Re: [Fab-user] Fabric Run Prompt

[Chris McDonald]

On Mon, Nov 21, 2011 at 11:46 AM, Kyle B <address@hidden> wrote:
> Hey Jeff,
>
> Specifically, I am building a deployment automation system built on top of
> fabric. The module I am currently working on is svn. As this is an automated
> deployment system, there will be no user interaction. The end user will
> click "GO" when they want to deploy, and off fabric will go to deploy to ~50
> servers.
>
> So right now I have fabric running:
>
> run("svn update --username kyle --no-auth-cache /www/doc_root/html
> /www/doc_root/crons")
>
> The svn server we have uses http auth. So when I have fabric run that
> command, it immediately responds back with asking for my password for the
> username "kyle" passed above on the command line.
>
> So I'm wondering if Fabric currently has that type of built in expect
> functionality? When I run the command above, I expect it to prompt for my
> svn password. When it does, I would like to automatically pass it in.
>
> I know that I can do this using pyexpect or a custom paramiko
> implementation, but was seeing if there was anything built in to fabric to
> handle expected user interaction and automate it?
>
> Thanks,
>
> -Kyle
>
>
> On Mon, Nov 21, 2011 at 11:42 AM, Jeff Forcier <address@hidden> wrote:
>>
>> On Mon, Nov 21, 2011 at 10:33 AM, Kyle B <address@hidden> wrote:
>> > I'm with Paul on this one. My scripts are for an automated deployment
>> > system. There will be no human interacting with them. I would also like
>> > to
>> > see if this is possible to have automated handling of interactive
>> > prompts
>> > through fabric. Otherwise, just like Paul, I have to revert to either
>> > using
>> > pyexpect or paramiko.
>>
>> What are you doing exactly which cannot be automated through
>> traditional means? This is not some enormous missing feature or we'd
>> get more than a couple of new requests for it every quarter :)
>>
>> The majority of Unix programs out there offer various ways to run
>> non-interactively, specifically so they may be scripted. Having a
>> feature to deal with poorly behaved programs is thus not super high on
>> my "implement myself" priority list.
>>
>> Not that it wouldn't be a useful feature in general (since things are
>> never perfect re: well behaved programs) -- if someone were to
>> contribute a patch meshing expect-like behavior with Fabric's exec
>> model, I'd have no qualms about trying to merge it in.
>>
>> -Jeff
>>
>> --
>> Jeff Forcier
>> Unix sysadmin; Python/Ruby engineer
>> http://bitprophet.org
>
>
> _______________________________________________
> Fab-user mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/fab-user
>
>

It always seems to be this way. Every time this expect behavior topic
comes, it always comes down to people keep trying to store passwords
on their system in plain text so they can automate stuff. If at all
possible switch to public key auth. It is actually secure, tried and
true, and works with automation.

HTTP Auth is a speed bump, not a barricade. I'd like to one day see a
usage of this that doesn't concern passwords, at that point I might be
willing to back it. But even then, I'd likely recommend you patch the
program to take whatever you are trying to pass to it as a flag
instead of patching expect into fabric.