diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2016-05-18 00:10:50 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2016-05-18 00:47:05 +0200 |
commit | 71aefcc229f999f92b25e51b9444b313d95fbc86 (patch) | |
tree | 0cfda622ac987e35543361dcc478dfe6b5b3fa08 /lib | |
parent | f4c280d1c6f43f7ca0c1e498ab87fe7aa08d5eb2 (diff) |
Add an ansible module 'fetch_cmd' to fetch the output of a remote command locally.
And use this to fetch all X.509 leaf certificates.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/action_plugins/fetch_cmd.py | 61 | ||||
-rw-r--r-- | lib/modules/fetch_cmd.py | 56 |
2 files changed, 117 insertions, 0 deletions
diff --git a/lib/action_plugins/fetch_cmd.py b/lib/action_plugins/fetch_cmd.py new file mode 100644 index 0000000..99bdf2e --- /dev/null +++ b/lib/action_plugins/fetch_cmd.py @@ -0,0 +1,61 @@ +# Fetch the output of a remote command +# Copyright (c) 2016 Guilhem Moulin <guilhem@fripost.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +import subprocess, os +from ansible.plugins.action import ActionBase +from ansible.utils.path import makedirs_safe +from ansible.utils.hashing import checksum + +class ActionModule(ActionBase): + TRANSFERS_FILES = True + + def run(self, tmp=None, task_vars=None): + if task_vars is None: + task_vars = dict() + + if self._play_context.check_mode: + return dict(skipped=True, msg='check mode not supported for this module') + + result = super(ActionModule, self).run(tmp, task_vars) + + cmd = self._task.args.get('cmd', None) + stdin = self._task.args.get('stdin', None) + dest = self._task.args.get('dest', None) + + if cmd is None or dest is None: + return dict(failed=True, msg="cmd and dest are required") + + if stdin is not None: + stdin = self._connection._shell.join_path(stdin) + stdin = self._remote_expand_user(stdin) + + stdout = self._connection._shell.join_path(self._make_tmp_path(), 'stdout') + result.update(self._execute_module(module_args=dict(cmd=cmd, stdin=stdin, dest=stdout), task_vars=task_vars)) + + # calculate checksum for the local file + local_checksum = checksum(dest) + + # calculate checksum for the remote file, don't bother if using become as slurp will be used + remote_checksum = self._remote_checksum(stdout, all_vars=task_vars) + + if remote_checksum != local_checksum: + makedirs_safe(os.path.dirname(dest)) + self._connection.fetch_file(stdout, dest) + if checksum(dest) == remote_checksum: + result.update(dict(changed=True)) + else: + result.update(dict(failed=True)) + return result diff --git a/lib/modules/fetch_cmd.py b/lib/modules/fetch_cmd.py new file mode 100644 index 0000000..ac8757f --- /dev/null +++ b/lib/modules/fetch_cmd.py @@ -0,0 +1,56 @@ +#!/usr/bin/python + +# Fetch the output of a remote command +# Copyright (c) 2016 Guilhem Moulin <guilhem@fripost.org> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + + +# import module snippets +from ansible.module_utils.basic import * + +def main(): + module = AnsibleModule( + argument_spec = dict( + cmd = dict( default=None ), + stdin = dict( default=None ), + dest = dict( default=None ), + ), + supports_check_mode=False + ) + + params = module.params + cmd = params['cmd'] + stdin = params['stdin'] + dest = params['dest'] + + if cmd is None or dest is None: + return dict(failed=True, msg="cmd and dest are required") + + changed = False + try: + if stdin is not None: + stdin = open(stdin, 'r') + + with open(dest, 'w') as stdout: + subprocess.check_call(cmd.split(), stdin=stdin, stdout=stdout) + if stdin is not None: + stdin.close() + + except KeyError, e: + module.fail_json(msg=str(e)) + + module.exit_json(changed=changed) + +main() |