Pipe it to connections (#73688) (#73914)

* pipelining tweaks
  added 'defaults'  entry for ini pipelining from ssh plugin

(cherry picked from commit 96905120698e3118d8bafaee5ebe8f83d2bbd607)

7 files changed, 49 insertions, 17 deletions

diff --git a/changelogs/fragments/pipelinig_to_plugins.yml b/changelogs/fragments/pipelinig_to_plugins.yml
new file mode 100644
index 0000000000..1794caaecb
--- /dev/null
+++ b/changelogs/fragments/pipelinig_to_plugins.yml
@@ -0,0 +1,2 @@
+bugfixes:
+  - Restructured pipelining settings to be at the connection plugins leaving base config as global and for backwards compatiblity.
diff --git a/lib/ansible/config/base.yml b/lib/ansible/config/base.yml
index 0a3d7b1e59..2bdc4a411f 100644
--- a/lib/ansible/config/base.yml
+++ b/lib/ansible/config/base.yml
@@ -91,16 +91,15 @@ ANSIBLE_PIPELINING:
     - "However this conflicts with privilege escalation (become). For example, when using 'sudo:' operations you must first
       disable 'requiretty' in /etc/sudoers on all managed hosts, which is why it is disabled by default."
     - This option is disabled if ``ANSIBLE_KEEP_REMOTE_FILES`` is enabled.
+    - This is a global option, each connection plugin can override either by having more specific options or not supporting pipelining at all.
   env:
     - name: ANSIBLE_PIPELINING
-    - name: ANSIBLE_SSH_PIPELINING
   ini:
-  - section: connection
+  - section: defaults
     key: pipelining
-  - section: ssh_connection
+  - section: connection
     key: pipelining
   type: boolean
-  yaml: {key: plugins.connection.pipelining}
 ANSIBLE_SSH_ARGS:
   # TODO: move to ssh plugin
   default: -C -o ControlMaster=auto -o ControlPersist=60s
diff --git a/lib/ansible/plugins/connection/local.py b/lib/ansible/plugins/connection/local.py
index 85cb72b01c..abdd6932ac 100644
--- a/lib/ansible/plugins/connection/local.py
+++ b/lib/ansible/plugins/connection/local.py
@@ -12,6 +12,8 @@ DOCUMENTATION = '''
         - This connection plugin allows ansible to execute tasks on the Ansible 'controller' instead of on a remote host.
     author: ansible (@core)
     version_added: historical
+    extends_documentation_fragment:
+        - connection_pipelining
     notes:
         - The remote user is ignored, the user with which the ansible CLI was executed is used instead.
 '''
@@ -82,7 +84,7 @@ class Connection(ConnectionBase):
 
         master = None
         stdin = subprocess.PIPE
-        if sudoable and self.become and self.become.expect_prompt():
+        if sudoable and self.become and self.become.expect_prompt() and not self.get_option('pipelining'):
             # Create a pty if sudoable for privlege escalation that needs it.
             # Falls back to using a standard pipe if this fails, which may
             # cause the command to fail in certain situations where we are escalating
@@ -102,7 +104,7 @@ class Connection(ConnectionBase):
             stderr=subprocess.PIPE,
         )
 
-        # if we created a master, we can close the other half of the pty now
+        # if we created a master, we can close the other half of the pty now, otherwise master is stdin
         if master is not None:
             os.close(stdin)
 
@@ -138,7 +140,10 @@ class Connection(ConnectionBase):
 
             if not self.become.check_success(become_output):
                 become_pass = self.become.get_option('become_pass', playcontext=self._play_context)
-                os.write(master, to_bytes(become_pass, errors='surrogate_or_strict') + b'\n')
+                if master is None:
+                    p.stdin.write(to_bytes(become_pass, errors='surrogate_or_strict') + b'\n')
+                else:
+                    os.write(master, to_bytes(become_pass, errors='surrogate_or_strict') + b'\n')
 
             fcntl.fcntl(p.stdout, fcntl.F_SETFL, fcntl.fcntl(p.stdout, fcntl.F_GETFL) & ~os.O_NONBLOCK)
             fcntl.fcntl(p.stderr, fcntl.F_SETFL, fcntl.fcntl(p.stderr, fcntl.F_GETFL) & ~os.O_NONBLOCK)
diff --git a/lib/ansible/plugins/connection/psrp.py b/lib/ansible/plugins/connection/psrp.py
index 89b76e239e..371aa4836b 100644
--- a/lib/ansible/plugins/connection/psrp.py
+++ b/lib/ansible/plugins/connection/psrp.py
@@ -15,6 +15,8 @@ description:
 version_added: "2.7"
 requirements:
 - pypsrp (Python library)
+extends_documentation_fragment:
+    - connection_pipelining
 options:
   # transport options
   remote_addr:
diff --git a/lib/ansible/plugins/connection/ssh.py b/lib/ansible/plugins/connection/ssh.py
index ed44a035fe..4f0ffc8abe 100644
--- a/lib/ansible/plugins/connection/ssh.py
+++ b/lib/ansible/plugins/connection/ssh.py
@@ -16,6 +16,8 @@ DOCUMENTATION = '''
           a password manually to decrypt an ssh key when using this connection plugin (which is the default). The
           use of ``ssh-agent`` is highly recommended.
     author: ansible (@core)
+    extends_documentation_fragment:
+        - connection_pipelining
     version_added: historical
     options:
       host:
@@ -190,23 +192,14 @@ DOCUMENTATION = '''
             - name: ansible_user
             - name: ansible_ssh_user
       pipelining:
-          default: ANSIBLE_PIPELINING
-          description:
-            - Pipelining reduces the number of SSH operations required to execute a module on the remote server,
-              by executing many Ansible modules without actual file transfer.
-            - This can result in a very significant performance improvement when enabled.
-            - However this conflicts with privilege escalation (become).
-              For example, when using sudo operations you must first disable 'requiretty' in the sudoers file for the target hosts,
-              which is why this feature is disabled by default.
           env:
             - name: ANSIBLE_PIPELINING
             - name: ANSIBLE_SSH_PIPELINING
           ini:
-            - section: defaults
+            - section: connection
               key: pipelining
             - section: ssh_connection
               key: pipelining
-          type: boolean
           vars:
             - name: ansible_pipelining
             - name: ansible_ssh_pipelining
diff --git a/lib/ansible/plugins/connection/winrm.py b/lib/ansible/plugins/connection/winrm.py
index cd4645746b..c7c5530ecf 100644
--- a/lib/ansible/plugins/connection/winrm.py
+++ b/lib/ansible/plugins/connection/winrm.py
@@ -14,6 +14,8 @@ DOCUMENTATION = """
         - This plugin allows extra arguments to be passed that are supported by the protocol but not explicitly defined here.
           They should take the form of variables declared with the following pattern `ansible_winrm_<option>`.
     version_added: "2.0"
+    extends_documentation_fragment:
+        - connection_pipelining
     requirements:
         - pywinrm (python library)
     options:
diff --git a/lib/ansible/plugins/doc_fragments/connection_pipelining.py b/lib/ansible/plugins/doc_fragments/connection_pipelining.py
new file mode 100644
index 0000000000..c103144740
--- /dev/null
+++ b/lib/ansible/plugins/doc_fragments/connection_pipelining.py
@@ -0,0 +1,29 @@
+# Copyright (c) 2021 Ansible Project
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+
+class ModuleDocFragment(object):
+
+    # common shelldocumentation fragment
+    DOCUMENTATION = """
+options:
+    pipelining:
+          default: ANSIBLE_PIPELINING
+          description:
+            - Pipelining reduces the number of connection operations required to execute a module on the remote server,
+              by executing many Ansible modules without actual file transfers.
+            - This can result in a very significant performance improvement when enabled.
+            - However this can conflict with privilege escalation (become).
+              For example, when using sudo operations you must first disable 'requiretty' in the sudoers file for the target hosts,
+              which is why this feature is disabled by default.
+          env:
+            - name: ANSIBLE_PIPELINING
+          ini:
+            - section: defaults
+              key: pipelining
+          type: boolean
+          vars:
+            - name: ansible_pipelining
+"""