From 50e0ccdc1c5274fd40b4039f3ab0a1d4a01caafc Mon Sep 17 00:00:00 2001 From: Luis Toledo Date: Tue, 19 Mar 2024 18:25:42 -0300 Subject: [PATCH] fix encryptExtraVarsKey move file copier clean to a finally block --- .../ansible/ansible/AnsibleRunner.java | 28 +++++++++---------- .../ansible/plugin/AnsibleFileCopier.java | 4 +-- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunner.java b/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunner.java index ba6fb86d..1fa740d0 100644 --- a/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunner.java +++ b/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunner.java @@ -424,7 +424,7 @@ public int run() throws Exception { String addeExtraVars = extraVars; if (encryptExtraVars && useAnsibleVault) { - addeExtraVars = encryptExtraVarsKey(extraVars, tempInternalVaultFile); + addeExtraVars = encryptExtraVarsKey(extraVars); } tempVarsFile = AnsibleUtil.createTemporaryFile("extra-vars", addeExtraVars); @@ -462,7 +462,7 @@ public int run() throws Exception { String finalextraVarsPassword = extraVarsPassword; if(useAnsibleVault){ - finalextraVarsPassword = encryptExtraVarsKey(extraVarsPassword, tempInternalVaultFile); + finalextraVarsPassword = encryptExtraVarsKey(extraVarsPassword); } tempSshVarsFile = AnsibleUtil.createTemporaryFile("ssh-extra-vars", finalextraVarsPassword); @@ -481,7 +481,7 @@ public int run() throws Exception { String finalextraVarsPassword = extraVarsPassword; if (useAnsibleVault) { - finalextraVarsPassword = encryptExtraVarsKey(extraVarsPassword, tempInternalVaultFile); + finalextraVarsPassword = encryptExtraVarsKey(extraVarsPassword); } tempBecameVarsFile = AnsibleUtil.createTemporaryFile("become-extra-vars", finalextraVarsPassword); @@ -696,22 +696,13 @@ public boolean registerKeySshAgent(String keyPath) throws Exception { } - public String encryptExtraVarsKey(String extraVars, File vaultPasswordFile) throws Exception { - Map extraVarsMap = null; + public String encryptExtraVarsKey(String extraVars) throws Exception { + Map extraVarsMap = new HashMap<>(); Map encryptedExtraVarsMap = new HashMap<>(); try { extraVarsMap = mapperYaml.readValue(extraVars, new TypeReference>() { }); - for (Map.Entry entry : extraVarsMap.entrySet()) { - String key = entry.getKey(); - String value = entry.getValue(); - String encryptedKey = ansibleVault.encryptVariable(key, value); - if (encryptedKey != null) { - encryptedExtraVarsMap.put(key, encryptedKey); - } - } - } catch (Exception e) { try { extraVarsMap = mapperJson.readValue(extraVars, new TypeReference>() { @@ -722,6 +713,15 @@ public String encryptExtraVarsKey(String extraVars, File vaultPasswordFile) thro } } + for (Map.Entry entry : extraVarsMap.entrySet()) { + String key = entry.getKey(); + String value = entry.getValue(); + String encryptedKey = ansibleVault.encryptVariable(key, value); + if (encryptedKey != null) { + encryptedExtraVarsMap.put(key, encryptedKey); + } + } + StringBuilder stringBuilder = new StringBuilder(); encryptedExtraVarsMap.forEach((key, value) -> { stringBuilder.append(key).append(":"); diff --git a/src/main/groovy/com/rundeck/plugins/ansible/plugin/AnsibleFileCopier.java b/src/main/groovy/com/rundeck/plugins/ansible/plugin/AnsibleFileCopier.java index df1470da..7c861a3a 100644 --- a/src/main/groovy/com/rundeck/plugins/ansible/plugin/AnsibleFileCopier.java +++ b/src/main/groovy/com/rundeck/plugins/ansible/plugin/AnsibleFileCopier.java @@ -157,10 +157,10 @@ private String doFileCopy( runner.run(); } catch (Exception e) { throw new FileCopierException("Error running Ansible.", AnsibleFailureReason.AnsibleError, e); + }finally { + contextBuilder.cleanupTempFiles(); } - contextBuilder.cleanupTempFiles(); - return destinationPath; }