def give_inventory_and_data_loader(
) -> Tuple[InventoryManager, dataloader.DataLoader, VariableManager]:
data_loader = dataloader.DataLoader()
# create the inventory, and filter it based on the subset specified (if any)
inventory = InventoryManager(loader=data_loader, sources="localhost")
inventory.add_group("all")
inventory.add_group("ungrouped")
inventory.add_host("localhost", group="ungrouped")
inventory.add_host("spire_server", group="ungrouped")
# create the variable manager, which will be shared throughout
# the code, ensuring a consistent view of global variables
var_manager = VariableManager(loader=data_loader,
inventory=inventory,
version_info=None)
var_manager.set_host_variable("spire_server", "ansible_connection",
"local")
var_manager.set_host_variable("spire_server", "ansible_host", "localhost")
python_path = sys.executable
var_manager.set_host_variable("spire_server", "ansible_python_interpreter",
python_path)
var_manager.set_host_variable("localhost", "ansible_python_interpreter",
python_path)
return inventory, data_loader, var_manager
def run_module(self, module_name='ping', module_args=None, hosts="all",
inventory_file=None, **kwargs):
if not module_args:
check_raw = module_name in ('command', 'win_command', 'shell',
'win_shell', 'script', 'raw')
module_args = parse_kv(constants.DEFAULT_MODULE_ARGS, check_raw)
conn_pass = None
if 'conn_pass' in kwargs:
conn_pass = kwargs['conn_pass']
become_pass = None
if 'become_pass' in kwargs:
become_pass = kwargs['become_pass']
passwords = {'conn_pass': conn_pass, 'become_pass': become_pass}
options = self._build_opt_dict(inventory_file, **kwargs)
variable_manager = vars.VariableManager()
loader = dataloader.DataLoader()
variable_manager.extra_vars = options.extra_vars
ansible_inv = inventory.Inventory(loader=loader,
variable_manager=variable_manager,
host_list=options.inventory)
variable_manager.set_inventory(ansible_inv)
ansible_inv.subset(options.subset)
play_ds = self._play_ds(hosts, module_name, module_args)
play_obj = play.Play().load(play_ds, variable_manager=variable_manager,
loader=loader)
try:
tqm = task_queue_manager.TaskQueueManager(
inventory=ansible_inv,
variable_manager=variable_manager,
loader=loader,
options=options,
passwords=passwords,
stdout_callback='minimal',
run_additional_callbacks=True
)
# There is no public API for adding callbacks, hence we use a
# private property to add callbacks
tqm._callback_plugins.extend(self._callbacks)
result = tqm.run(play_obj)
finally:
if tqm:
tqm.cleanup()
if loader:
loader.cleanup_all_tmp_files()
stats = tqm._stats
result = self._process_stats(stats)
return result
def vault_decrypt(value):
vault_password = cli.CLI.read_vault_password_file(
_get_vault_password_file(), dataloader.DataLoader())
this_vault = vault.VaultLib(vault_password)
try:
return this_vault.decrypt(value)
except errors.AnsibleError:
return None
def run_playbook(self, playbook_file, inventory_file=None, **kwargs):
reload(constants)
if not os.path.isfile(playbook_file):
raise exceptions.FileNotFound(name=playbook_file)
if inventory_file is None:
inventory_file = self.inventory_file
LOG.debug('Running with inventory file: %s', inventory_file)
LOG.debug('Running with playbook file: %s', playbook_file)
conn_pass = None
if 'conn_pass' in kwargs:
conn_pass = kwargs['conn_pass']
become_pass = None
if 'become_pass' in kwargs:
become_pass = kwargs['become_pass']
passwords = {'conn_pass': conn_pass, 'become_pass': become_pass}
playbooks = [playbook_file]
options = self._build_opt_dict(inventory_file, **kwargs)
variable_manager = vars.VariableManager()
loader = dataloader.DataLoader()
options.extra_vars = {six.u(key): six.u(value)
for key, value in options.extra_vars.items()}
variable_manager.extra_vars = options.extra_vars
ansible_inv = inventory.Inventory(loader=loader,
variable_manager=variable_manager,
host_list=options.inventory)
ansible_inv.set_playbook_basedir(os.path.dirname(playbook_file))
variable_manager.set_inventory(ansible_inv)
ansible_inv.subset(options.subset)
pbex = playbook_executor.PlaybookExecutor(
playbooks=playbooks,
inventory=ansible_inv,
variable_manager=variable_manager,
loader=loader,
options=options,
passwords=passwords)
self.tqm = pbex._tqm
errors_callback = ErrorsCallback()
self.add_callback(errors_callback)
# There is no public API for adding callbacks, hence we use a private
# property to add callbacks
pbex._tqm._callback_plugins.extend(self._callbacks)
status = pbex.run()
stats = pbex._tqm._stats
failed_results = errors_callback.failed_results
result = self._process_stats(stats, failed_results)
return result
def run_playbook(self, playbook_file, inventory_file=None, **kwargs):
reload(constants)
if not os.path.isfile(playbook_file):
raise exceptions.FileNotFound(name=playbook_file)
if inventory_file is None:
inventory_file = self.inventory_file
LOG.debug('Running with inventory file: %s', inventory_file)
LOG.debug('Running with playbook file: %s', playbook_file)
conn_pass = None
if 'conn_pass' in kwargs:
conn_pass = kwargs['conn_pass']
become_pass = None
if 'become_pass' in kwargs:
become_pass = kwargs['become_pass']
passwords = {'conn_pass': conn_pass, 'become_pass': become_pass}
playbooks = [playbook_file]
options = self._build_opt_dict(inventory_file, **kwargs)
if six.PY2:
options.extra_vars = json.loads(json.dumps(options.extra_vars))
loader = dataloader.DataLoader()
inventory = InventoryManager(loader=loader, sources=options.inventory)
# create the variable manager, which will be shared throughout
# the code, ensuring a consistent view of global variables
variable_manager = VariableManager(loader=loader, inventory=inventory)
variable_manager.extra_vars = options.extra_vars
inventory.subset(options.subset)
pbex = playbook_executor.PlaybookExecutor(
playbooks=playbooks,
inventory=inventory,
variable_manager=variable_manager,
loader=loader,
options=options,
passwords=passwords)
self.tqm = pbex._tqm
errors_callback = ErrorsCallback()
self.add_callback(errors_callback)
# There is no public API for adding callbacks, hence we use a private
# property to add callbacks
pbex._tqm._callback_plugins.extend(self._callbacks)
try:
pbex.run()
except errors.AnsibleParserError as e:
raise exceptions.ParsePlaybookError(msg=str(e))
stats = pbex._tqm._stats
failed_results = errors_callback.failed_results
result = self._process_stats(stats, failed_results)
return result
def _get_vault_lib():
loader = dataloader.DataLoader()
vault_ids = constants.DEFAULT_VAULT_IDENTITY_LIST
vault_secrets = cli.CLI.setup_vault_secrets(loader, vault_ids=vault_ids,
vault_password_files=[_get_vault_password_file()],
ask_vault_pass=False,
auto_prompt=False)
return vault.VaultLib(secrets=vault_secrets)
def _run_play(self, play_source, host_vars):
host_list = play_source['hosts']
loader = dataloader.DataLoader()
# FIXME(jpena): we need to behave differently if we are using
# Ansible >= 2.4.0.0. Remove when only versions > 2.4 are supported
if PRE_24_ANSIBLE:
variable_manager = VariableManager()
inventory_inst = Inventory(loader=loader,
variable_manager=variable_manager,
host_list=host_list)
variable_manager.set_inventory(inventory_inst)
else:
inventory_inst = Inventory(loader=loader,
sources=','.join(host_list) + ',')
variable_manager = VariableManager(loader=loader,
inventory=inventory_inst)
for host, variables in host_vars.items():
host_inst = inventory_inst.get_host(host)
for var_name, value in variables.items():
if value is not None:
variable_manager.set_host_variable(
host_inst, var_name, value)
storage = []
callback = MyCallback(storage)
tqm = task_queue_manager.TaskQueueManager(
inventory=inventory_inst,
variable_manager=variable_manager,
loader=loader,
options=self.options,
passwords=self.passwords,
stdout_callback=callback,
)
# create play
play_inst = play.Play().load(play_source,
variable_manager=variable_manager,
loader=loader)
# actually run it
try:
tqm.run(play_inst)
finally:
tqm.cleanup()
return storage
def _load_secrets(secrets_path, env_lookup_key=None):
if not env_lookup_key:
base, _ext = os.path.splitext(os.path.basename(secrets_path))
path_key = "%s_PASS" % base.upper()
else:
path_key = env_lookup_key
path_pass = os.getenv(path_key)
if not path_pass:
raise LookupError("Unable to find password for '%s'"
" under environment key '%s'" %
(secrets_path, path_key))
dl = dataloader.DataLoader()
if hasattr(dl, 'set_vault_password'):
dl.set_vault_password(path_pass)
else:
dl.set_vault_secrets([(C.DEFAULT_VAULT_IDENTITY,
vault.VaultSecret(path_pass))])
return _dictify(dl.load_from_file(secrets_path))
def _run_play(self, play_source, host_vars):
host_list = play_source['hosts']
loader = dataloader.DataLoader()
variable_manager = VariableManager()
inventory_inst = inventory.Inventory(loader=loader,
variable_manager=variable_manager,
host_list=host_list)
variable_manager.set_inventory(inventory_inst)
for host, variables in host_vars.items():
host_inst = inventory_inst.get_host(host)
for var_name, value in variables.items():
if value is not None:
variable_manager.set_host_variable(host_inst, var_name,
value)
storage = []
callback = MyCallback(storage)
tqm = task_queue_manager.TaskQueueManager(
inventory=inventory_inst,
variable_manager=variable_manager,
loader=loader,
options=self.options,
passwords=self.passwords,
stdout_callback=callback,
)
# create play
play_inst = play.Play().load(play_source,
variable_manager=variable_manager,
loader=loader)
# actually run it
try:
tqm.run(play_inst)
finally:
tqm.cleanup()
return storage
def _run_play(self, play_source):
host_list = play_source['hosts']
loader = dataloader.DataLoader()
variable_manager = VariableManager()
inventory_inst = inventory.Inventory(loader=loader,
variable_manager=variable_manager,
host_list=host_list)
variable_manager.set_inventory(inventory_inst)
passwords = dict(vault_pass='******')
# create play
play_inst = play.Play().load(play_source,
variable_manager=variable_manager,
loader=loader)
storage = []
callback = MyCallback(storage)
# actually run it
tqm = None
try:
tqm = task_queue_manager.TaskQueueManager(
inventory=inventory_inst,
variable_manager=variable_manager,
loader=loader,
options=self.options,
passwords=passwords,
stdout_callback=callback,
)
tqm.run(play_inst)
finally:
if tqm is not None:
tqm.cleanup()
return storage
def __init__(self, playbook, dci_context, options=None, verbosity=3):
if options is None:
self._options = Options()
self._options.verbosity = verbosity
self._options.connection = 'ssh'
self._options.become = True
self._options.become_method = 'sudo'
self._options.become_user = '******'
self._loader = dataloader.DataLoader()
self._variable_manager = vars.VariableManager()
task_queue_manager.display.verbosity = verbosity
callback.global_display.verbosity = verbosity
self._inventory = inventory.Inventory(
loader=self._loader,
variable_manager=self._variable_manager,
host_list='/etc/ansible/hosts')
self._variable_manager.set_inventory(self._inventory)
# Instantiate our Callback plugin
self._results_callback = DciCallback(dci_context=dci_context)
self._playbook = Playbook.load(playbook,
variable_manager=self._variable_manager,
loader=self._loader)
self._pbex = playbook_executor.PlaybookExecutor(
playbooks=[playbook],
inventory=self._inventory,
variable_manager=self._variable_manager,
loader=self._loader,
options=self._options,
passwords={})
def run_module(self,
module_name='ping',
module_args=None,
hosts="all",
inventory_file=None,
**kwargs):
if not module_args:
check_raw = module_name in ('command', 'win_command', 'shell',
'win_shell', 'script', 'raw')
module_args = parse_kv(constants.DEFAULT_MODULE_ARGS, check_raw)
conn_pass = None
if 'conn_pass' in kwargs:
conn_pass = kwargs['conn_pass']
become_pass = None
if 'become_pass' in kwargs:
become_pass = kwargs['become_pass']
passwords = {'conn_pass': conn_pass, 'become_pass': become_pass}
options = self._build_opt_dict(inventory_file, **kwargs)
# dynamically load any plugins
get_all_plugin_loaders()
loader = dataloader.DataLoader()
inventory = InventoryManager(loader=loader, sources=options.inventory)
# create the variable manager, which will be shared throughout
# the code, ensuring a consistent view of global variables
variable_manager = VariableManager(loader=loader, inventory=inventory)
options.extra_vars = {
six.u(key): six.u(value)
for key, value in options.extra_vars.items()
}
variable_manager.extra_vars = cli.load_extra_vars(loader, options)
inventory.subset(options.subset)
play_ds = self._play_ds(hosts, module_name, module_args)
play_obj = play.Play().load(play_ds,
variable_manager=variable_manager,
loader=loader)
try:
tqm = task_queue_manager.TaskQueueManager(
inventory=inventory,
variable_manager=variable_manager,
loader=loader,
options=options,
passwords=passwords,
stdout_callback='minimal',
run_additional_callbacks=True)
# There is no public API for adding callbacks, hence we use a
# private property to add callbacks
tqm._callback_plugins.extend(self._callbacks)
result = tqm.run(play_obj)
finally:
if tqm:
tqm.cleanup()
if loader:
loader.cleanup_all_tmp_files()
stats = tqm._stats
result = self._process_stats(stats)
return result
def vault_encrypt(value):
reload(constants)
vault_password = cli.CLI.read_vault_password_file(
constants.DEFAULT_VAULT_PASSWORD_FILE, dataloader.DataLoader())
this_vault = vault.VaultLib(vault_password)
return this_vault.encrypt(value)
def vault_encrypt(value):
vault_password = cli.CLI.read_vault_password_file(
_get_vault_password_file(), dataloader.DataLoader())
this_vault = vault.VaultLib(vault_password)
return this_vault.encrypt(value)
