a-c-m
/
community.general
mirror of https://github.com/ansible-collections/community.general.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

iso_extract: Add password argument (#9159) 

* iso_extract: Add password argument

* Update iso_extract.py

* Update iso_extract.py

* Update plugins/modules/iso_extract.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Create 9159-iso-extract_add_password.yml

* Update 9159-iso-extract_add_password.yml

* Remove default value for password

* Use password with 7z only

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

* Fix indentation

* Update plugins/modules/iso_extract.py

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>

* iso_extract: add password warning

* Update plugins/modules/iso_extract.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Shorten a docs line.

* Fix formatting.

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
pull/9223/head
jurelou 2024-12-02 20:16:30 +01:00 committed by GitHub
parent 41b6a281e1
commit da97e220ef
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
changelogs/fragments/9159-iso-extract_add_password.yml Normal file
View File

@ -0,0 +1,2 @@
minor_changes:
- iso_extract - adds ``password`` parameter that is passed to 7z (https://github.com/ansible-collections/community.general/pull/9159).

16
plugins/modules/iso_extract.py
View File

@ -67,6 +67,15 @@ options:
- The path to the C(7z) executable to use for extracting files from the ISO. - The path to the C(7z) executable to use for extracting files from the ISO.
- If not provided, it will assume the value V(7z). - If not provided, it will assume the value V(7z).
type: path type: path
password:
description:
- Password used to decrypt files from the ISO.
- Will only be used if 7z is used.
- The password is used as a command line argument to 7z. This is a B(potential security risk) that
allows passwords to be revealed if someone else can list running processes on the same machine
in the right moment.
type: str
version_added: 10.1.0
notes: notes:
- Only the file checksum (content) is taken into account when extracting files - Only the file checksum (content) is taken into account when extracting files
from the ISO image. If O(force=false), only checks the presence of the file. from the ISO image. If O(force=false), only checks the presence of the file.
@ -100,6 +109,7 @@ def main():
dest=dict(type='path', required=True), dest=dict(type='path', required=True),
files=dict(type='list', elements='str', required=True), files=dict(type='list', elements='str', required=True),
force=dict(type='bool', default=True), force=dict(type='bool', default=True),
password=dict(type='str', no_log=True),
executable=dict(type='path'), # No default on purpose executable=dict(type='path'), # No default on purpose
), ),
supports_check_mode=True, supports_check_mode=True,
@ -108,6 +118,7 @@ def main():
dest = module.params['dest'] dest = module.params['dest']
files = module.params['files'] files = module.params['files']
force = module.params['force'] force = module.params['force']
password = module.params['password']
executable = module.params['executable'] executable = module.params['executable']
result = dict( result = dict(
@ -154,7 +165,10 @@ def main():
# Use 7zip when we have a binary, otherwise try to mount # Use 7zip when we have a binary, otherwise try to mount
if binary: if binary:
cmd = [binary, 'x', image, '-o%s' % tmp_dir] + extract_files cmd = [binary, 'x', image, '-o%s' % tmp_dir]
if password:
cmd += ["-p%s" % password]
cmd += extract_files
else: else:
cmd = [module.get_bin_path('mount'), '-o', 'loop,ro', image, tmp_dir] cmd = [module.get_bin_path('mount'), '-o', 'loop,ro', image, tmp_dir]