-
Notifications
You must be signed in to change notification settings - Fork 23.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The tilde expansion doesn't work with templates #8949
Comments
Ok, so what is happening is the template module/plugin is failing to expand the tilde when it connects to the remote to md5 the file, and therefore (in both the normal and playbook: - name: copy authorized key template to host
template: >
src=authorized_keys.j2
dest=~{{key_user}}/.ssh/authorized_keys action_plugins/template.py: local_md5 = utils.md5s(resultant)
remote_md5 = self.runner._remote_md5(conn, tmp, dest) # returns '1', file not found
if local_md5 != remote_md5:
....
if self.runner.noop_on_check(inject):
return ReturnData(conn=conn, comm_ok=True, result=dict(changed=True), diff=dict(before_header=dest, after_header=source, before=dest_contents, after=resultant))
else:
res = self.runner._execute_module(conn, tmp, 'copy', module_args_tmp, inject=inject, complex_args=complex_args) As best I can tell, the path isn't being expanded because the path string is being escaped prior to forming the command to md5 the file here: shell_plugins/sh.py: def md5(self, path):
path = pipes.quote(path) # this quotes the path string, preventing the tilde from being expanded If I comment out the line that quotes the path, then everything works fine. Ideally we'd use something like Is it safe to just not quote the path? I'm sure it's there for security reasons. Do we need to implement something more fancy to either determine the expanded path ahead of time or approach the md5 process differently altogether? |
FYI we are currently working around this by using the - user: user={{key_user}}
register: user_info
- template: >
src=authorized_keys.j2
dest={{user_info.home}}/.ssh/authorized_keys |
Hi! Thanks very much for your interest in Ansible. It sincerely means a lot to us. On September 26, 2014, due to enormous levels of contribution to the project Ansible decided to reorganize module repos, making it easier We split modules from the main project off into two repos, http://github.com/ansible/ansible-modules-core and http://github.com/ansible/ansible-modules-extras If you would still like this ticket attended to, we will need your help in having it reopened in one of the two new repos, and instructions are provided below. We apologize that we are not able to make this transition happen seamlessly, though this is a one-time change and your help is greatly appreciated -- Both sets of modules will ship with Ansible, though they'll receive slightly different ticket handling. To locate where a module lives between 'core' and 'extras'
Additionally, should you need more help with this, you can ask questions on:
Thank you very much! |
Issue Type:
Bug Report
Ansible Version:
1.6.3 and 1.7.1
Environment:
Ubuntu 14.04
Summary:
When inside a template, the tilde expansion doesn't seem to work correctly.
Steps To Reproduce:
Here's the contents of the playbook:
romain:~/workspace/it_ansible_check_issue $ cat copy.yml --- - name: copy template to servers hosts: all roles: - copy
Here's what happens when running the playbook without
--check
:Here's what happens when running the playbook with
--check
:Expected Results:
Running the playbook with or without the
--check
option shows the same number of changes.Actual Results:
Running the playbook with
--check
option shows changes that don't happen when the playbook is run without it.The text was updated successfully, but these errors were encountered: