position: line %s, column %s
|
|
|
|
else:
|
|
|
|
else:
|
|
|
|
msg = msg + """
|
|
|
|
msg = msg + """
|
|
|
|
We could be wrong, but this one looks like it might be an issue with
|
|
|
|
We could be wrong, but this one looks like it might be an issue with
|
|
|
|
missing quotes. Always quote template expression brackets when they
|
|
|
|
missing quotes. Always quote template expression brackets when they
|
|
|
|
start a value. For instance:
|
|
|
|
start a value. For instance:
|
|
|
|
|
|
|
|
|
|
|
|
with_items:
|
|
|
|
with_items:
|
|
|
|
- {{ foo }}
|
|
|
|
- {{ foo }}
|
|
|
|
@ -634,7 +634,7 @@ start a value. For instance:
|
|
|
|
Should be written as:
|
|
|
|
Should be written as:
|
|
|
|
|
|
|
|
|
|
|
|
with_items:
|
|
|
|
with_items:
|
|
|
|
- "{{ foo }}"
|
|
|
|
- "{{ foo }}"
|
|
|
|
|
|
|
|
|
|
|
|
"""
|
|
|
|
"""
|
|
|
|
else:
|
|
|
|
else:
|
|
|
|
@ -894,9 +894,9 @@ def base_parser(constants=C, usage="", output_opts=False, runas_opts=False,
|
|
|
|
help='use this file to authenticate the connection')
|
|
|
|
help='use this file to authenticate the connection')
|
|
|
|
parser.add_option('-K', '--ask-sudo-pass', default=False, dest='ask_sudo_pass', action='store_true',
|
|
|
|
parser.add_option('-K', '--ask-sudo-pass', default=False, dest='ask_sudo_pass', action='store_true',
|
|
|
|
help='ask for sudo password')
|
|
|
|
help='ask for sudo password')
|
|
|
|
parser.add_option('--ask-su-pass', default=False, dest='ask_su_pass', action='store_true',
|
|
|
|
parser.add_option('--ask-su-pass', default=False, dest='ask_su_pass', action='store_true',
|
|
|
|
help='ask for su password')
|
|
|
|
help='ask for su password')
|
|
|
|
parser.add_option('--ask-vault-pass', default=False, dest='ask_vault_pass', action='store_true',
|
|
|
|
parser.add_option('--ask-vault-pass', default=False, dest='ask_vault_pass', action='store_true',
|
|
|
|
help='ask for vault password')
|
|
|
|
help='ask for vault password')
|
|
|
|
parser.add_option('--vault-password-file', default=constants.DEFAULT_VAULT_PASSWORD_FILE,
|
|
|
|
parser.add_option('--vault-password-file', default=constants.DEFAULT_VAULT_PASSWORD_FILE,
|
|
|
|
dest='vault_password_file', help="vault password file")
|
|
|
|
dest='vault_password_file', help="vault password file")
|
|
|
|
@ -1176,8 +1176,8 @@ def safe_eval(expr, locals={}, include_exceptions=False):
|
|
|
|
http://stackoverflow.com/questions/12523516/using-ast-and-whitelists-to-make-pythons-eval-safe
|
|
|
|
http://stackoverflow.com/questions/12523516/using-ast-and-whitelists-to-make-pythons-eval-safe
|
|
|
|
'''
|
|
|
|
'''
|
|
|
|
|
|
|
|
|
|
|
|
# this is the whitelist of AST nodes we are going to
|
|
|
|
# this is the whitelist of AST nodes we are going to
|
|
|
|
# allow in the evaluation. Any node type other than
|
|
|
|
# allow in the evaluation. Any node type other than
|
|
|
|
# those listed here will raise an exception in our custom
|
|
|
|
# those listed here will raise an exception in our custom
|
|
|
|
# visitor class defined below.
|
|
|
|
# visitor class defined below.
|
|
|
|
SAFE_NODES = set(
|
|
|
|
SAFE_NODES = set(
|
|
|
|
@ -1430,3 +1430,9 @@ def _load_vars_from_folder(folder_path, results, vault_password=None):
|
|
|
|
_found, results = _load_vars_from_path(path, results, vault_password=vault_password)
|
|
|
|
_found, results = _load_vars_from_path(path, results, vault_password=vault_password)
|
|
|
|
return results
|
|
|
|
return results
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def update_hash(hash, key, new_value):
|
|
|
|
|
|
|
|
''' used to avoid nested .update calls on the parent '''
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
value = hash.get(key, {})
|
|
|
|
|
|
|
|
value.update(new_value)
|
|
|
|
|
|
|
|
hash[key] = value
|
|
|
|
|
Michael DeHaan
10 years ago