(puppetlabsGH-1425) Set default value for sudo-password to value for …

…password This sets the default value for `sudo-password` to the same value as `password`. This feature is gated by `future`.
beechtom · Dec 6, 2019 · 188855d · 188855d
1 parent 8d68b6e
commit 188855d
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 0 deletions.
diff --git a/lib/bolt/transport/local/shell.rb b/lib/bolt/transport/local/shell.rb
@@ -31,15 +31,20 @@ def initialize(target)
         def handle_sudo(stdin, err, pid, sudo_stdin)
           if err.include?(Sudoable.sudo_prompt)
             # A wild sudo prompt has appeared!
+            # rubocop:disable Style/GlobalVars
             if @target.options['sudo-password']
               stdin.write("#{@target.options['sudo-password']}\n")
               ''
+            elsif @target.options['password'] && $future
+              stdin.write("#{@target.options['password']}\n")
+              ''
             else
               raise Bolt::Node::EscalateError.new(
                 "Sudo password for user #{@user} was not provided for localhost",
                 'NO_PASSWORD'
               )
             end
+            # rubocop:enable Style/GlobalVars
           elsif err =~ /^#{@sudo_id}/
             if sudo_stdin
               stdin.write("#{sudo_stdin}\n")

diff --git a/lib/bolt/transport/ssh/connection.rb b/lib/bolt/transport/ssh/connection.rb
@@ -148,10 +148,15 @@ def disconnect
 
         def handled_sudo(channel, data, stdin)
           if data.lines.include?(Sudoable.sudo_prompt)
+            # rubocop:disable Style/GlobalVars
             if target.options['sudo-password']
               channel.send_data("#{target.options['sudo-password']}\n")
               channel.wait
               return true
+            elsif target.options['password'] && $future
+              channel.send_data("#{target.options['password']}\n")
+              channel.wait
+              return true
             else
               # Cancel the sudo prompt to prevent later commands getting stuck
               channel.close
@@ -160,6 +165,7 @@ def handled_sudo(channel, data, stdin)
                 'NO_PASSWORD'
               )
             end
+            # rubocop:enable Style/GlobalVars
           elsif data =~ /^#{@sudo_id}/
             if stdin
               channel.send_data(stdin)

diff --git a/spec/shared_examples/transport.rb b/spec/shared_examples/transport.rb
@@ -647,6 +647,31 @@ def make_target(target_: host_and_port, conf: config)
                          "Sudo password for user #{user} was not provided for #{safe_name}")
       end
     end
+
+    context "with no sudo-password" do
+      let(:config) {
+        mk_config('password' => password, 'run-as' => 'root')
+      }
+      let(:target) { make_target }
+      after(:each) {
+        # rubocop:disable Style/GlobalVars
+        $future = nil
+        # rubocop:enable Style/GlobalVars
+      }
+
+      it "uses password as sudo-password when future is set" do
+        let(:config) {
+          mk_config('host-key-check' => false, 'password' => password, 'run-as' => 'root',
+                    user: user, password: password)
+        }
+        let(:target) { make_target }
+
+        # rubocop:disable Style/GlobalVars
+        $future = nil
+        # rubocop:enable Style/GlobalVars
+        expect(runner.run_command(target, 'whoami')['stdout']).to eq("root\n")
+      end
+    end
   end
 
   context "using a custom run-as-command" do