Add ssh_forward_agent group data variable.

This makes it possible for a deploy / inventory to explicitly enable or disable SSH agent forwarding for a given host/group, overriding any values defined in the executing users SSH config.
pyinfra-dev · Jul 21, 2021 · d899763 · d899763
1 parent 7a0065f
commit d899763
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 4 deletions.
diff --git a/pyinfra/api/connectors/ssh.py b/pyinfra/api/connectors/ssh.py
@@ -158,6 +158,8 @@ def _make_paramiko_kwargs(state, host):
         'allow_agent': False,
         'look_for_keys': False,
         'hostname': host.data.ssh_hostname or host.name,
+        # Special pyinfra specific kwarg for our custom SSHClient
+        '_pyinfra_force_forward_agent': host.data.ssh_forward_agent,
     }
 
     for key, value in (

diff --git a/pyinfra/api/connectors/sshuserclient/client.py b/pyinfra/api/connectors/sshuserclient/client.py
@@ -33,10 +33,13 @@ class SSHClient(ParamikoClient):
     original idea at http://bitprophet.org/blog/2012/11/05/gateway-solutions/.
     '''
 
-    def connect(self, hostname, **kwargs):
-        self.hostname, self.config, forward_agent = self.parse_config(hostname)
-        self.config.update(kwargs)
-        super(SSHClient, self).connect(self.hostname, **self.config)
+    def connect(self, hostname, _pyinfra_force_forward_agent=None, **kwargs):
+        hostname, config, forward_agent = self.parse_config(hostname)
+        config.update(kwargs)
+        super(SSHClient, self).connect(hostname, **config)
+
+        if _pyinfra_force_forward_agent is not None:
+            forward_agent = _pyinfra_force_forward_agent
 
         if forward_agent:
             # Enable SSH forwarding