From 71aefcc229f999f92b25e51b9444b313d95fbc86 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Wed, 18 May 2016 00:10:50 +0200 Subject: Add an ansible module 'fetch_cmd' to fetch the output of a remote command locally. And use this to fetch all X.509 leaf certificates. --- lib/action_plugins/fetch_cmd.py | 61 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 lib/action_plugins/fetch_cmd.py (limited to 'lib/action_plugins') diff --git a/lib/action_plugins/fetch_cmd.py b/lib/action_plugins/fetch_cmd.py new file mode 100644 index 0000000..99bdf2e --- /dev/null +++ b/lib/action_plugins/fetch_cmd.py @@ -0,0 +1,61 @@ +# Fetch the output of a remote command +# Copyright (c) 2016 Guilhem Moulin +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +import subprocess, os +from ansible.plugins.action import ActionBase +from ansible.utils.path import makedirs_safe +from ansible.utils.hashing import checksum + +class ActionModule(ActionBase): + TRANSFERS_FILES = True + + def run(self, tmp=None, task_vars=None): + if task_vars is None: + task_vars = dict() + + if self._play_context.check_mode: + return dict(skipped=True, msg='check mode not supported for this module') + + result = super(ActionModule, self).run(tmp, task_vars) + + cmd = self._task.args.get('cmd', None) + stdin = self._task.args.get('stdin', None) + dest = self._task.args.get('dest', None) + + if cmd is None or dest is None: + return dict(failed=True, msg="cmd and dest are required") + + if stdin is not None: + stdin = self._connection._shell.join_path(stdin) + stdin = self._remote_expand_user(stdin) + + stdout = self._connection._shell.join_path(self._make_tmp_path(), 'stdout') + result.update(self._execute_module(module_args=dict(cmd=cmd, stdin=stdin, dest=stdout), task_vars=task_vars)) + + # calculate checksum for the local file + local_checksum = checksum(dest) + + # calculate checksum for the remote file, don't bother if using become as slurp will be used + remote_checksum = self._remote_checksum(stdout, all_vars=task_vars) + + if remote_checksum != local_checksum: + makedirs_safe(os.path.dirname(dest)) + self._connection.fetch_file(stdout, dest) + if checksum(dest) == remote_checksum: + result.update(dict(changed=True)) + else: + result.update(dict(failed=True)) + return result -- cgit v1.2.3