provisioners/ansible: change arguments arrangement

- force `--connection=ssh` (any other modes like paramiko or smart are not supported) - give the highest priority to `raw_arguments` for sake of simplicity (in usage, in code and in documentation) - fix position of the `--limit` argument (the generated inventory could be shadowed by `raw_arguments`, while ansible.limit was able to override `raw_arguments` ref #3396
2014-11-30 02:02:29 +01:00 · 2014-11-30 02:02:29 +01:00 · 178942cf27
parent 306c4f7eda
commit 178942cf27
4 changed files with 40 additions and 32 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,5 +1,11 @@
 ## 1.7.0 (unreleased)

+BREAKING CHANGES:
+
+  - provisioners/ansible: `raw_arguments` has now highest priority
+  - provisioners/ansible: only the `ssh` connection transport is supported
+      (`paramiko` can be enabled with `raw_arguments` at your own risks)
+
 FEATURES:

  - **Named provisioners**: Provisioners can now be named. This name is used
--- a/plugins/provisioners/ansible/provisioner.rb
+++ b/plugins/provisioners/ansible/provisioner.rb
@ -12,7 +12,7 @@ module VagrantPlugins
        @ssh_info = @machine.ssh_info

        #
-        # 1) Default Settings (lowest precedence)
+        # Ansible provisioner options
        #

        # Connect with Vagrant SSH identity
@ -23,19 +23,13 @@ module VagrantPlugins
        # but can be enabled via raw_arguments option.
        options << "--connection=ssh"

-        # By default we limit by the current machine.
-        # This can be overridden by the limit config option.
-        options << "--limit=#{@machine.name}" unless config.limit
-
-        #
-        # 2) Configuration Joker
-        #
-
-        options.concat(self.as_array(config.raw_arguments)) if config.raw_arguments
-
-        #
-        # 3) Append Provisioner options (highest precedence):
-        #
+        # By default we limit by the current machine, but
+        # this can be overridden by the `limit` option.
+        if config.limit
+          options << "--limit=#{as_list_argument(config.limit)}"
+        else
+          options << "--limit=#{@machine.name}"
+        end

        options << "--inventory-file=#{self.setup_inventory_file}"
        options << "--extra-vars=#{self.get_extra_vars_argument}" if config.extra_vars
@ -47,10 +41,16 @@ module VagrantPlugins
        options << "--vault-password-file=#{config.vault_password_file}" if config.vault_password_file
        options << "--tags=#{as_list_argument(config.tags)}" if config.tags
        options << "--skip-tags=#{as_list_argument(config.skip_tags)}" if config.skip_tags
-        options << "--limit=#{as_list_argument(config.limit)}" if config.limit
        options << "--start-at-task=#{config.start_at_task}" if config.start_at_task

+        # Finally, add the configuration joker, which has the highest precedence and
+        # can therefore potentially override any other options of this provisioner.
+        options.concat(self.as_array(config.raw_arguments)) if config.raw_arguments
+
+        #
        # Assemble the full ansible-playbook command
+        #
+
        command = (%w(ansible-playbook) << options << config.playbook).flatten

        env = {
--- a/test/unit/plugins/provisioners/ansible/provisioner_test.rb
+++ b/test/unit/plugins/provisioners/ansible/provisioner_test.rb
@ -82,18 +82,18 @@ VF

    it "sets --limit argument" do
      expect(Vagrant::Util::Subprocess).to receive(:execute).with { |*args|
-        raw_limits = []
+        all_limits = args.select { |x| x =~ /^(--limit=|-l)/ }
        if config.raw_arguments
          raw_limits = config.raw_arguments.select { |x| x =~ /^(--limit=|-l)/ }
-        end
-        all_limits = args.select { |x| x =~ /^(--limit=|-l)/ }
-        expect(all_limits.length - raw_limits.length).to eq(1)
-
-        if config.limit
-          limit = config.limit.kind_of?(Array) ? config.limit.join(',') : config.limit
-          expect(all_limits.last).to eq("--limit=#{limit}")
+          expect(all_limits.length - raw_limits.length).to eq(1)
+          expect(all_limits.last).to eq(raw_limits.last)
        else
-          expect(all_limits.first).to eq("--limit=#{machine.name}")
+          if config.limit
+            limit = config.limit.kind_of?(Array) ? config.limit.join(',') : config.limit
+            expect(all_limits.last).to eq("--limit=#{limit}")
+          else
+            expect(all_limits.first).to eq("--limit=#{machine.name}")
+          end
        end
      }
    end
@ -292,6 +292,7 @@ VF
      before do
        config.sudo = false
        config.skip_tags = %w(foo bar)
+        config.limit = "all"
        config.raw_arguments = ["--connection=paramiko",
                                "--skip-tags=ignored",
                                "--module-path=/other/modules",
@ -300,11 +301,11 @@ VF
                                "--limit=foo",
                                "--limit=bar",
                                "--inventory-file=/forget/it/my/friend",
+                                "--user=lion",
                                "--new-arg=yeah"]
      end

-      it_should_set_arguments_and_environment_variables 16, 3, false, "paramiko"
-      it_should_create_and_use_generated_inventory
+      it_should_set_arguments_and_environment_variables 17, 3, false, "paramiko"

      it "sets all raw arguments" do
        expect(Vagrant::Util::Subprocess).to receive(:execute).with { |*args|
@ -314,9 +315,12 @@ VF
        }
      end

-      it "sets raw arguments before arguments related to supported options" do
+      it "sets raw arguments after arguments related to supported options" do
        expect(Vagrant::Util::Subprocess).to receive(:execute).with { |*args|
-          expect(args.index("--skip-tags=foo,bar")).to be > args.index("--skip-tags=ignored")
+          expect(args.index("--user=lion")).to be > args.index("--user=testuser")
+          expect(args.index("--inventory-file=/forget/it/my/friend")).to be > args.index("--inventory-file=#{generated_inventory_dir}")
+          expect(args.index("--limit=bar")).to be > args.index("--limit=all")
+          expect(args.index("--skip-tags=ignored")).to be > args.index("--skip-tags=foo,bar")
        }
      end

@ -528,7 +532,7 @@ VF

      it "shows the ansible-playbook command, with additional quotes when required" do
        expect(machine.env.ui).to receive(:detail).with { |full_command|
-          expect(full_command).to eq("PYTHONUNBUFFERED=1 ANSIBLE_FORCE_COLOR=true ANSIBLE_HOST_KEY_CHECKING=true ANSIBLE_SSH_ARGS='-o IdentityFile=/my/key2 -o ForwardAgent=yes -o ControlMaster=no -o ControlMaster=auto -o ControlPersist=60s' ansible-playbook --private-key=/my/key1 --user=testuser --connection=ssh --why-not --su-user=foot --ask-su-pass --limit='all' --inventory-file=#{generated_inventory_dir} --extra-vars=@#{File.expand_path(__FILE__)} --sudo --sudo-user=deployer -vvv --ask-sudo-pass --ask-vault-pass --vault-password-file=#{File.expand_path(__FILE__)} --tags=db,www --skip-tags=foo,bar --limit='machine*:&vagrant:!that_one' --start-at-task='an awesome task' playbook.yml")
+          expect(full_command).to eq("PYTHONUNBUFFERED=1 ANSIBLE_FORCE_COLOR=true ANSIBLE_HOST_KEY_CHECKING=true ANSIBLE_SSH_ARGS='-o IdentityFile=/my/key2 -o ForwardAgent=yes -o ControlMaster=no -o ControlMaster=auto -o ControlPersist=60s' ansible-playbook --private-key=/my/key1 --user=testuser --connection=ssh --limit='machine*:&vagrant:!that_one' --inventory-file=#{generated_inventory_dir} --extra-vars=@#{File.expand_path(__FILE__)} --sudo --sudo-user=deployer -vvv --ask-sudo-pass --ask-vault-pass --vault-password-file=#{File.expand_path(__FILE__)} --tags=db,www --skip-tags=foo,bar --start-at-task='an awesome task' --why-not --su-user=foot --ask-su-pass --limit='all' playbook.yml")
        }
      end
    end
--- a/website/docs/source/v2/provisioning/ansible.html.md
+++ b/website/docs/source/v2/provisioning/ansible.html.md
@ -196,9 +196,7 @@ by the sudo command.
 * `ansible.tags` can be set to a string or an array of tags. Only plays, roles and tasks tagged with these values will be executed.
 * `ansible.skip_tags` can be set to a string or an array of tags. Only plays, roles and tasks that *do not match* these values will be executed.
 * `ansible.start_at_task` can be set to a string corresponding to the task name where the playbook provision will start.
-* `ansible.raw_arguments` can be set to an array of strings corresponding to a list of `ansible-playbook` arguments (e.g. `['--check', '-M /my/modules']`). It is an *unsafe wildcard* that can be used to apply Ansible options that are not (yet) supported by this Vagrant provisioner. Following precedence rules apply:
-  * Any supported options (described above) will override conflicting `raw_arguments` value (e.g. `--tags` or `--start-at-task`)
-  * Vagrant default user authentication can be overridden via `raw_arguments` (with custom values for `--user` and `--private-key`)
+* `ansible.raw_arguments` can be set to an array of strings corresponding to a list of `ansible-playbook` arguments (e.g. `['--check', '-M /my/modules']`). It is an *unsafe wildcard* that can be used to apply Ansible options that are not (yet) supported by this Vagrant provisioner. As of Vagrant 1.7, `raw_arguments` has the highest priority and its values can potentially override or break other Vagrant settings.
 * `ansible.raw_ssh_args` can be set to an array of strings corresponding to a list of OpenSSH client parameters (e.g. `['-o ControlMaster=no']`). It is an *unsafe wildcard* that can be used to pass additional SSH settings to Ansible via `ANSIBLE_SSH_ARGS` environment variable.
 * `ansible.host_key_checking` can be set to `true` which will enable host key checking. As Vagrant 1.5, the default value is `false`, to avoid connection problems when creating new virtual machines.