diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 31af23651..276037d0b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -6,7 +6,7 @@ repos: - id: update-docs - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v5.0.0 + rev: v6.0.0 hooks: - id: check-merge-conflict - id: debug-statements @@ -15,7 +15,7 @@ repos: - id: trailing-whitespace - repo: https://github.com/pycontribs/mirrors-prettier - rev: "v3.3.3" + rev: "v3.6.2" hooks: - id: prettier additional_dependencies: @@ -23,17 +23,17 @@ repos: - prettier-plugin-toml - repo: https://github.com/PyCQA/isort - rev: 5.13.2 + rev: 6.0.1 hooks: - id: isort args: ["--filter-files"] - repo: https://github.com/psf/black - rev: 24.10.0 + rev: 25.1.0 hooks: - id: black - repo: https://github.com/pycqa/flake8 - rev: 7.1.1 + rev: 7.3.0 hooks: - id: flake8 diff --git a/changelogs/fragments/fix_721_private_key.yml b/changelogs/fragments/fix_721_private_key.yml new file mode 100644 index 000000000..de7033229 --- /dev/null +++ b/changelogs/fragments/fix_721_private_key.yml @@ -0,0 +1,3 @@ +bugfixes: + - "Added support for private key passphrase in libssh connection plugin, when using encrypted private keys specified by the C(ansible_private_key_file) attribute." + - "Set libssh logging level to DEBUG when Ansible verbosity is greater than 3, to aid in troubleshooting connection issues." diff --git a/docs/ansible.netcommon.libssh_connection.rst b/docs/ansible.netcommon.libssh_connection.rst index 478f9e3e2..ac21d4dc1 100644 --- a/docs/ansible.netcommon.libssh_connection.rst +++ b/docs/ansible.netcommon.libssh_connection.rst @@ -196,6 +196,26 @@ Parameters
Requires ansible-pylibssh version >= 1.0.0
+ + +
+ private_key_passphrase + +
+ string +
+ + + + +
var: ansible_private_key_password
+
var: ansible_private_key_passphrase
+ + +
Passphrase used to unlock the private key specified by the ansible_private_key_file attribute.
+
This is required if the private key is encrypted with a passphrase.
+ +
diff --git a/plugins/connection/libssh.py b/plugins/connection/libssh.py index fd1e71dd8..725609310 100644 --- a/plugins/connection/libssh.py +++ b/plugins/connection/libssh.py @@ -65,6 +65,14 @@ vars: - name: ansible_libssh_password_prompt version_added: 3.1.0 + private_key_passphrase: + description: + - Passphrase used to unlock the private key specified by the C(ansible_private_key_file) attribute. + - This is required if the private key is encrypted with a passphrase. + type: string + vars: + - name: ansible_private_key_password + - name: ansible_private_key_passphrase host_key_auto_add: description: 'TODO: write it' env: [{name: ANSIBLE_LIBSSH_HOST_KEY_AUTO_ADD}] @@ -389,7 +397,7 @@ def _connect_uncached(self): self.ssh = Session() if display.verbosity > 3: - self.ssh.set_log_level(logging.INFO) + self.ssh.set_log_level(logging.DEBUG) self.keyfile = os.path.expanduser("~/.ssh/known_hosts") @@ -432,6 +440,7 @@ def _connect_uncached(self): password=self.get_option("password"), password_prompt=self.get_option("password_prompt"), private_key=private_key, + private_key_password=self.get_option("private_key_passphrase"), timeout=self._play_context.timeout, port=port, **ssh_connect_kwargs, diff --git a/plugins/module_utils/cli_parser/cli_parsertemplate.py b/plugins/module_utils/cli_parser/cli_parsertemplate.py index 004b9e657..c44332759 100644 --- a/plugins/module_utils/cli_parser/cli_parsertemplate.py +++ b/plugins/module_utils/cli_parser/cli_parsertemplate.py @@ -9,7 +9,7 @@ # Simplified BSD License (see LICENSES/BSD-2-Clause.txt or https://opensource.org/licenses/BSD-2-Clause) # SPDX-License-Identifier: BSD-2-Clause -""" A shim class for the NetworkTemplate +"""A shim class for the NetworkTemplate this was done in case there is a need to modify the resource module parser class or extend it a split it from the cli parsers. diff --git a/plugins/sub_plugins/cli_parser/pyats_parser.py b/plugins/sub_plugins/cli_parser/pyats_parser.py index 4b91c3d46..bca7db8e5 100644 --- a/plugins/sub_plugins/cli_parser/pyats_parser.py +++ b/plugins/sub_plugins/cli_parser/pyats_parser.py @@ -137,5 +137,5 @@ def parse(self, *_args, **_kwargs): parsed = device.parse(command, output=cli_output) except Exception as exc: msg = "The pyats library return an error for '{cmd}' for '{os}'. Error: {err}." - return {"errors": [(msg.format(cmd=command, os=network_os, err=to_native(exc)))]} + return {"errors": [msg.format(cmd=command, os=network_os, err=to_native(exc))]} return {"parsed": parsed} diff --git a/tests/unit/plugins/connection/test_libssh.py b/tests/unit/plugins/connection/test_libssh.py index 7c3b6c25f..fd066e0fb 100644 --- a/tests/unit/plugins/connection/test_libssh.py +++ b/tests/unit/plugins/connection/test_libssh.py @@ -58,6 +58,7 @@ def test_libssh_connect(conn, monkeypatch): look_for_keys=True, password="test", password_prompt=None, + private_key_password=None, port=8080, timeout=60, user="user1",