def _check_version_added(self, doc):
if not self._is_new_module():
return
try:
version_added = StrictVersion(str(doc.get('version_added', '0.0')))
except ValueError:
version_added = doc.get('version_added', '0.0')
self.reporter.error(
path=self.object_path,
code=306,
msg='version_added is not a valid version number: %r' %
version_added)
return
should_be = '.'.join(ansible_version.split('.')[:2])
strict_ansible_version = StrictVersion(should_be)
if (version_added < strict_ansible_version
or strict_ansible_version < version_added):
self.reporter.error(
path=self.object_path,
code=307,
msg='version_added should be %s. Currently %s' %
(should_be, version_added))
def _check_version_added(self, doc):
if not self._is_new_module():
return
try:
version_added = StrictVersion(str(doc.get('version_added', '0.0')))
except ValueError:
version_added = doc.get('version_added', '0.0')
self.reporter.error(
path=self.object_path,
code=306,
msg='version_added is not a valid version number: %r' % version_added
)
return
should_be = '.'.join(ansible_version.split('.')[:2])
strict_ansible_version = StrictVersion(should_be)
if (version_added < strict_ansible_version or
strict_ansible_version < version_added):
self.reporter.error(
path=self.object_path,
code=307,
msg='version_added should be %s. Currently %s' % (should_be, version_added)
)
def _check_for_new_args(self, doc):
if self._is_new_module():
return
with CaptureStd():
try:
existing = module_loader.find_plugin(self.name, mod_type='.py')
existing_doc, _, _ = get_docstring(existing, verbose=True)
existing_options = existing_doc.get('options', {})
except AssertionError:
fragment = doc['extends_documentation_fragment']
self.warnings.append('Pre-existing DOCUMENTATION fragment '
'missing: %s' % fragment)
return
except Exception as e:
self.warning_traces.append(e)
self.warnings.append('Unknown pre-existing DOCUMENTATION '
'error, see TRACE. Submodule refs may '
'need updated')
return
try:
mod_version_added = StrictVersion(
str(existing_doc.get('version_added', '0.0'))
)
except ValueError:
mod_version_added = StrictVersion('0.0')
options = doc.get('options', {})
should_be = '.'.join(ansible_version.split('.')[:2])
strict_ansible_version = StrictVersion(should_be)
for option, details in options.iteritems():
new = not bool(existing_options.get(option))
if not new:
continue
try:
version_added = StrictVersion(
str(details.get('version_added', '0.0'))
)
except ValueError:
version_added = details.get('version_added', '0.0')
self.errors.append('version_added for new option (%s) '
'is not a valid version number: %r' %
(option, version_added))
continue
except:
# If there is any other exception it should have been caught
# in schema validation, so we won't duplicate errors by
# listing it again
continue
if (strict_ansible_version != mod_version_added and
(version_added < strict_ansible_version or
strict_ansible_version < version_added)):
self.errors.append('version_added for new option (%s) should '
'be %s. Currently %s' %
(option, should_be, version_added))
def _check_version_added(self, doc):
if not self._is_new_module():
return
try:
version_added = StrictVersion(str(doc.get("version_added", "0.0")))
except ValueError:
version_added = doc.get("version_added", "0.0")
self.errors.append("version_added is not a valid version " "number: %r" % version_added)
return
should_be = ".".join(ansible_version.split(".")[:2])
strict_ansible_version = StrictVersion(should_be)
if version_added < strict_ansible_version or strict_ansible_version < version_added:
self.errors.append("version_added should be %s. Currently %s" % (should_be, version_added))
def _check_version_added(self, doc):
if not self._is_new_module():
return
try:
version_added = StrictVersion(str(doc.get('version_added', '0.0')))
except ValueError:
version_added = doc.get('version_added', '0.0')
self.errors.append('version_added is not a valid version '
'number: %r' % version_added)
return
strict_ansible_version = StrictVersion(ansible_version)
should_be = '.'.join(ansible_version.split('.')[:2])
if (version_added < strict_ansible_version or
strict_ansible_version < version_added):
self.errors.append('version_added should be %s. Currently %s' %
(should_be, version_added))
import os
import shutil
import subprocess
import sys
import tempfile
from typing import TYPE_CHECKING, Dict, List
from ansible import __version__ as ansible_version_str
from ansiblelint.runner import Runner
if TYPE_CHECKING:
from ansiblelint.errors import MatchError
ANSIBLE_MAJOR_VERSION = tuple(map(int, ansible_version_str.split('.')[:2]))
class RunFromText(object):
"""Use Runner on temp files created from unittest text snippets."""
def __init__(self, collection):
"""Initialize a RunFromText instance with rules collection."""
self.collection = collection
def _call_runner(self, path) -> List["MatchError"]:
runner = Runner(self.collection, path)
return runner.run()
def run_playbook(self, playbook_text):
play_root = tempfile.mkdtemp()
with open(os.path.join(play_root, 'playbook.yml'), 'w') as fp:
def _check_for_new_args(self, doc):
if not self.base_branch or self._is_new_module():
return
with CaptureStd():
try:
existing_doc, _, _, _ = get_docstring(self.base_module,
verbose=True)
existing_options = existing_doc.get('options', {})
except AssertionError:
fragment = doc['extends_documentation_fragment']
self.reporter.warning(
path=self.object_path,
code=392,
msg='Pre-existing DOCUMENTATION fragment missing: %s' %
fragment)
return
except Exception as e:
self.reporter.warning_trace(path=self.object_path, tracebk=e)
self.reporter.warning(
path=self.object_path,
code=391,
msg=('Unknown pre-existing DOCUMENTATION '
'error, see TRACE. Submodule refs may '
'need updated'))
return
try:
mod_version_added = StrictVersion(
str(existing_doc.get('version_added', '0.0')))
except ValueError:
mod_version_added = StrictVersion('0.0')
options = doc.get('options', {})
should_be = '.'.join(ansible_version.split('.')[:2])
strict_ansible_version = StrictVersion(should_be)
for option, details in options.items():
try:
names = [option] + details.get('aliases', [])
except AttributeError:
# Reporting of this syntax error will be handled by schema validation.
continue
if any(name in existing_options for name in names):
continue
try:
version_added = StrictVersion(
str(details.get('version_added', '0.0')))
except ValueError:
version_added = details.get('version_added', '0.0')
self.reporter.error(path=self.object_path,
code=308,
msg=('version_added for new option (%s) '
'is not a valid version number: %r' %
(option, version_added)))
continue
except:
# If there is any other exception it should have been caught
# in schema validation, so we won't duplicate errors by
# listing it again
continue
if (strict_ansible_version != mod_version_added
and (version_added < strict_ansible_version
or strict_ansible_version < version_added)):
self.reporter.error(
path=self.object_path,
code=309,
msg=('version_added for new option (%s) should '
'be %s. Currently %s' %
(option, should_be, version_added)))
def get_ansible_version():
from ansible import __version__
return tuple(int(x) for x in __version__.split('.'))
from collections import namedtuple
from operator import attrgetter
from pathlib import Path
from tempfile import TemporaryDirectory
import ansible.constants as C
from ansible import context, __version__
from ansible.galaxy import Galaxy
from ansible.galaxy.api import CollectionVersionMetadata, GalaxyAPI
from ansible.galaxy.collection import CollectionRequirement
from resolvelib import AbstractProvider, BaseReporter, Resolver
IS_BELOW_ANSIBLE_210 = tuple(map(int, __version__.split('.')[:2])) < (2, 10)
# NOTE: "src" and "type" fields are reserved for future use.
# NOTE: They are currently unused because the code ignores non-Galaxy
# NOTE: locations.
Requirement = namedtuple('Requirement', ('fqcn', 'ver', 'src', 'type'))
# ^ abstract requirement
Candidate = namedtuple('Candidate', ('fqcn', 'ver', 'src', 'type'))
# ^ concrete requirement
class AnsibleGalaxyProvider(AbstractProvider):
"""Delegate class providing requirement interface for the resolver.
"""
from ansible import errors
from ansible import utils, __version__ as _ansible_version
from ansible.plugins.connection import ConnectionBase
try:
from __main__ import display
except ImportError:
from ansible.utils.display import Display
display = Display()
vvv = display.vvv
# Previously we copied the upstream plugin to *this* directory and did `import ssh as ssh_connection_plugin`
import ansible.plugins.connection.ssh as ssh_connection_plugin
ansible_version = tuple(map(int, _ansible_version.split('.')[:2]))
assert ansible_version >= (2, 0), "We don't support Ansible 1.x anymore"
SSH_JAIL_SEP = '@'
class Connection(ConnectionBase):
"""Remote jail based connections"""
transport = 'ssh'
has_pipelining = ssh_connection_plugin.Connection.has_pipelining
def __init__(self, play_context, *args, **kwargs):
super(Connection, self).__init__(play_context, *args, **kwargs)
self._init_args = (args, kwargs)
def _check_for_new_args(self, doc):
if not self.base_branch or self._is_new_module():
return
with CaptureStd():
try:
existing_doc, _, _, _ = get_docstring(self.base_module, verbose=True)
existing_options = existing_doc.get('options', {})
except AssertionError:
fragment = doc['extends_documentation_fragment']
self.reporter.warning(
path=self.object_path,
code=392,
msg='Pre-existing DOCUMENTATION fragment missing: %s' % fragment
)
return
except Exception as e:
self.reporter.warning_trace(
path=self.object_path,
tracebk=e
)
self.reporter.warning(
path=self.object_path,
code=391,
msg=('Unknown pre-existing DOCUMENTATION '
'error, see TRACE. Submodule refs may '
'need updated')
)
return
try:
mod_version_added = StrictVersion(
str(existing_doc.get('version_added', '0.0'))
)
except ValueError:
mod_version_added = StrictVersion('0.0')
options = doc.get('options', {})
should_be = '.'.join(ansible_version.split('.')[:2])
strict_ansible_version = StrictVersion(should_be)
for option, details in options.items():
names = [option] + details.get('aliases', [])
if any(name in existing_options for name in names):
continue
try:
version_added = StrictVersion(
str(details.get('version_added', '0.0'))
)
except ValueError:
version_added = details.get('version_added', '0.0')
self.reporter.error(
path=self.object_path,
code=308,
msg=('version_added for new option (%s) '
'is not a valid version number: %r' %
(option, version_added))
)
continue
except:
# If there is any other exception it should have been caught
# in schema validation, so we won't duplicate errors by
# listing it again
continue
if (strict_ansible_version != mod_version_added and
(version_added < strict_ansible_version or
strict_ansible_version < version_added)):
self.reporter.error(
path=self.object_path,
code=309,
msg=('version_added for new option (%s) should '
'be %s. Currently %s' %
(option, should_be, version_added))
)
def __call__(self, argv, help):
inject_ansible_paths()
import ansible.playbook
import ansible.constants as C
from ansible import __version__
from ansible import errors
from ansible import callbacks
from ploy_ansible.inventory import Inventory
from ansible import utils
from ansible.color import ANSIBLE_COLOR, stringc
ansible_version = tuple(int(x) for x in __version__.split('.'))
parser = utils.base_parser(
constants=C,
connect_opts=True,
runas_opts=True,
subset_opts=True,
check_opts=True,
diff_opts=True,
usage='%s playbook playbook.yml' % self.ctrl.progname
)
parser.remove_option('-i')
parser.remove_option('-k')
parser.add_option(
'-e', '--extra-vars', dest="extra_vars", action="append",
help="set additional variables as key=value or YAML/JSON", default=[])
parser.add_option(
'-t', '--tags', dest='tags', default='all',
help="only run plays and tasks tagged with these values")
parser.add_option(
'--skip-tags', dest='skip_tags',
help="only run plays and tasks whose tags do not match these values")
parser.add_option(
'--syntax-check', dest='syntax', action='store_true',
help="perform a syntax check on the playbook, but do not execute it")
parser.add_option(
'--list-tasks', dest='listtasks', action='store_true',
help="list all tasks that would be executed")
parser.add_option(
'--step', dest='step', action='store_true',
help="one-step-at-a-time: confirm each task before running")
parser.add_option(
'--start-at-task', dest='start_at',
help="start the playbook at the task matching this name")
if ansible_version >= (1, 6):
parser.add_option(
'--force-handlers', dest='force_handlers', action='store_true',
help="run handlers even if a task fails")
options, args = parser.parse_args(argv)
cbs = callbacks.CliRunnerCallbacks()
cbs.options = options
if len(args) == 0:
parser.print_help(file=sys.stderr)
sys.exit(1)
# su and sudo command line arguments need to be mutually exclusive
if (hasattr(options, 'su')
and (options.su or options.su_user or options.ask_su_pass)
and (options.sudo or options.sudo_user or options.ask_sudo_pass)):
parser.error("Sudo arguments ('--sudo', '--sudo-user', and '--ask-sudo-pass') "
"and su arguments ('-su', '--su-user', and '--ask-su-pass') are "
"mutually exclusive")
if hasattr(options, 'ask_vault_pass') and (options.ask_vault_pass and options.vault_password_file):
parser.error("--ask-vault-pass and --vault-password-file are mutually exclusive")
def colorize(lead, num, color):
""" Print 'lead' = 'num' in 'color' """
if num != 0 and ANSIBLE_COLOR and color is not None:
return "%s%s%-15s" % (stringc(lead, color), stringc("=", color), stringc(str(num), color))
else:
return "%s=%-4s" % (lead, str(num))
def hostcolor(host, stats, color=True):
if ANSIBLE_COLOR and color:
if stats['failures'] != 0 or stats['unreachable'] != 0:
return "%-37s" % stringc(host, 'red')
elif stats['changed'] != 0:
return "%-37s" % stringc(host, 'yellow')
else:
return "%-37s" % stringc(host, 'green')
return "%-26s" % host
try:
patch_connect(self.ctrl)
inventory = Inventory(self.ctrl)
sudopass = None
su_pass = None
vault_pass = None
if not options.listhosts and not options.syntax and not options.listtasks:
kw = {}
options.ask_sudo_pass = options.ask_sudo_pass or C.DEFAULT_ASK_SUDO_PASS
kw['ask_sudo_pass'] = options.ask_sudo_pass
if hasattr(options, 'ask_su_pass'):
options.ask_su_pass = options.ask_su_pass or C.DEFAULT_ASK_SU_PASS
kw['ask_su_pass'] = options.ask_sudo_pass
if hasattr(options, 'ask_vault_pass'):
options.ask_vault_pass = options.ask_vault_pass or C.DEFAULT_ASK_VAULT_PASS
kw['ask_vault_pass'] = options.ask_vault_pass
passwds = utils.ask_passwords(**kw)
if len(passwds) == 2:
(sshpass, sudopass) = passwds
elif len(passwds) == 3:
(sshpass, sudopass, su_pass) = passwds
else:
(sshpass, sudopass, su_pass, vault_pass) = passwds
if options.sudo_user or options.ask_sudo_pass:
options.sudo = True
options.sudo_user = options.sudo_user or C.DEFAULT_SUDO_USER
if hasattr(options, 'su'):
if options.su_user or options.ask_su_pass:
options.su = True
options.su_user = options.su_user or C.DEFAULT_SU_USER
if getattr(options, 'vault_password_file', None):
this_path = os.path.expanduser(options.vault_password_file)
try:
f = open(this_path, "rb")
tmp_vault_pass = f.read().strip()
f.close()
except (OSError, IOError), e:
raise errors.AnsibleError("Could not read %s: %s" % (this_path, e))
if not options.ask_vault_pass:
vault_pass = tmp_vault_pass
extra_vars = {}
for extra_vars_opt in options.extra_vars:
if extra_vars_opt.startswith("@"):
# Argument is a YAML file (JSON is a subset of YAML)
kw = {}
if vault_pass:
kw['vault_password'] = vault_pass
extra_vars = utils.combine_vars(extra_vars, utils.parse_yaml_from_file(extra_vars_opt[1:]), **kw)
elif extra_vars_opt and extra_vars_opt[0] in '[{':
# Arguments as YAML
extra_vars = utils.combine_vars(extra_vars, utils.parse_yaml(extra_vars_opt))
else:
# Arguments as Key-value
extra_vars = utils.combine_vars(extra_vars, utils.parse_kv(extra_vars_opt))
only_tags = options.tags.split(",")
skip_tags = options.skip_tags
if options.skip_tags is not None:
skip_tags = options.skip_tags.split(",")
for playbook in args:
if not os.path.exists(playbook):
raise errors.AnsibleError("the playbook: %s could not be found" % playbook)
# run all playbooks specified on the command line
for playbook in args:
playbook = os.path.abspath(playbook)
# let inventory know which playbooks are using so it can know the basedirs
inventory.set_playbook_basedir(os.path.dirname(playbook))
stats = callbacks.AggregateStats()
playbook_cb = callbacks.PlaybookCallbacks(verbose=utils.VERBOSITY)
if options.step:
playbook_cb.step = options.step
if options.start_at:
playbook_cb.start_at = options.start_at
runner_cb = callbacks.PlaybookRunnerCallbacks(stats, verbose=utils.VERBOSITY)
kw = {}
if hasattr(options, 'su'):
kw['su'] = options.su
kw['su_user'] = options.su_user
if hasattr(options, 'su_pass'):
kw['su_pass'] = options.su_pass
if vault_pass:
kw['vault_password'] = vault_pass
if hasattr(options, 'force_handlers'):
kw['force_handlers'] = options.force_handlers
pb = ansible.playbook.PlayBook(
playbook=playbook,
module_path=options.module_path,
inventory=inventory,
forks=options.forks,
remote_user=options.remote_user,
callbacks=playbook_cb,
runner_callbacks=runner_cb,
stats=stats,
timeout=options.timeout,
transport=options.connection,
sudo=options.sudo,
sudo_user=options.sudo_user,
sudo_pass=sudopass,
extra_vars=extra_vars,
private_key_file=options.private_key_file,
only_tags=only_tags,
skip_tags=skip_tags,
check=options.check,
diff=options.diff,
**kw)
if options.listhosts or options.listtasks or options.syntax:
print ''
print 'playbook: %s' % playbook
print ''
playnum = 0
for (play_ds, play_basedir) in zip(pb.playbook, pb.play_basedirs):
playnum += 1
play = ansible.playbook.Play(pb, play_ds, play_basedir)
label = play.name
hosts = pb.inventory.list_hosts(play.hosts)
# Filter all tasks by given tags
if pb.only_tags != 'all':
if options.subset and not hosts:
continue
matched_tags, unmatched_tags = play.compare_tags(pb.only_tags)
# Remove skipped tasks
matched_tags = matched_tags - set(pb.skip_tags)
unmatched_tags.discard('all')
unknown_tags = ((set(pb.only_tags) | set(pb.skip_tags)) -
(matched_tags | unmatched_tags))
if unknown_tags:
continue
if options.listhosts:
print ' play #%d (%s): host count=%d' % (playnum, label, len(hosts))
for host in hosts:
print ' %s' % host
if options.listtasks:
print ' play #%d (%s):' % (playnum, label)
for task in play.tasks():
_only_tags = set(task.tags).intersection(pb.only_tags)
_skip_tags = set(task.tags).intersection(pb.skip_tags)
if (_only_tags and not _skip_tags):
if getattr(task, 'name', None) is not None:
# meta tasks have no names
print ' %s' % task.name
print ''
continue
if options.syntax:
# if we've not exited by now then we are fine.
print 'Playbook Syntax is fine'
sys.exit(0)
failed_hosts = []
unreachable_hosts = []
pb.run()
hosts = sorted(pb.stats.processed.keys())
callbacks.display(callbacks.banner("PLAY RECAP"))
playbook_cb.on_stats(pb.stats)
for h in hosts:
t = pb.stats.summarize(h)
if t['failures'] > 0:
failed_hosts.append(h)
if t['unreachable'] > 0:
unreachable_hosts.append(h)
retries = failed_hosts + unreachable_hosts
if len(retries) > 0:
filename = pb.generate_retry_inventory(retries)
if filename:
callbacks.display(" to retry, use: --limit @%s\n" % filename)
for h in hosts:
t = pb.stats.summarize(h)
callbacks.display("%s : %s %s %s %s" % (
hostcolor(h, t),
colorize('ok', t['ok'], 'green'),
colorize('changed', t['changed'], 'yellow'),
colorize('unreachable', t['unreachable'], 'red'),
colorize('failed', t['failures'], 'red')),
screen_only=True
)
callbacks.display("%s : %s %s %s %s" % (
hostcolor(h, t, False),
colorize('ok', t['ok'], None),
colorize('changed', t['changed'], None),
colorize('unreachable', t['unreachable'], None),
colorize('failed', t['failures'], None)),
log_only=True
)
print ""
if len(failed_hosts) > 0:
sys.exit(2)
if len(unreachable_hosts) > 0:
sys.exit(3)