Remove restriction on add_host
There's actually not anything unsafe about add_host. Doing CD from Zuul requires being able to add hosts, so relax the restriction. Change-Id: I7a5992808773722f3b81890fb4193da202cfea68
This commit is contained in:
parent
127be25f82
commit
d07bc25fc2
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
The restriction on using ``add_host`` in playbooks has been lifted.
|
|
@ -1,26 +0,0 @@
|
|||
# Copyright 2016 Red Hat, Inc.
|
||||
#
|
||||
# This module is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This software is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this software. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
from zuul.ansible import paths
|
||||
add_host = paths._import_ansible_action_plugin("add_host")
|
||||
|
||||
|
||||
class ActionModule(add_host.ActionModule):
|
||||
|
||||
def run(self, tmp=None, task_vars=None):
|
||||
|
||||
return dict(
|
||||
failed=True,
|
||||
msg="Adding hosts to the inventory is prohibited")
|
|
@ -176,10 +176,6 @@ def _is_localhost_task(task):
|
|||
#
|
||||
# localhost is special, since it's not in the inventory but instead is
|
||||
# added directly by ansible.
|
||||
#
|
||||
# The only way a user could supply a remote_addr with arbitrary ipv6
|
||||
# values is if they used add_host - which we don't let unprivileged code
|
||||
# do.
|
||||
|
||||
if (task._play_context.connection == 'local'
|
||||
or task._play_context.remote_addr == 'localhost'
|
||||
|
|
Loading…
Reference in New Issue