ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-04-18 09:51:41 +00:00
Code Activity

Merge 6bb5bf8dc7 into b4336659f6

Browse source
This commit is contained in:
Eero Aaltonen 2026-03-21 12:29:27 -04:00 committed by GitHub
commit c8bb7f1914
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 194 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

89
plugins/action/pgp_keyring.py Normal file
View file

@ -0,0 +1,89 @@
# Copyright: (c) 20252026, Eero Aaltonen
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import annotations
import tempfile
from ansible.errors import AnsibleActionFail, AnsibleError
from ansible.module_utils.common.text.converters import to_text
from ansible.plugins.action import ActionBase
try:
import pgpy
except ImportError as imp_exc:
PGPY_IMPORT_ERROR = imp_exc
else:
PGPY_IMPORT_ERROR = None
class ActionModule(ActionBase):
TRANSFERS_FILES = True
def run(self, tmp=None, task_vars=None):
""" Install PGP keyrings in binary format """
if PGPY_IMPORT_ERROR:
raise AnsibleError('PGPym~=0.6.1 must be installed to use pgp_keyring plugin') from PGPY_IMPORT_ERROR
if task_vars is None:
task_vars = dict()
validation_result, new_module_args = self.validate_argument_spec(
argument_spec=dict(
src=dict(type='str', required=True),
dest=dict(type='str', required=True),
follow=dict(type='bool', default=False)
)
)
super(ActionModule, self).run(tmp, task_vars)
del tmp # tmp no longer has any effect
# assign to local vars for ease of use
source = new_module_args['src']
dest = new_module_args['dest']
follow = new_module_args['follow']
try:
try:
# find in expected paths
source = self._find_needle('files', source)
except AnsibleError as e:
raise AnsibleActionFail(to_text(e))
try:
key, po = pgpy.PGPKey.from_file(source)
except FileNotFoundError as e:
raise AnsibleActionFail("could not find src=%s, %s" % (source, to_text(e)))
except Exception as e:
raise AnsibleActionFail("%s: %s" % (type(e).__name__, to_text(e)))
new_task = self._task.copy()
with tempfile.NamedTemporaryFile('wb', delete=True) as f:
f.write(bytes(key))
f.flush()
new_task.args.update(
dict(
src=f.file.name,
dest=dest,
follow=follow,
),
)
# call with ansible.legacy prefix to eliminate collisions with collections while still allowing local override
copy_action = self._shared_loader_obj.action_loader.get(
'ansible.legacy.copy',
task=new_task,
connection=self._connection,
play_context=self._play_context,
loader=self._loader,
templar=self._templar,
shared_loader_obj=self._shared_loader_obj)
return copy_action.run(task_vars=task_vars)
finally:
self._remove_tmp_path(self._connection._shell.tmpdir)

36
plugins/modules/pgp_keyring.py Normal file
View file

@ -0,0 +1,36 @@
# Copyright: (c) 20252026, Eero Aaltonen
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import annotations
DOCUMENTATION = r"""
---
module: pgp_keyring
short_description: Install PGP keyrings in binary format
description: Converts PGP keyrings to binary format on the ansible controller,
and installs them to the target systems.
version_added: 12.4.0
author: "Eero Aaltonen (@eaaltonen)"
options:
src:
description: Source key file (typically ASCII armored)
required: true
type: str
dest:
description: Destination key file. Can be relative, in which case the target system default is used
required: true
type: str
follow:
description: This flag indicates that filesystem links in the destination, if they exist, should be followed.
type: bool
default: false
"""
EXAMPLES = r"""
- name: Install Microsoft Package signing key
community.general.pgp_keyring:
src: microsoft.asc
dest: microsoft.gpg
become: true
"""