def ansible_playbook(environment, playbook, *cmd_args):
if os.path.isabs(playbook):
playbook_path = playbook
else:
playbook_path = os.path.join(ANSIBLE_DIR, '{playbook}'.format(playbook=playbook))
cmd_parts = (
'ansible-playbook',
playbook_path,
'-i', environment.paths.inventory_source,
'-e', '@{}'.format(environment.paths.vault_yml),
'-e', '@{}'.format(environment.paths.public_yml),
'-e', '@{}'.format(environment.paths.generated_yml),
'--diff',
) + get_limit() + cmd_args
public_vars = environment.public_vars
cmd_parts += get_user_arg(public_vars, unknown_args, use_factory_auth)
if has_arg(unknown_args, '-D', '--diff') or has_arg(unknown_args, '-C', '--check'):
puts(colored.red("Options --diff and --check not allowed. Please remove -D, --diff, -C, --check."))
puts("These ansible-playbook options are managed automatically by commcare-cloud and cannot be set manually.")
return 2 # exit code
ask_vault_pass = public_vars.get('commcare_cloud_use_vault', True)
if ask_vault_pass:
cmd_parts += ('--vault-password-file={}/echo_vault_password.sh'.format(ANSIBLE_DIR),)
cmd_parts_with_common_ssh_args = get_common_ssh_args(environment, use_factory_auth=use_factory_auth)
cmd_parts += cmd_parts_with_common_ssh_args
cmd = ' '.join(shlex_quote(arg) for arg in cmd_parts)
print_command(cmd)
env_vars = ansible_context.env_vars
if ask_vault_pass:
env_vars['ANSIBLE_VAULT_PASSWORD'] = environment.get_ansible_vault_password()
return subprocess.call(cmd_parts, env=env_vars)
def ansible_playbook(environment, playbook, *cmd_args):
if os.path.isabs(playbook):
playbook_path = playbook
else:
playbook_path = os.path.join(
ANSIBLE_DIR, '{playbook}'.format(playbook=playbook))
cmd_parts = (
'ansible-playbook',
playbook_path,
'-i',
environment.paths.inventory_ini,
'-e',
'@{}'.format(environment.paths.vault_yml),
'-e',
'@{}'.format(environment.paths.public_yml),
'-e',
'@{}'.format(environment.paths.generated_yml),
'--diff',
) + get_limit() + cmd_args
public_vars = environment.public_vars
cmd_parts += get_user_arg(public_vars, unknown_args)
if not has_arg(unknown_args, '-f', '--forks'):
cmd_parts += ('--forks', '15')
if has_arg(unknown_args, '-D', '--diff') or has_arg(
unknown_args, '-C', '--check'):
puts(
colored.red(
"Options --diff and --check not allowed. Please remove -D, --diff, -C, --check."
))
puts(
"These ansible-playbook options are managed automatically by commcare-cloud and cannot be set manually."
)
return 2 # exit code
ask_vault_pass = public_vars.get('commcare_cloud_use_vault', True)
if ask_vault_pass:
cmd_parts += ('--vault-password-file=/bin/cat', )
cmd_parts_with_common_ssh_args = get_common_ssh_args(
environment, use_factory_auth=use_factory_auth)
cmd_parts += cmd_parts_with_common_ssh_args
cmd = ' '.join(shlex_quote(arg) for arg in cmd_parts)
print_command(cmd)
if ask_vault_pass:
environment.get_ansible_vault_password()
p = subprocess.Popen(cmd,
stdin=subprocess.PIPE,
shell=True,
env=ansible_context.env_vars)
if ask_vault_pass:
p.communicate(
input='{}\n'.format(environment.get_ansible_vault_password()))
else:
p.communicate()
return p.returncode
def ansible_playbook(environment, playbook, *cmd_args):
cmd_parts = (
'ansible-playbook',
os.path.join(ANSIBLE_DIR,
'{playbook}'.format(playbook=playbook)),
'-i',
environment.paths.inventory_ini,
'-e',
'@{}'.format(environment.paths.vault_yml),
'-e',
'@{}'.format(environment.paths.public_yml),
'-e',
'@{}'.format(environment.paths.generated_yml),
'--diff',
) + cmd_args
if not has_arg(unknown_args, '-u', '--user'):
cmd_parts += ('-u', 'ansible')
if not has_arg(unknown_args, '-f', '--forks'):
cmd_parts += ('--forks', '15')
known_hosts_filepath = environment.paths.known_hosts
if os.path.exists(known_hosts_filepath):
cmd_parts += ("--ssh-common-args='-o=UserKnownHostsFile=%s'" %
(known_hosts_filepath, ), )
if has_arg(unknown_args, '-D', '--diff') or has_arg(
unknown_args, '-C', '--check'):
puts(
colored.red(
"Options --diff and --check not allowed. Please remove -D, --diff, -C, --check."
))
puts(
"These ansible-playbook options are managed automatically by commcare-cloud and cannot be set manually."
)
return 2 # exit code
if ask_vault_pass:
cmd_parts += ('--vault-password-file=/bin/cat', )
cmd_parts += get_common_ssh_args(public_vars)
cmd = ' '.join(shlex_quote(arg) for arg in cmd_parts)
print_command(cmd)
if ask_vault_pass:
environment.get_ansible_vault_password()
p = subprocess.Popen(cmd,
stdin=subprocess.PIPE,
shell=True,
env=ansible_context.env_vars)
if ask_vault_pass:
p.communicate(input='{}\n'.format(
environment.get_ansible_vault_password()))
else:
p.communicate()
return p.returncode
def ansible_playbook(environment, playbook, *cmd_args):
if os.path.isabs(playbook):
playbook_path = playbook
else:
playbook_path = os.path.join(
ANSIBLE_DIR, '{playbook}'.format(playbook=playbook))
cmd_parts = (
'ansible-playbook',
playbook_path,
'-i',
environment.paths.inventory_source,
'-e',
'@{}'.format(environment.paths.vault_yml),
'-e',
'@{}'.format(environment.paths.public_yml),
'-e',
'@{}'.format(environment.paths.generated_yml),
'--diff',
) + get_limit() + cmd_args
public_vars = environment.public_vars
cmd_parts += get_user_arg(public_vars, unknown_args, use_factory_auth)
if has_arg(unknown_args, '-D', '--diff') or has_arg(
unknown_args, '-C', '--check'):
puts(
color_error("Options --diff and --check not allowed. "
"Please remove -D, --diff, -C, --check."))
puts(
color_error(
"These ansible-playbook options are managed automatically "
"by commcare-cloud and cannot be set manually."))
return 2 # exit code
ask_vault_pass = public_vars.get('commcare_cloud_use_vault', True)
if ask_vault_pass:
cmd_parts += ('--vault-password-file={}/echo_vault_password.sh'.
format(ANSIBLE_DIR), )
cmd_parts_with_common_ssh_args = get_common_ssh_args(
environment, use_factory_auth=use_factory_auth)
cmd_parts += cmd_parts_with_common_ssh_args
cmd = ' '.join(shlex_quote(arg) for arg in cmd_parts)
print_command(cmd)
env_vars = ansible_context.env_vars
if ask_vault_pass:
env_vars[
'ANSIBLE_VAULT_PASSWORD'] = environment.get_ansible_vault_password(
)
return subprocess.call(cmd_parts, env=env_vars)
def get_user_arg(public_vars, unknown_args, use_factory_auth=False):
cmd_parts = tuple()
if use_factory_auth:
default_user = public_vars.get('commcare_cloud_root_user', 'root')
else:
default_user = '******'
if not has_arg(unknown_args, '-u', '--user'):
user = public_vars.get('commcare_cloud_remote_user', default_user)
cmd_parts += ('-u', user)
return cmd_parts
def ansible_playbook(environment, playbook, *cmd_args):
if os.path.isabs(playbook):
playbook_path = playbook
else:
playbook_path = os.path.join(
ANSIBLE_DIR, '{playbook}'.format(playbook=playbook))
cmd_parts = (
'ansible-playbook',
playbook_path,
'-i',
environment.paths.inventory_source,
'-e',
'@{}'.format(environment.paths.public_yml),
'-e',
'@{}'.format(environment.paths.generated_yml),
'--diff',
) + get_limit() + cmd_args
public_vars = environment.public_vars
env_vars = ansible_context.env_vars
cmd_parts += get_user_arg(public_vars, unknown_args, use_factory_auth)
if has_arg(unknown_args, '-D', '--diff') or has_arg(
unknown_args, '-C', '--check'):
puts(
color_error("Options --diff and --check not allowed. "
"Please remove -D, --diff, -C, --check."))
puts(
color_error(
"These ansible-playbook options are managed automatically "
"by commcare-cloud and cannot be set manually."))
return 2 # exit code
cmd_parts += environment.secrets_backend.get_extra_ansible_args()
cmd_parts_with_common_ssh_args = get_common_ssh_args(
environment, use_factory_auth=use_factory_auth)
cmd_parts += cmd_parts_with_common_ssh_args
cmd = ' '.join(shlex_quote(arg) for arg in cmd_parts)
print_command(cmd)
env_vars.update(
environment.secrets_backend.get_extra_ansible_env_vars())
return subprocess.call(cmd_parts, env=env_vars)
def get_user_arg(public_vars, unknown_args, use_factory_auth=False):
cmd_parts = tuple()
if use_factory_auth:
default_user = public_vars.get('commcare_cloud_root_user', 'root')
else:
default_user = '******'
if not has_arg(unknown_args, '-u', '--user'):
user = public_vars.get('commcare_cloud_remote_user', default_user)
cmd_parts += ('-u', user)
return cmd_parts