From 96e20a09d621d4e5c91810625abfef172912bca4 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 21 Apr 2022 20:25:06 +0100 Subject: [PATCH] ansible_mitogen: Add podman connection plugin --- ansible_mitogen/connection.py | 16 +++++++ .../plugins/connection/mitogen_podman.py | 44 +++++++++++++++++++ ansible_mitogen/strategy.py | 1 + ansible_mitogen/transport_config.py | 12 +++++ docs/ansible_detailed.rst | 20 +++++++-- docs/changelog.rst | 1 + 6 files changed, 91 insertions(+), 3 deletions(-) create mode 100644 ansible_mitogen/plugins/connection/mitogen_podman.py diff --git a/ansible_mitogen/connection.py b/ansible_mitogen/connection.py index ccaba7dc..a4ceba4b 100644 --- a/ansible_mitogen/connection.py +++ b/ansible_mitogen/connection.py @@ -262,6 +262,21 @@ def _connect_machinectl(spec): return _connect_setns(spec, kind='machinectl') +def _connect_podman(spec): + """ + Return ContextService arguments for a Docker connection. + """ + return { + 'method': 'podman', + 'kwargs': { + 'username': spec.remote_user(), + 'container': spec.remote_addr(), + 'python_path': spec.python_path(rediscover_python=True), + 'connect_timeout': spec.ansible_ssh_timeout() or spec.timeout(), + 'remote_name': get_remote_name(spec), + } + } + def _connect_setns(spec, kind=None): """ Return ContextService arguments for a mitogen_setns connection. @@ -400,6 +415,7 @@ CONNECTION_METHOD = { 'lxc': _connect_lxc, 'lxd': _connect_lxd, 'machinectl': _connect_machinectl, + 'podman': _connect_podman, 'setns': _connect_setns, 'ssh': _connect_ssh, 'smart': _connect_ssh, # issue #548. diff --git a/ansible_mitogen/plugins/connection/mitogen_podman.py b/ansible_mitogen/plugins/connection/mitogen_podman.py new file mode 100644 index 00000000..96e94ed2 --- /dev/null +++ b/ansible_mitogen/plugins/connection/mitogen_podman.py @@ -0,0 +1,44 @@ +# Copyright 2022, Mitogen contributers +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# 3. Neither the name of the copyright holder nor the names of its contributors +# may be used to endorse or promote products derived from this software without +# specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + +from __future__ import absolute_import +import os.path +import sys + +try: + import ansible_mitogen +except ImportError: + base_dir = os.path.dirname(__file__) + sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..'))) + del base_dir + +import ansible_mitogen.connection + + +class Connection(ansible_mitogen.connection.Connection): + transport = 'podman' diff --git a/ansible_mitogen/strategy.py b/ansible_mitogen/strategy.py index 792cfada..e0b326e5 100644 --- a/ansible_mitogen/strategy.py +++ b/ansible_mitogen/strategy.py @@ -107,6 +107,7 @@ REDIRECTED_CONNECTION_PLUGINS = ( 'lxc', 'lxd', 'machinectl', + 'podman', 'setns', 'ssh', ) diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index 4babbde3..ffae2bb8 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -354,6 +354,12 @@ class Spec(with_metaclass(abc.ABCMeta, object)): The path to the "machinectl" program for the 'setns' transport. """ + @abc.abstractmethod + def mitogen_podman_path(self): + """ + The path to the "podman" program for the 'podman' transport. + """ + @abc.abstractmethod def mitogen_ssh_keepalive_interval(self): """ @@ -527,6 +533,9 @@ class PlayContextSpec(Spec): def mitogen_lxc_info_path(self): return self._connection.get_task_var('mitogen_lxc_info_path') + def mitogen_podman_path(self): + return self._connection.get_task_var('mitogen_podman_path') + def mitogen_ssh_keepalive_interval(self): return self._connection.get_task_var('mitogen_ssh_keepalive_interval') @@ -747,6 +756,9 @@ class MitogenViaSpec(Spec): def mitogen_lxc_info_path(self): return self._host_vars.get('mitogen_lxc_info_path') + def mitogen_podman_path(self): + return self._host_vars.get('mitogen_podman_path') + def mitogen_ssh_keepalive_interval(self): return self._host_vars.get('mitogen_ssh_keepalive_interval') diff --git a/docs/ansible_detailed.rst b/docs/ansible_detailed.rst index 382c45d6..d3298074 100644 --- a/docs/ansible_detailed.rst +++ b/docs/ansible_detailed.rst @@ -188,9 +188,9 @@ Noteworthy Differences your_ssh_username = (ALL) NOPASSWD:/usr/bin/python -c* * The :ans:conn:`~buildah`, :ans:conn:`~docker`, :ans:conn:`~jail`, - :ans:conn:`~kubectl`, :ans:conn:`~local`, :ans:conn:`~lxd`, and - :ans:conn:`~ssh` built-in connection types are supported, along with - Mitogen-specific :ref:`machinectl `, :ref:`mitogen_doas `, + :ans:conn:`~kubectl`, :ans:conn:`~local`, :ans:conn:`~lxd`, + :ans:conn:`~podman`, & :ans:conn:`~ssh` connection types are supported; also + Mitogen-specific :ref:`mitogen_doas `, :ref:`machinectl `, :ref:`mitogen_su `, :ref:`mitogen_sudo `, and :ref:`setns ` types. File bugs to register interest in others. @@ -819,6 +819,20 @@ Like the :ans:conn:`local` except connection delegation is supported. * ``ansible_python_interpreter`` +Podman +~~~~~~ + +Like :ans:conn:`podman` except connection delegation is supported. + +* ``ansible_host``: Name of container (default: inventory hostname). +* ``ansible_user``: Name of user within the container to execute as. +* ``mitogen_mask_remote_name``: if :data:`True`, mask the identity of the + Ansible controller process on remote machines. To simplify diagnostics, + Mitogen produces remote processes named like + `"mitogen:user@controller.name:1234"`, however this may be a privacy issue in + some circumstances. + + Process Model ^^^^^^^^^^^^^ diff --git a/docs/changelog.rst b/docs/changelog.rst index 138da197..8feb985b 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -23,6 +23,7 @@ v0.3.3.dev0 * :gh:issue:`906` Support packages dynamically inserted into sys.modules, e.g. `distro` >= 1.7.0 as `ansible.module_utils.distro`. * :gh:issue:`918` Support Python 3.10 +* :gh:issue:`920` Support Ansible :ans:conn:`~podman` connection plugin v0.3.2 (2022-01-12)