Merge pull request #1181 from moreati/issue1083-private_key_file

ansible_mitogen: Templated SSH private key file
mitogen-hq · Nov 6, 2024 · 9189c01 · 9189c01
2 parents 5895cca + c7df5c9
commit 9189c01
Show file tree

Hide file tree

Showing 5 changed files with 25 additions and 2 deletions.
diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py
@@ -508,7 +508,7 @@ def candidates():
         return boolean(val)
 
     def private_key_file(self):
-        return self._play_context.private_key_file
+        return self._connection_option('private_key_file')
 
     def ssh_executable(self):
         return self._connection_option('ssh_executable')

diff --git a/docs/changelog.rst b/docs/changelog.rst
@@ -23,6 +23,8 @@ In progress (unreleased)
 
 * :gh:issue:`1182` CI: Fix incorrect world readable/writable file permissions
   on SSH key ``mitogen__has_sudo_pubkey.key`` during Ansible tests.
+* :gh:issue:`1083` :mod:`ansible_mitogen`: Templated SSH private key file
+  (e.g. ``ansible_private_key_file``).
 
 
 v0.3.16 (2024-11-05)

diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts
@@ -45,6 +45,7 @@ ansible_user="{{ lookup('pipe', 'whoami') }}"
 [tt_targets_inventory]
 tt-password                 ansible_password="{{ 'has_sudo_nopw_password' | trim }}" ansible_user=mitogen__has_sudo_nopw
 tt-port                     ansible_password=has_sudo_nopw_password ansible_port="{{ 22 | int }}" ansible_user=mitogen__has_sudo_nopw
+tt-private-key-file         ansible_private_key_file="{{ git_basedir }}/tests/data/docker/mitogen__has_sudo_pubkey.key" ansible_user=mitogen__has_sudo_pubkey
 tt-remote-user              ansible_password=has_sudo_nopw_password ansible_user="{{ 'mitogen__has_sudo_nopw' | trim }}"
 tt-ssh-executable           ansible_password=has_sudo_nopw_password ansible_ssh_executable="{{ 'ssh' | trim }}" ansible_user=mitogen__has_sudo_nopw
 

diff --git a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml
@@ -9,5 +9,24 @@
 
   tasks:
     - meta: reset_connection
-    - name: Templated variables in play
+    - name: Templated variables in play, password authentication
+      ping:
+
+- name: integration/ssh/templated_by_play_taskvar.yml
+  hosts: tt_targets_bare
+  gather_facts: false
+  vars:
+    ansible_private_key_file: "{{ git_basedir }}/tests/data/docker/mitogen__has_sudo_pubkey.key"
+    ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}"
+    ansible_ssh_executable: "{{ 'ssh' | trim }}"
+    ansible_user: "{{ 'mitogen__has_sudo_pubkey' | trim }}"
+
+  tasks:
+    - meta: end_play
+      when:
+        # https://github.com/ansible/ansible/issues/84238
+        - not is_mitogen
+        - ansible_version.full is version('2.19', '<', strict=True)
+    - meta: reset_connection
+    - name: Templated variables in play, key authentication
       ping:
diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2
@@ -73,6 +73,7 @@ ansible_user=mitogen__has_sudo_nopw
 [tt_targets_inventory]
 tt-password                 ansible_password="{{ '{{' }} 'has_sudo_nopw_password' | trim {{ '}}' }}"  ansible_port={{ tt.port }} ansible_user=mitogen__has_sudo_nopw
 tt-port                     ansible_password=has_sudo_nopw_password  ansible_port="{{ '{{' }} {{ tt.port }} | int {{ '}}' }}"  ansible_user=mitogen__has_sudo_nopw
+tt-private-key-file         ansible_port={{ tt.port }} ansible_private_key_file="{{ '{{' }} git_basedir {{ '}}' }}/tests/data/docker/mitogen__has_sudo_pubkey.key" ansible_user=mitogen__has_sudo_pubkey
 tt-remote-user              ansible_password=has_sudo_nopw_password  ansible_port={{ tt.port }} ansible_user="{{ '{{' }} 'mitogen__has_sudo_nopw' | trim {{ '}}' }}"
 tt-ssh-executable           ansible_password=has_sudo_nopw_password  ansible_port={{ tt.port }} ansible_ssh_executable="{{ '{{' }} 'ssh' | trim {{ '}}' }}" ansible_user=mitogen__has_sudo_nopw