From 2ad05f1238139664c87b4d55a4c797be67793979 Mon Sep 17 00:00:00 2001 From: David Wilson Date: Tue, 22 Jan 2019 00:40:32 +0000 Subject: [PATCH] issue #251, #412, #434: fix connection configuration brainwrong This refactors connection.py to pull the two huge dict-building functions out into new transport_transport_config.PlayContextSpec and MitogenViaSpec classes, leaving a lot more room to breath in both files to figure out exactly how connection configuration should work. The changes made in 1f21a30 / 3d58832 are updated or completely removed, the original change was misguided, in a bid to fix connection delegation taking variables from the wrong place when delegate_to was active. The Python path no longer defaults to '/usr/bin/python', this does not appear to be Ansible's normal behaviour. This has changed several times, so it may have to change again, and it may cause breakage after release. Connection delegation respects the c.DEFAULT_REMOTE_USER whereas the previous version simply tried to fetch whatever was in the 'ansible_user' hostvar. Many more connection delegation variables closer match vanilla's handling, but this still requires more work. Some of the variables need access to the command line, and upstream are in the process of changing all that stuff around. --- ansible_mitogen/connection.py | 347 ++++++------------ ansible_mitogen/transport_config.py | 330 +++++++++++++++++ .../delegate_to_template.yml | 2 +- .../osa_delegate_to_self.yml | 2 +- .../stack_construction.yml | 16 +- .../stub_connections/setns_lxc.yml | 1 + .../stub_connections/setns_lxd.yml | 2 +- 7 files changed, 463 insertions(+), 237 deletions(-) create mode 100644 ansible_mitogen/transport_config.py diff --git a/ansible_mitogen/connection.py b/ansible_mitogen/connection.py index a8bb74c7..643ecb94 100644 --- a/ansible_mitogen/connection.py +++ b/ansible_mitogen/connection.py @@ -52,6 +52,7 @@ import ansible_mitogen.parsing import ansible_mitogen.process import ansible_mitogen.services import ansible_mitogen.target +import ansible_mitogen.transport_config LOG = logging.getLogger(__name__) @@ -77,15 +78,6 @@ def optional_int(value): return None -def parse_python_path(s): - """ - Given the string set for ansible_python_interpeter, parse it using shell - syntax and return an appropriate argument vector. - """ - if s: - return ansible.utils.shlex.shlex_split(s) - - def _connect_local(spec): """ Return ContextService arguments for a local connection. @@ -93,7 +85,7 @@ def _connect_local(spec): return { 'method': 'local', 'kwargs': { - 'python_path': spec['python_path'], + 'python_path': spec.python_path(), } } @@ -109,7 +101,7 @@ def _connect_ssh(spec): # #334: tilde-expand private_key_file to avoid implementation difference # between Python and OpenSSH. - private_key_file = spec['private_key_file'] + private_key_file = spec.private_key_file() if private_key_file is not None: private_key_file = os.path.expanduser(private_key_file) @@ -117,17 +109,17 @@ def _connect_ssh(spec): 'method': 'ssh', 'kwargs': { 'check_host_keys': check_host_keys, - 'hostname': spec['remote_addr'], - 'username': spec['remote_user'], - 'password': optional_secret(spec['password']), - 'port': spec['port'], - 'python_path': spec['python_path'], + 'hostname': spec.remote_addr(), + 'username': spec.remote_user(), + 'password': optional_secret(spec.password()), + 'port': spec.port(), + 'python_path': spec.python_path(), 'identity_file': private_key_file, 'identities_only': False, - 'ssh_path': spec['ssh_executable'], - 'connect_timeout': spec['ansible_ssh_timeout'], - 'ssh_args': spec['ssh_args'], - 'ssh_debug_level': spec['mitogen_ssh_debug_level'], + 'ssh_path': spec.ssh_executable(), + 'connect_timeout': spec.ansible_ssh_timeout(), + 'ssh_args': spec.ssh_args(), + 'ssh_debug_level': spec.mitogen_ssh_debug_level(), } } @@ -139,10 +131,10 @@ def _connect_docker(spec): return { 'method': 'docker', 'kwargs': { - 'username': spec['remote_user'], - 'container': spec['remote_addr'], - 'python_path': spec['python_path'], - 'connect_timeout': spec['ansible_ssh_timeout'] or spec['timeout'], + 'username': spec.remote_user(), + 'container': spec.remote_addr(), + 'python_path': spec.python_path(), + 'connect_timeout': spec.ansible_ssh_timeout() or spec.timeout(), } } @@ -154,11 +146,11 @@ def _connect_kubectl(spec): return { 'method': 'kubectl', 'kwargs': { - 'pod': spec['remote_addr'], - 'python_path': spec['python_path'], - 'connect_timeout': spec['ansible_ssh_timeout'] or spec['timeout'], - 'kubectl_path': spec['mitogen_kubectl_path'], - 'kubectl_args': spec['extra_args'], + 'pod': spec.remote_addr(), + 'python_path': spec.python_path(), + 'connect_timeout': spec.ansible_ssh_timeout() or spec.timeout(), + 'kubectl_path': spec.mitogen_kubectl_path(), + 'kubectl_args': spec.extra_args(), } } @@ -170,10 +162,10 @@ def _connect_jail(spec): return { 'method': 'jail', 'kwargs': { - 'username': spec['remote_user'], - 'container': spec['remote_addr'], - 'python_path': spec['python_path'], - 'connect_timeout': spec['ansible_ssh_timeout'] or spec['timeout'], + 'username': spec.remote_user(), + 'container': spec.remote_addr(), + 'python_path': spec.python_path(), + 'connect_timeout': spec.ansible_ssh_timeout() or spec.timeout(), } } @@ -185,10 +177,10 @@ def _connect_lxc(spec): return { 'method': 'lxc', 'kwargs': { - 'container': spec['remote_addr'], - 'python_path': spec['python_path'], - 'lxc_attach_path': spec['mitogen_lxc_attach_path'], - 'connect_timeout': spec['ansible_ssh_timeout'] or spec['timeout'], + 'container': spec.remote_addr(), + 'python_path': spec.python_path(), + 'lxc_attach_path': spec.mitogen_lxc_attach_path(), + 'connect_timeout': spec.ansible_ssh_timeout() or spec.timeout(), } } @@ -200,10 +192,10 @@ def _connect_lxd(spec): return { 'method': 'lxd', 'kwargs': { - 'container': spec['remote_addr'], - 'python_path': spec['python_path'], - 'lxc_path': spec['mitogen_lxc_path'], - 'connect_timeout': spec['ansible_ssh_timeout'] or spec['timeout'], + 'container': spec.remote_addr(), + 'python_path': spec.python_path(), + 'lxc_path': spec.mitogen_lxc_path(), + 'connect_timeout': spec.ansible_ssh_timeout() or spec.timeout(), } } @@ -212,24 +204,24 @@ def _connect_machinectl(spec): """ Return ContextService arguments for a machinectl connection. """ - return _connect_setns(dict(spec, mitogen_kind='machinectl')) + return _connect_setns(spec, kind='machinectl') -def _connect_setns(spec): +def _connect_setns(spec, kind=None): """ Return ContextService arguments for a mitogen_setns connection. """ return { 'method': 'setns', 'kwargs': { - 'container': spec['remote_addr'], - 'username': spec['remote_user'], - 'python_path': spec['python_path'], - 'kind': spec['mitogen_kind'], - 'docker_path': spec['mitogen_docker_path'], - 'lxc_path': spec['mitogen_lxc_path'], - 'lxc_info_path': spec['mitogen_lxc_info_path'], - 'machinectl_path': spec['mitogen_machinectl_path'], + 'container': spec.remote_addr(), + 'username': spec.remote_user(), + 'python_path': spec.python_path(), + 'kind': kind or spec.mitogen_kind(), + 'docker_path': spec.mitogen_docker_path(), + 'lxc_path': spec.mitogen_lxc_path(), + 'lxc_info_path': spec.mitogen_lxc_info_path(), + 'machinectl_path': spec.mitogen_machinectl_path(), } } @@ -242,11 +234,11 @@ def _connect_su(spec): 'method': 'su', 'enable_lru': True, 'kwargs': { - 'username': spec['become_user'], - 'password': optional_secret(spec['become_pass']), - 'python_path': spec['python_path'], - 'su_path': spec['become_exe'], - 'connect_timeout': spec['timeout'], + 'username': spec.become_user(), + 'password': optional_secret(spec.become_pass()), + 'python_path': spec.python_path(), + 'su_path': spec.become_exe(), + 'connect_timeout': spec.timeout(), } } @@ -259,12 +251,12 @@ def _connect_sudo(spec): 'method': 'sudo', 'enable_lru': True, 'kwargs': { - 'username': spec['become_user'], - 'password': optional_secret(spec['become_pass']), - 'python_path': spec['python_path'], - 'sudo_path': spec['become_exe'], - 'connect_timeout': spec['timeout'], - 'sudo_args': spec['sudo_args'], + 'username': spec.become_user(), + 'password': optional_secret(spec.become_pass()), + 'python_path': spec.python_path(), + 'sudo_path': spec.become_exe(), + 'connect_timeout': spec.timeout(), + 'sudo_args': spec.sudo_args(), } } @@ -277,11 +269,11 @@ def _connect_doas(spec): 'method': 'doas', 'enable_lru': True, 'kwargs': { - 'username': spec['become_user'], - 'password': optional_secret(spec['become_pass']), - 'python_path': spec['python_path'], - 'doas_path': spec['become_exe'], - 'connect_timeout': spec['timeout'], + 'username': spec.become_user(), + 'password': optional_secret(spec.become_pass()), + 'python_path': spec.python_path(), + 'doas_path': spec.become_exe(), + 'connect_timeout': spec.timeout(), } } @@ -293,11 +285,11 @@ def _connect_mitogen_su(spec): return { 'method': 'su', 'kwargs': { - 'username': spec['remote_user'], - 'password': optional_secret(spec['password']), - 'python_path': spec['python_path'], - 'su_path': spec['become_exe'], - 'connect_timeout': spec['timeout'], + 'username': spec.remote_user(), + 'password': optional_secret(spec.password()), + 'python_path': spec.python_path(), + 'su_path': spec.become_exe(), + 'connect_timeout': spec.timeout(), } } @@ -309,12 +301,12 @@ def _connect_mitogen_sudo(spec): return { 'method': 'sudo', 'kwargs': { - 'username': spec['remote_user'], - 'password': optional_secret(spec['password']), - 'python_path': spec['python_path'], - 'sudo_path': spec['become_exe'], - 'connect_timeout': spec['timeout'], - 'sudo_args': spec['sudo_args'], + 'username': spec.remote_user(), + 'password': optional_secret(spec.password()), + 'python_path': spec.python_path(), + 'sudo_path': spec.become_exe(), + 'connect_timeout': spec.timeout(), + 'sudo_args': spec.sudo_args(), } } @@ -326,11 +318,11 @@ def _connect_mitogen_doas(spec): return { 'method': 'doas', 'kwargs': { - 'username': spec['remote_user'], - 'password': optional_secret(spec['password']), - 'python_path': spec['python_path'], - 'doas_path': spec['become_exe'], - 'connect_timeout': spec['timeout'], + 'username': spec.remote_user(), + 'password': optional_secret(spec.password()), + 'python_path': spec.python_path(), + 'doas_path': spec.become_exe(), + 'connect_timeout': spec.timeout(), } } @@ -357,107 +349,6 @@ CONNECTION_METHOD = { } -def config_from_play_context(transport, inventory_name, connection): - """ - Return a dict representing all important connection configuration, allowing - the same functions to work regardless of whether configuration came from - play_context (direct connection) or host vars (mitogen_via=). - """ - return { - 'transport': transport, - 'inventory_name': inventory_name, - 'remote_addr': connection._play_context.remote_addr, - 'remote_user': connection._play_context.remote_user, - 'become': connection._play_context.become, - 'become_method': connection._play_context.become_method, - 'become_user': connection._play_context.become_user, - 'become_pass': connection._play_context.become_pass, - 'password': connection._play_context.password, - 'port': connection._play_context.port, - 'python_path': parse_python_path( - connection.get_task_var('ansible_python_interpreter', - default='/usr/bin/python') - ), - 'private_key_file': connection._play_context.private_key_file, - 'ssh_executable': connection._play_context.ssh_executable, - 'timeout': connection._play_context.timeout, - 'ansible_ssh_timeout': - connection.get_task_var('ansible_ssh_timeout', - default=C.DEFAULT_TIMEOUT), - 'ssh_args': [ - mitogen.core.to_text(term) - for s in ( - getattr(connection._play_context, 'ssh_args', ''), - getattr(connection._play_context, 'ssh_common_args', ''), - getattr(connection._play_context, 'ssh_extra_args', '') - ) - for term in ansible.utils.shlex.shlex_split(s or '') - ], - 'become_exe': connection._play_context.become_exe, - 'sudo_args': [ - mitogen.core.to_text(term) - for s in ( - connection._play_context.sudo_flags, - connection._play_context.become_flags - ) - for term in ansible.utils.shlex.shlex_split(s or '') - ], - 'mitogen_via': - connection.get_task_var('mitogen_via'), - 'mitogen_kind': - connection.get_task_var('mitogen_kind'), - 'mitogen_docker_path': - connection.get_task_var('mitogen_docker_path'), - 'mitogen_kubectl_path': - connection.get_task_var('mitogen_kubectl_path'), - 'mitogen_lxc_path': - connection.get_task_var('mitogen_lxc_path'), - 'mitogen_lxc_attach_path': - connection.get_task_var('mitogen_lxc_attach_path'), - 'mitogen_lxc_info_path': - connection.get_task_var('mitogen_lxc_info_path'), - 'mitogen_machinectl_path': - connection.get_task_var('mitogen_machinectl_path'), - 'mitogen_ssh_debug_level': - optional_int( - connection.get_task_var('mitogen_ssh_debug_level') - ), - 'extra_args': - connection.get_extra_args(), - } - - -def config_from_hostvars(transport, inventory_name, connection, - hostvars, become_user): - """ - Override config_from_play_context() to take equivalent information from - host vars. - """ - config = config_from_play_context(transport, inventory_name, connection) - hostvars = dict(hostvars) - return dict(config, **{ - 'remote_addr': hostvars.get('ansible_host', inventory_name), - 'become': bool(become_user), - 'become_user': become_user, - 'become_pass': None, - 'remote_user': hostvars.get('ansible_user'), # TODO - 'password': (hostvars.get('ansible_ssh_pass') or - hostvars.get('ansible_password')), - 'port': hostvars.get('ansible_port'), - 'python_path': parse_python_path(hostvars.get('ansible_python_interpreter')), - 'private_key_file': (hostvars.get('ansible_ssh_private_key_file') or - hostvars.get('ansible_private_key_file')), - 'mitogen_via': hostvars.get('mitogen_via'), - 'mitogen_kind': hostvars.get('mitogen_kind'), - 'mitogen_docker_path': hostvars.get('mitogen_docker_path'), - 'mitogen_kubectl_path': hostvars.get('mitogen_kubectl_path'), - 'mitogen_lxc_path': hostvars.get('mitogen_lxc_path'), - 'mitogen_lxc_attach_path': hostvars.get('mitogen_lxc_attach_path'), - 'mitogen_lxc_info_path': hostvars.get('mitogen_lxc_info_path'), - 'mitogen_machinectl_path': hostvars.get('mitogen_machinctl_path'), - }) - - class CallChain(mitogen.parent.CallChain): """ Extend :class:`mitogen.parent.CallChain` to additionally cause the @@ -599,8 +490,26 @@ class Connection(ansible.plugins.connection.ConnectionBase): self._mitogen_reset(mode='put') def get_task_var(self, key, default=None): - if self._task_vars and key in self._task_vars: - return self._task_vars[key] + """ + Fetch the value of a task variable related to connection configuration, + or, if delegate_to is active, fetch the same variable via HostVars for + the delegated-to machine. + + When running with delegate_to, Ansible tasks have variables associated + with the original machine, therefore it does not make sense to extract + connection-related configuration information from them. + """ + if self._task_vars: + if self.delegate_to_hostname is None: + if key in self._task_vars: + return self._task_vars[key] + else: + delegated_vars = self._task_vars['ansible_delegated_vars'] + if self.delegate_to_hostname in delegated_vars: + task_vars = delegated_vars[self.delegate_to_hostname] + if key in task_vars: + return task_vars[key] + return default @property @@ -612,12 +521,14 @@ class Connection(ansible.plugins.connection.ConnectionBase): def connected(self): return self.context is not None - def _config_from_via(self, via_spec): + def _spec_from_via(self, via_spec): """ Produce a dict connection specifiction given a string `via_spec`, of the form `[become_user@]inventory_hostname`. """ become_user, _, inventory_name = via_spec.rpartition('@') + become_method, _, become_user = become_user.rpartition(':') + via_vars = self.host_vars[inventory_name] if isinstance(via_vars, jinja2.runtime.Undefined): raise ansible.errors.AnsibleConnectionFailure( @@ -627,39 +538,38 @@ class Connection(ansible.plugins.connection.ConnectionBase): ) ) - return config_from_hostvars( - transport=via_vars.get('ansible_connection', 'ssh'), + return ansible_mitogen.transport_config.MitogenViaSpec( inventory_name=inventory_name, - connection=self, - hostvars=via_vars, + host_vars=dict(via_vars), # TODO: make it lazy + become_method=become_method or None, become_user=become_user or None, ) unknown_via_msg = 'mitogen_via=%s of %s specifies an unknown hostname' via_cycle_msg = 'mitogen_via=%s of %s creates a cycle (%s)' - def _stack_from_config(self, config, stack=(), seen_names=()): - if config['inventory_name'] in seen_names: + def _stack_from_spec(self, spec, stack=(), seen_names=()): + if spec.inventory_name() in seen_names: raise ansible.errors.AnsibleConnectionFailure( self.via_cycle_msg % ( - config['mitogen_via'], - config['inventory_name'], + spec.mitogen_via(), + spec.inventory_name(), ' -> '.join(reversed( - seen_names + (config['inventory_name'],) + seen_names + (spec.inventory_name(),) )), ) ) - if config['mitogen_via']: - stack, seen_names = self._stack_from_config( - self._config_from_via(config['mitogen_via']), + if spec.mitogen_via(): + stack, seen_names = self._stack_from_spec( + self._spec_from_via(spec.mitogen_via()), stack=stack, - seen_names=seen_names + (config['inventory_name'],) + seen_names=seen_names + (spec.inventory_name(),), ) - stack += (CONNECTION_METHOD[config['transport']](config),) - if config['become']: - stack += (CONNECTION_METHOD[config['become_method']](config),) + stack += (CONNECTION_METHOD[spec.transport()](spec),) + if spec.become(): + stack += (CONNECTION_METHOD[spec.become_method()](spec),) return stack, seen_names @@ -675,24 +585,13 @@ class Connection(ansible.plugins.connection.ConnectionBase): broker=self.broker, ) - def _config_from_direct_connection(self): - """ - """ - return config_from_play_context( - transport=self.transport, - inventory_name=self.inventory_hostname, - connection=self - ) - - def _config_from_delegate_to(self): - return config_from_hostvars( - transport=self._play_context.connection, - inventory_name=self.delegate_to_hostname, + def _build_spec(self): + inventory_hostname = self.inventory_hostname + return ansible_mitogen.transport_config.PlayContextSpec( connection=self, - hostvars=self.host_vars[self.delegate_to_hostname], - become_user=(self._play_context.become_user - if self._play_context.become - else None), + play_context=self._play_context, + transport=self.transport, + inventory_name=inventory_hostname, ) def _build_stack(self): @@ -702,12 +601,8 @@ class Connection(ansible.plugins.connection.ConnectionBase): additionally used by the integration tests "mitogen_get_stack" action to fetch the would-be connection configuration. """ - if self.delegate_to_hostname is not None: - target_config = self._config_from_delegate_to() - else: - target_config = self._config_from_direct_connection() - - stack, _ = self._stack_from_config(target_config) + config = self._build_spec() + stack, _ = self._stack_from_spec(config) return stack def _connect_stack(self, stack): diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py new file mode 100644 index 00000000..2ad37c33 --- /dev/null +++ b/ansible_mitogen/transport_config.py @@ -0,0 +1,330 @@ + +""" +Mitogen extends Ansible's regular host configuration mechanism in several ways +that require quite a lot of care: + +* Some per-task configurables in Ansible like ansible_python_interpreter are + connection-layer configurables in Mitogen. They must be extracted during each + task execution to form the complete connection-layer configuration. + +* Mitogen has extra configurables not supported by Ansible at all, such as + mitogen_ssh_debug_level. These are extracted the same way as + ansible_python_interpreter. + +* Mitogen allows connections to be delegated to other machines. Ansible has no + internal framework for this, and so Mitogen must figure out a delegated + connection configuration all for itself. This means it cannot reuse much of + the Ansible machinery for building a connection configuration, as that + machinery is deeply spread and out hard-wired to expect Ansible's usual mode + of operation. + +For delegated connections, Ansible's PlayContext information is reused where +possible, but for proxy hops, configurations are built up using the HostVars +magic class to call VariableManager.get_vars() behind the scenes on our behalf. +Where Ansible has multiple sources of a configuration item, for example, +ansible_ssh_extra_args, Mitogen must (ideally perfectly) reproduce how Ansible +arrives at its value, without using mechanisms that are hard-wired or change +across Ansible versions. + +That is what this file is for. It exports two spec classes, one that takes all +information from PlayContext, and another that takes (almost) all information +from HostVars. +""" + +import os +import ansible.utils.shlex +import ansible.constants as C + +import mitogen.core + + +def parse_python_path(s): + """ + Given the string set for ansible_python_interpeter, parse it using shell + syntax and return an appropriate argument vector. + """ + if s: + return ansible.utils.shlex.shlex_split(s) + + +class PlayContextSpec: + """ + Return a dict representing all important connection configuration, allowing + the same functions to work regardless of whether configuration came from + play_context (direct connection) or host vars (mitogen_via=). + """ + def __init__(self, connection, play_context, transport, inventory_name): + self._connection = connection + self._play_context = play_context + self._transport = transport + self._inventory_name = inventory_name + + def transport(self): + return self._transport + + def inventory_name(self): + return self._inventory_name + + def remote_addr(self): + return self._play_context.remote_addr + + def remote_user(self): + return self._play_context.remote_user + + def become(self): + return self._play_context.become + + def become_method(self): + return self._play_context.become_method + + def become_user(self): + return self._play_context.become_user + + def become_pass(self): + return self._play_context.become_pass + + def password(self): + return self._play_context.password + + def port(self): + return self._play_context.port + + def python_path(self): + return parse_python_path( + self._connection.get_task_var('ansible_python_interpreter') + ) + + def private_key_file(self): + return self._play_context.private_key_file + + def ssh_executable(self): + return self._play_context.ssh_executable + + def timeout(self): + return self._play_context.timeout + + def ansible_ssh_timeout(self): + return ( + self._connection.get_task_var('ansible_timeout') or + self._connection.get_task_var('ansible_ssh_timeout') or + self._play_context.timeout + ) + + def ssh_args(self): + return [ + mitogen.core.to_text(term) + for s in ( + getattr(self._play_context, 'ssh_args', ''), + getattr(self._play_context, 'ssh_common_args', ''), + getattr(self._play_context, 'ssh_extra_args', '') + ) + for term in ansible.utils.shlex.shlex_split(s or '') + ] + + def become_exe(self): + return self._play_context.become_exe + + def sudo_args(self): + return [ + mitogen.core.to_text(term) + for s in ( + self._play_context.sudo_flags, + self._play_context.become_flags + ) + for term in ansible.utils.shlex.shlex_split(s or '') + ] + + def mitogen_via(self): + return self._connection.get_task_var('mitogen_via') + + def mitogen_kind(self): + return self._connection.get_task_var('mitogen_kind') + + def mitogen_docker_path(self): + return self._connection.get_task_var('mitogen_docker_path') + + def mitogen_kubectl_path(self): + return self._connection.get_task_var('mitogen_kubectl_path') + + def mitogen_lxc_path(self): + return self._connection.get_task_var('mitogen_lxc_path') + + def mitogen_lxc_attach_path(self): + return self._connection.get_task_var('mitogen_lxc_attach_path') + + def mitogen_lxc_info_path(self): + return self._connection.get_task_var('mitogen_lxc_info_path') + + def mitogen_machinectl_path(self): + return self._connection.get_task_var('mitogen_machinectl_path') + + def mitogen_ssh_debug_level(self): + return self._connection.get_task_var('mitogen_ssh_debug_level') + + def extra_args(self): + return self._connection.get_extra_args() + + +class MitogenViaSpec: + def __init__(self, inventory_name, host_vars, + become_method, become_user): + self._inventory_name = inventory_name + self._host_vars = host_vars + self._become_method = become_method + self._become_user = become_user + + def transport(self): + return ( + self._host_vars.get('ansible_connection') or + C.DEFAULT_TRANSPORT + ) + + def inventory_name(self): + return self._inventory_name + + def remote_addr(self): + return ( + self._host_vars.get('ansible_host') or + self._inventory_name + ) + + def remote_user(self): + return ( + self._host_vars.get('ansible_user') or + self._host_vars.get('ansible_ssh_user') or + C.DEFAULT_REMOTE_USER + ) + + def become(self): + return bool(self._become_user) + + def become_method(self): + return self._become_method or C.DEFAULT_BECOME_METHOD + + def become_user(self): + return self._become_user + + def become_pass(self): + return ( + # TODO: Might have to come from PlayContext. + self._host_vars.get('ansible_become_password') or + self._host_vars.get('ansible_become_pass') + ) + + def password(self): + return ( + # TODO: Might have to come from PlayContext. + self._host_vars.get('ansible_ssh_pass') or + self._host_vars.get('ansible_password') + ) + + def port(self): + return ( + self._host_vars.get('ansible_port') or + C.DEFAULT_REMOTE_PORT + ) + + def python_path(self): + s = parse_python_path( + self._host_vars.get('ansible_python_interpreter') + # This variable has no default for remote hosts. For local hosts it + # is sys.executable. + ) + print('hi ho', self.inventory_name(), s) + return s + + def private_key_file(self): + # TODO: must come from PlayContext too. + return ( + self._host_vars.get('ansible_ssh_private_key_file') or + self._host_vars.get('ansible_private_key_file') or + C.DEFAULT_PRIVATE_KEY_FILE + ) + + def ssh_executable(self): + return ( + self._host_vars.get('ansible_ssh_executable') or + C.ANSIBLE_SSH_EXECUTABLE + ) + + def timeout(self): + # TODO: must come from PlayContext too. + return C.DEFAULT_TIMEOUT + + def ansible_ssh_timeout(self): + return ( + self._host_vars.get('ansible_timeout') or + self._host_vars.get('ansible_ssh_timeout') or + self.timeout() + ) + + def ssh_args(self): + return [ + mitogen.core.to_text(term) + for s in ( + ( + self._host_vars.get('ansible_ssh_args') or + getattr(C, 'ANSIBLE_SSH_ARGS', None) or + os.environ.get('ANSIBLE_SSH_ARGS') + # TODO: ini entry. older versions. + ), + ( + self._host_vars.get('ansible_ssh_common_args') or + os.environ.get('ANSIBLE_SSH_COMMON_ARGS') + # TODO: ini entry. + ), + ( + self._host_vars.get('ansible_ssh_extra_args') or + os.environ.get('ANSIBLE_SSH_EXTRA_ARGS') + # TODO: ini entry. + ), + ) + for term in ansible.utils.shlex.shlex_split(s) + if s + ] + + def become_exe(self): + return ( + self._host_vars.get('ansible_become_exe') or + C.DEFAULT_BECOME_EXE + ) + + def sudo_args(self): + return [ + mitogen.core.to_text(term) + for s in ( + self._host_vars.get('ansible_sudo_flags') or '', + self._host_vars.get('ansible_become_flags') or '', + ) + for term in ansible.utils.shlex.shlex_split(s) + ] + + def mitogen_via(self): + return self._host_vars.get('mitogen_via') + + def mitogen_kind(self): + return self._host_vars.get('mitogen_kind') + + def mitogen_docker_path(self): + return self._host_vars.get('mitogen_docker_path') + + def mitogen_kubectl_path(self): + return self._host_vars.get('mitogen_kubectl_path') + + def mitogen_lxc_path(self): + return self.host_vars.get('mitogen_lxc_path') + + def mitogen_lxc_attach_path(self): + return self._host_vars.get('mitogen_lxc_attach_path') + + def mitogen_lxc_info_path(self): + return self._host_vars.get('mitogen_lxc_info_path') + + def mitogen_machinectl_path(self): + return self._host_vars.get('mitogen_machinectl_path') + + def mitogen_ssh_debug_level(self): + return self._host_vars.get('mitogen_ssh_debug_level') + + def extra_args(self): + return [] # TODO diff --git a/tests/ansible/integration/connection_delegation/delegate_to_template.yml b/tests/ansible/integration/connection_delegation/delegate_to_template.yml index b6b33355..1ffdc714 100644 --- a/tests/ansible/integration/connection_delegation/delegate_to_template.yml +++ b/tests/ansible/integration/connection_delegation/delegate_to_template.yml @@ -70,7 +70,7 @@ ], 'ssh_debug_level': null, 'ssh_path': 'ssh', - 'username': null, + 'username': 'ansible-cfg-remote-user', }, 'method': 'ssh', } diff --git a/tests/ansible/integration/connection_delegation/osa_delegate_to_self.yml b/tests/ansible/integration/connection_delegation/osa_delegate_to_self.yml index d8d25f9f..a761c432 100644 --- a/tests/ansible/integration/connection_delegation/osa_delegate_to_self.yml +++ b/tests/ansible/integration/connection_delegation/osa_delegate_to_self.yml @@ -25,7 +25,7 @@ 'lxc_path': null, 'machinectl_path': null, 'python_path': null, - 'username': null, + 'username': 'ansible-cfg-remote-user', }, 'method': 'setns', }, diff --git a/tests/ansible/integration/connection_delegation/stack_construction.yml b/tests/ansible/integration/connection_delegation/stack_construction.yml index 726ef5e6..1ab14218 100644 --- a/tests/ansible/integration/connection_delegation/stack_construction.yml +++ b/tests/ansible/integration/connection_delegation/stack_construction.yml @@ -43,7 +43,7 @@ "connect_timeout": 10, "doas_path": null, "password": null, - "python_path": ["/usr/bin/python"], + "python_path": null, "username": "normal-user", }, "method": "doas", @@ -108,7 +108,7 @@ 'identity_file': null, 'password': null, 'port': null, - 'python_path': ['/usr/bin/python'], + 'python_path': null, 'ssh_args': [ '-o', 'ForwardAgent=yes', @@ -155,7 +155,7 @@ 'identity_file': null, 'password': null, 'port': null, - 'python_path': ['/usr/bin/python'], + 'python_path': null, 'ssh_args': [ '-o', 'ForwardAgent=yes', @@ -166,7 +166,7 @@ ], 'ssh_debug_level': null, 'ssh_path': 'ssh', - 'username': null, + 'username': 'ansible-cfg-remote-user', }, 'method': 'ssh', }, @@ -216,7 +216,7 @@ 'identity_file': null, 'password': null, 'port': null, - 'python_path': ['/usr/bin/python'], + 'python_path': null, 'ssh_args': [ '-o', 'ForwardAgent=yes', @@ -227,7 +227,7 @@ ], 'ssh_debug_level': null, 'ssh_path': 'ssh', - 'username': null, + 'username': 'ansible-cfg-remote-user', }, 'method': 'ssh', }, @@ -263,7 +263,7 @@ 'identity_file': null, 'password': null, 'port': null, - 'python_path': ['/usr/bin/python'], + 'python_path': null, 'ssh_args': [ '-o', 'ForwardAgent=yes', @@ -363,7 +363,7 @@ 'connect_timeout': 10, 'doas_path': null, 'password': null, - 'python_path': ['/usr/bin/python'], + 'python_path': null, 'username': 'newuser-doas-normal-user', }, 'method': 'doas', diff --git a/tests/ansible/integration/stub_connections/setns_lxc.yml b/tests/ansible/integration/stub_connections/setns_lxc.yml index 4bb21db7..42f6658a 100644 --- a/tests/ansible/integration/stub_connections/setns_lxc.yml +++ b/tests/ansible/integration/stub_connections/setns_lxc.yml @@ -21,6 +21,7 @@ -e mitogen_lxc_info_path={{git_basedir}}/tests/data/stubs/stub-lxc-info.py -m shell -a "echo hi" + -u root localhost args: chdir: ../.. diff --git a/tests/ansible/integration/stub_connections/setns_lxd.yml b/tests/ansible/integration/stub_connections/setns_lxd.yml index e430daa9..b7add672 100644 --- a/tests/ansible/integration/stub_connections/setns_lxd.yml +++ b/tests/ansible/integration/stub_connections/setns_lxd.yml @@ -21,6 +21,7 @@ -e mitogen_lxc_path={{git_basedir}}/tests/data/stubs/stub-lxc.py -m shell -a "echo hi" + -u root localhost args: chdir: ../.. @@ -29,4 +30,3 @@ - assert: that: result.rc == 0 -