diff options
author | Brian Coca <bcoca@users.noreply.github.com> | 2017-08-11 15:21:12 -0400 |
---|---|---|
committer | Brian Coca <brian.coca+git@gmail.com> | 2017-09-29 10:52:46 -0400 |
commit | a9e8f383425fb4fa47035a67749689cd45ae5468 (patch) | |
tree | 19cb951dfaa0f38e05a5bf6b6fc7ddf3bd7db620 | |
parent | fd37f27d2bcead8313b52f770469a49d777766f1 (diff) | |
download | ansible-a9e8f383425fb4fa47035a67749689cd45ae5468.tar.gz |
validate include_role args (#28077)
* validate include_role args
* removed unused static
(cherry picked from commit d89dd75769cc83e424f4c862611e43addf0ffec8)
-rw-r--r-- | CHANGELOG.md | 1 | ||||
-rw-r--r-- | lib/ansible/playbook/role_include.py | 28 |
2 files changed, 19 insertions, 10 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index b4c7059431..c1cbb913fc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -53,6 +53,7 @@ Ansible Changes By Release * Fix the issue SSL verification can not be disabled for Tower modules * Use safe_load instead on load to read a yaml document * Fix for win_file to respect check mode when deleting directories +* Include_role now complains about invalid arguments <a id="2.3.2"></a> diff --git a/lib/ansible/playbook/role_include.py b/lib/ansible/playbook/role_include.py index fbcc313278..454f445435 100644 --- a/lib/ansible/playbook/role_include.py +++ b/lib/ansible/playbook/role_include.py @@ -43,13 +43,17 @@ class IncludeRole(Task): circumstances related to the `- include_role: ...` """ + BASE = frozenset(['name', 'role']) # directly assigned + FROM_ARGS = frozenset(['tasks_from', 'vars_from', 'defaults_from']) # used to populate from dict in role + OTHER_ARGS = frozenset(['private', 'allow_duplicates']) # assigned to matching property + VALID_ARGS = frozenset(BASE.union(FROM_ARGS.union(OTHER_ARGS))) # all valid args + # ================================================================================= # ATTRIBUTES # private as this is a 'module options' vs a task property _allow_duplicates = FieldAttribute(isa='bool', default=True, private=True) _private = FieldAttribute(isa='bool', default=None, private=True) - _static = FieldAttribute(isa='bool', default=None) def __init__(self, block=None, role=None, task_include=None): @@ -98,23 +102,27 @@ class IncludeRole(Task): ir = IncludeRole(block, role, task_include=task_include).load_data(data, variable_manager=variable_manager, loader=loader) - ### Process options + # Validate options + my_arg_names = frozenset(ir.args.keys()) + # name is needed, or use role as alias ir._role_name = ir.args.get('name', ir.args.get('role')) if ir._role_name is None: raise AnsibleParserError("'name' is a required field for include_role.") + # validate bad args, otherwise we silently ignore + bad_opts = my_arg_names.difference(IncludeRole.VALID_ARGS) + if bad_opts: + raise AnsibleParserError('Invalid options for include_role: %s' % ','.join(list(bad_opts))) + # build options for role includes - for key in ['tasks', 'vars', 'defaults']: - from_key ='%s_from' % key - if ir.args.get(from_key): - ir._from_files[key] = basename(ir.args.get(from_key)) + for key in IncludeRole.FROM_ARGS.intersection(my_arg_names): + from_key = key.replace('_from', '') + ir._from_files[from_key] = basename(ir.args.get(key)) - #FIXME: find a way to make this list come from object ( attributes does not work as per below) # manual list as otherwise the options would set other task parameters we don't want. - for option in ['private', 'allow_duplicates']: - if option in ir.args: - setattr(ir, option, ir.args.get(option)) + for option in IncludeRole.OTHER_ARGS.intersection(my_arg_names): + setattr(ir, option, ir.args.get(option)) return ir |