ansible-core 2.15.4rc1__py3-none-any.whl → 2.16.0b2__py3-none-any.whl

ansible/parsing/dataloader.py

@@ -11,15 +11,16 @@ import os
 import os.path
 import re
 import tempfile
+import typing as t
 
 from ansible import constants as C
 from ansible.errors import AnsibleFileNotFound, AnsibleParserError
 from ansible.module_utils.basic import is_executable
 from ansible.module_utils.six import binary_type, text_type
-from ansible.module_utils._text import to_bytes, to_native, to_text
+from ansible.module_utils.common.text.converters import to_bytes, to_native, to_text
 from ansible.parsing.quoting import unquote
 from ansible.parsing.utils.yaml import from_yaml
-from ansible.parsing.vault import VaultLib, b_HEADER, is_encrypted, is_encrypted_file, parse_vaulttext_envelope
+from ansible.parsing.vault import VaultLib, b_HEADER, is_encrypted, is_encrypted_file, parse_vaulttext_envelope, PromptVaultSecret
 from ansible.utils.path import unfrackpath
 from ansible.utils.display import Display
 
@@ -45,7 +46,7 @@ class DataLoader:
     Usage:
 
         dl = DataLoader()
-        # optionally: dl.set_vault_password('foo')
+        # optionally: dl.set_vault_secrets([('default', ansible.parsing.vault.PrompVaultSecret(...),)])
         ds = dl.load('...')
         ds = dl.load_from_file('/path/to/file')
     '''
@@ -66,20 +67,19 @@ class DataLoader:
         # initialize the vault stuff with an empty password
         # TODO: replace with a ref to something that can get the password
         #       a creds/auth provider
-        # self.set_vault_password(None)
         self._vaults = {}
         self._vault = VaultLib()
         self.set_vault_secrets(None)
 
     # TODO: since we can query vault_secrets late, we could provide this to DataLoader init
-    def set_vault_secrets(self, vault_secrets):
+    def set_vault_secrets(self, vault_secrets: list[tuple[str, PromptVaultSecret]] | None) -> None:
         self._vault.secrets = vault_secrets
 
-    def load(self, data, file_name='<string>', show_content=True, json_only=False):
+    def load(self, data: str, file_name: str = '<string>', show_content: bool = True, json_only: bool = False) -> t.Any:
         '''Backwards compat for now'''
         return from_yaml(data, file_name, show_content, self._vault.secrets, json_only=json_only)
 
-    def load_from_file(self, file_name, cache=True, unsafe=False, json_only=False):
+    def load_from_file(self, file_name: str, cache: bool = True, unsafe: bool = False, json_only: bool = False) -> t.Any:
         ''' Loads data from a file, which can contain either JSON or YAML.  '''
 
         file_name = self.path_dwim(file_name)
@@ -105,28 +105,28 @@ class DataLoader:
             # return a deep copy here, so the cache is not affected
             return copy.deepcopy(parsed_data)
 
-    def path_exists(self, path):
+    def path_exists(self, path: str) -> bool:
         path = self.path_dwim(path)
         return os.path.exists(to_bytes(path, errors='surrogate_or_strict'))
 
-    def is_file(self, path):
+    def is_file(self, path: str) -> bool:
         path = self.path_dwim(path)
         return os.path.isfile(to_bytes(path, errors='surrogate_or_strict')) or path == os.devnull
 
-    def is_directory(self, path):
+    def is_directory(self, path: str) -> bool:
         path = self.path_dwim(path)
         return os.path.isdir(to_bytes(path, errors='surrogate_or_strict'))
 
-    def list_directory(self, path):
+    def list_directory(self, path: str) -> list[str]:
         path = self.path_dwim(path)
         return os.listdir(path)
 
-    def is_executable(self, path):
+    def is_executable(self, path: str) -> bool:
         '''is the given path executable?'''
         path = self.path_dwim(path)
         return is_executable(path)
 
-    def _decrypt_if_vault_data(self, b_vault_data, b_file_name=None):
+    def _decrypt_if_vault_data(self, b_vault_data: bytes, b_file_name: bytes | None = None) -> tuple[bytes, bool]:
         '''Decrypt b_vault_data if encrypted and return b_data and the show_content flag'''
 
         if not is_encrypted(b_vault_data):
@@ -139,7 +139,7 @@ class DataLoader:
         show_content = False
         return b_data, show_content
 
-    def _get_file_contents(self, file_name):
+    def _get_file_contents(self, file_name: str) -> tuple[bytes, bool]:
         '''
         Reads the file contents from the given file name
 
@@ -168,17 +168,17 @@ class DataLoader:
         except (IOError, OSError) as e:
             raise AnsibleParserError("an error occurred while trying to read the file '%s': %s" % (file_name, to_native(e)), orig_exc=e)
 
-    def get_basedir(self):
+    def get_basedir(self) -> str:
         ''' returns the current basedir '''
         return self._basedir
 
-    def set_basedir(self, basedir):
+    def set_basedir(self, basedir: str) -> None:
         ''' sets the base directory, used to find files when a relative path is given '''
 
         if basedir is not None:
             self._basedir = to_text(basedir)
 
-    def path_dwim(self, given):
+    def path_dwim(self, given: str) -> str:
         '''
         make relative paths work like folks expect.
         '''
@@ -194,7 +194,7 @@ class DataLoader:
 
         return unfrackpath(path, follow=False)
 
-    def _is_role(self, path):
+    def _is_role(self, path: str) -> bool:
         ''' imperfect role detection, roles are still valid w/o tasks|meta/main.yml|yaml|etc '''
 
         b_path = to_bytes(path, errors='surrogate_or_strict')
@@ -228,7 +228,7 @@ class DataLoader:
 
         return False
 
-    def path_dwim_relative(self, path, dirname, source, is_role=False):
+    def path_dwim_relative(self, path: str, dirname: str, source: str, is_role: bool = False) -> str:
         '''
         find one file in either a role or playbook dir with or without
         explicitly named dirname subdirs
@@ -283,7 +283,7 @@ class DataLoader:
 
         return candidate
 
-    def path_dwim_relative_stack(self, paths, dirname, source, is_role=False):
+    def path_dwim_relative_stack(self, paths: list[str], dirname: str, source: str, is_role: bool = False) -> str:
         '''
         find one file in first path in stack taking roles into account and adding play basedir as fallback
 
@@ -342,7 +342,7 @@ class DataLoader:
 
         return result
 
-    def _create_content_tempfile(self, content):
+    def _create_content_tempfile(self, content: str | bytes) -> str:
         ''' Create a tempfile containing defined content '''
         fd, content_tempfile = tempfile.mkstemp(dir=C.DEFAULT_LOCAL_TMP)
         f = os.fdopen(fd, 'wb')
@@ -356,7 +356,7 @@ class DataLoader:
             f.close()
         return content_tempfile
 
-    def get_real_file(self, file_path, decrypt=True):
+    def get_real_file(self, file_path: str, decrypt: bool = True) -> str:
         """
         If the file is vault encrypted return a path to a temporary decrypted file
         If the file is not encrypted then the path is returned
@@ -396,7 +396,7 @@ class DataLoader:
         except (IOError, OSError) as e:
             raise AnsibleParserError("an error occurred while trying to read the file '%s': %s" % (to_native(real_path), to_native(e)), orig_exc=e)
 
-    def cleanup_tmp_file(self, file_path):
+    def cleanup_tmp_file(self, file_path: str) -> None:
         """
         Removes any temporary files created from a previous call to
         get_real_file. file_path must be the path returned from a
@@ -406,7 +406,7 @@ class DataLoader:
             os.unlink(file_path)
             self._tempfiles.remove(file_path)
 
-    def cleanup_all_tmp_files(self):
+    def cleanup_all_tmp_files(self) -> None:
         """
         Removes all temporary files that DataLoader has created
         NOTE: not thread safe, forks also need special handling see __init__ for details.
@@ -417,7 +417,7 @@ class DataLoader:
             except Exception as e:
                 display.warning("Unable to cleanup temp files: %s" % to_text(e))
 
-    def find_vars_files(self, path, name, extensions=None, allow_dir=True):
+    def find_vars_files(self, path: str, name: str, extensions: list[str] | None = None, allow_dir: bool = True) -> list[str]:
         """
         Find vars files in a given path with specified name. This will find
         files in a dir named <name>/ or a file called <name> ending in known
@@ -447,11 +447,11 @@ class DataLoader:
                     else:
                         continue
                 else:
-                    found.append(full_path)
+                    found.append(to_text(full_path))
                 break
         return found
 
-    def _get_dir_vars_files(self, path, extensions):
+    def _get_dir_vars_files(self, path: str, extensions: list[str]) -> list[str]:
         found = []
         for spath in sorted(self.list_directory(path)):
             if not spath.startswith(u'.') and not spath.endswith(u'~'):  # skip hidden and backups

ansible/parsing/mod_args.py

@@ -22,7 +22,7 @@ __metaclass__ = type
 import ansible.constants as C
 from ansible.errors import AnsibleParserError, AnsibleError, AnsibleAssertionError
 from ansible.module_utils.six import string_types
-from ansible.module_utils._text import to_text
+from ansible.module_utils.common.text.converters import to_text
 from ansible.parsing.splitter import parse_kv, split_args
 from ansible.plugins.loader import module_loader, action_loader
 from ansible.template import Templar

ansible/parsing/plugin_docs.py

@@ -9,7 +9,7 @@ import tokenize
 
 from ansible import constants as C
 from ansible.errors import AnsibleError, AnsibleParserError
-from ansible.module_utils._text import to_text, to_native
+from ansible.module_utils.common.text.converters import to_text, to_native
 from ansible.parsing.yaml.loader import AnsibleLoader
 from ansible.utils.display import Display
 
@@ -151,10 +151,10 @@ def read_docstring_from_python_file(filename, verbose=True, ignore_errors=True):
                             if theid == 'EXAMPLES':
                                 # examples 'can' be yaml, but even if so, we dont want to parse as such here
                                 # as it can create undesired 'objects' that don't display well as docs.
-                                data[varkey] = to_text(child.value.s)
+                                data[varkey] = to_text(child.value.value)
                             else:
                                 # string should be yaml if already not a dict
-                                data[varkey] = AnsibleLoader(child.value.s, file_name=filename).get_single_data()
+                                data[varkey] = AnsibleLoader(child.value.value, file_name=filename).get_single_data()
 
                         display.debug('Documentation assigned: %s' % varkey)
 

ansible/parsing/splitter.py

@@ -23,7 +23,7 @@ import codecs
 import re
 
 from ansible.errors import AnsibleParserError
-from ansible.module_utils._text import to_text
+from ansible.module_utils.common.text.converters import to_text
 from ansible.parsing.quoting import unquote
 
 
@@ -58,15 +58,7 @@ def parse_kv(args, check_raw=False):
 
     options = {}
     if args is not None:
-        try:
-            vargs = split_args(args)
-        except IndexError as e:
-            raise AnsibleParserError("Unable to parse argument string", orig_exc=e)
-        except ValueError as ve:
-            if 'no closing quotation' in str(ve).lower():
-                raise AnsibleParserError("error parsing argument string, try quoting the entire line.", orig_exc=ve)
-            else:
-                raise
+        vargs = split_args(args)
 
         raw_params = []
         for orig_x in vargs:
@@ -168,6 +160,9 @@ def split_args(args):
     how Ansible needs to use it.
     '''
 
+    if not args:
+        return []
+
     # the list of params parsed out of the arg string
     # this is going to be the result value when we are done
     params = []
@@ -204,6 +199,10 @@ def split_args(args):
             # Empty entries means we have subsequent spaces
             # We want to hold onto them so we can reconstruct them later
             if len(token) == 0 and idx != 0:
+                # Make sure there is a params item to store result in.
+                if not params:
+                    params.append('')
+
                 params[-1] += ' '
                 continue
 
@@ -235,13 +234,11 @@ def split_args(args):
             elif print_depth or block_depth or comment_depth or inside_quotes or was_inside_quotes:
                 if idx == 0 and was_inside_quotes:
                     params[-1] = "%s%s" % (params[-1], token)
-                elif len(tokens) > 1:
+                else:
                     spacer = ''
                     if idx > 0:
                         spacer = ' '
                     params[-1] = "%s%s%s" % (params[-1], spacer, token)
-                else:
-                    params[-1] = "%s\n%s" % (params[-1], token)
                 appended = True
 
             # if the number of paired block tags is not the same, the depth has changed, so we calculate that here
@@ -273,10 +270,11 @@ def split_args(args):
         # one item (meaning we split on newlines), add a newline back here
         # to preserve the original structure
         if len(items) > 1 and itemidx != len(items) - 1 and not line_continuation:
-            params[-1] += '\n'
+            # Make sure there is a params item to store result in.
+            if not params:
+                params.append('')
 
-        # always clear the line continuation flag
-        line_continuation = False
+            params[-1] += '\n'
 
     # If we're done and things are not at zero depth or we're still inside quotes,
     # raise an error to indicate that the args were unbalanced

ansible/parsing/utils/yaml.py

@@ -13,7 +13,7 @@ from yaml import YAMLError
 
 from ansible.errors import AnsibleParserError
 from ansible.errors.yaml_strings import YAML_SYNTAX_ERROR
-from ansible.module_utils._text import to_native
+from ansible.module_utils.common.text.converters import to_native
 from ansible.parsing.yaml.loader import AnsibleLoader
 from ansible.parsing.yaml.objects import AnsibleBaseYAMLObject
 from ansible.parsing.ajson import AnsibleJSONDecoder

ansible/parsing/vault/__init__.py

@@ -55,7 +55,7 @@ except ImportError:
 from ansible.errors import AnsibleError, AnsibleAssertionError
 from ansible import constants as C
 from ansible.module_utils.six import binary_type
-from ansible.module_utils._text import to_bytes, to_text, to_native
+from ansible.module_utils.common.text.converters import to_bytes, to_text, to_native
 from ansible.utils.display import Display
 from ansible.utils.path import makedirs_safe, unfrackpath
 
@@ -787,13 +787,13 @@ class VaultEditor:
 
             passes = 3
             with open(tmp_path, "wb") as fh:
-                for _ in range(passes):
+                for dummy in range(passes):
                     fh.seek(0, 0)
                     # get a random chunk of data, each pass with other length
                     chunk_len = random.randint(max_chunk_len // 2, max_chunk_len)
                     data = os.urandom(chunk_len)
 
-                    for _ in range(0, file_len // chunk_len):
+                    for dummy in range(0, file_len // chunk_len):
                         fh.write(data)
                     fh.write(data[:file_len % chunk_len])
 
@@ -1044,10 +1044,10 @@ class VaultEditor:
         since in the plaintext case, the original contents can be of any text encoding
         or arbitrary binary data.
 
-        When used to write the result of vault encryption, the val of the 'data' arg
-        should be a utf-8 encoded byte string and not a text typ and not a text type..
+        When used to write the result of vault encryption, the value of the 'data' arg
+        should be a utf-8 encoded byte string and not a text type.
 
-        When used to write the result of vault decryption, the val of the 'data' arg
+        When used to write the result of vault decryption, the value of the 'data' arg
         should be a byte string and not a text type.
 
         :arg data: the byte string (bytes) data
@@ -1077,6 +1077,8 @@ class VaultEditor:
             output = getattr(sys.stdout, 'buffer', sys.stdout)
             output.write(b_file_data)
         else:
+            if not os.access(os.path.dirname(thefile), os.W_OK):
+                raise AnsibleError("Destination '%s' not writable" % (os.path.dirname(thefile)))
             # file names are insecure and prone to race conditions, so remove and create securely
             if os.path.isfile(thefile):
                 if shred:

ansible/parsing/yaml/constructor.py

@@ -23,7 +23,7 @@ from yaml.constructor import SafeConstructor, ConstructorError
 from yaml.nodes import MappingNode
 
 from ansible import constants as C
-from ansible.module_utils._text import to_bytes, to_native
+from ansible.module_utils.common.text.converters import to_bytes, to_native
 from ansible.parsing.yaml.objects import AnsibleMapping, AnsibleSequence, AnsibleUnicode, AnsibleVaultEncryptedUnicode
 from ansible.parsing.vault import VaultLib
 from ansible.utils.display import Display

ansible/parsing/yaml/objects.py

@@ -24,7 +24,7 @@ import sys as _sys
 from collections.abc import Sequence
 
 from ansible.module_utils.six import text_type
-from ansible.module_utils._text import to_bytes, to_text, to_native
+from ansible.module_utils.common.text.converters import to_bytes, to_text, to_native
 
 
 class AnsibleBaseYAMLObject(object):

ansible/playbook/__init__.py

@@ -23,7 +23,7 @@ import os
 
 from ansible import constants as C
 from ansible.errors import AnsibleParserError
-from ansible.module_utils._text import to_text, to_native
+from ansible.module_utils.common.text.converters import to_text, to_native
 from ansible.playbook.play import Play
 from ansible.playbook.playbook_include import PlaybookInclude
 from ansible.plugins.loader import add_all_plugin_dirs

ansible/playbook/base.py

@@ -19,7 +19,7 @@ from ansible import context
 from ansible.errors import AnsibleError, AnsibleParserError, AnsibleUndefinedVariable, AnsibleAssertionError
 from ansible.module_utils.six import string_types
 from ansible.module_utils.parsing.convert_bool import boolean
-from ansible.module_utils._text import to_text, to_native
+from ansible.module_utils.common.text.converters import to_text, to_native
 from ansible.parsing.dataloader import DataLoader
 from ansible.playbook.attribute import Attribute, FieldAttribute, ConnectionFieldAttribute, NonInheritableFieldAttribute
 from ansible.plugins.loader import module_loader, action_loader
@@ -637,7 +637,7 @@ class FieldAttributeBase:
         else:
             combined = value + new_value
 
-        return [i for i, _ in itertools.groupby(combined) if i is not None]
+        return [i for i, dummy in itertools.groupby(combined) if i is not None]
 
     def dump_attrs(self):
         '''

ansible/playbook/block.py

@@ -377,7 +377,6 @@ class Block(Base, Conditional, CollectionSearch, Taggable, Notifiable, Delegatab
                     if filtered_block.has_tasks():
                         tmp_list.append(filtered_block)
                 elif ((task.action in C._ACTION_META and task.implicit) or
-                        (task.action in C._ACTION_INCLUDE and task.evaluate_tags([], self._play.skip_tags, all_vars=all_vars)) or
                         task.evaluate_tags(self._play.only_tags, self._play.skip_tags, all_vars=all_vars)):
                     tmp_list.append(task)
             return tmp_list

ansible/playbook/conditional.py

@@ -19,15 +19,10 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type
 
-import ast
 import typing as t
 
-from jinja2.compiler import generate
-from jinja2.exceptions import UndefinedError
-
 from ansible.errors import AnsibleError, AnsibleUndefinedVariable
-from ansible.module_utils.six import text_type
-from ansible.module_utils._text import to_native
+from ansible.module_utils.common.text.converters import to_native
 from ansible.playbook.attribute import FieldAttribute
 from ansible.template import Templar
 from ansible.utils.display import Display
@@ -36,7 +31,6 @@ display = Display()
 
 
 class Conditional:
-
     '''
     This is a mix-in class, to be used with Base to allow the object
     to be run conditionally when a condition is met or skipped.
@@ -53,7 +47,7 @@ class Conditional:
                 raise AnsibleError("a loader must be specified when using Conditional() directly")
             else:
                 self._loader = loader
-        super(Conditional, self).__init__()
+        super().__init__()
 
     def _validate_when(self, attr, name, value):
         if not isinstance(value, list):
@@ -67,123 +61,55 @@ class Conditional:
         return self.evaluate_conditional_with_result(templar, all_vars)[0]
 
     def evaluate_conditional_with_result(self, templar: Templar, all_vars: dict[str, t.Any]) -> tuple[bool, t.Optional[str]]:
-        """
-        Loops through the conditionals set on this object, returning
+        """Loops through the conditionals set on this object, returning
         False if any of them evaluate as such as well as the condition
         that was false.
         """
-
-        # since this is a mix-in, it may not have an underlying datastructure
-        # associated with it, so we pull it out now in case we need it for
-        # error reporting below
-        ds = None
-        if hasattr(self, '_ds'):
-            ds = getattr(self, '_ds')
-
-        result = True
-        false_condition: t.Optional[str] = None
-        try:
-            for conditional in self.when:
-
-                # do evaluation
-                if conditional is None or conditional == '':
-                    res = True
-                elif isinstance(conditional, bool):
-                    res = conditional
-                else:
+        for conditional in self.when:
+            if conditional is None or conditional == "":
+                res = True
+            elif isinstance(conditional, bool):
+                res = conditional
+            else:
+                try:
                     res = self._check_conditional(conditional, templar, all_vars)
+                except AnsibleError as e:
+                    raise AnsibleError(
+                        "The conditional check '%s' failed. The error was: %s" % (to_native(conditional), to_native(e)),
+                        obj=getattr(self, '_ds', None)
+                    )
 
-                # only update if still true, preserve false
-                if result:
-                    result = res
-
-                display.debug("Evaluated conditional (%s): %s" % (conditional, res))
-                if not result:
-                    false_condition = conditional
-                    break
+            display.debug("Evaluated conditional (%s): %s" % (conditional, res))
+            if not res:
+                return res, conditional
 
-        except Exception as e:
-            raise AnsibleError("The conditional check '%s' failed. The error was: %s" % (to_native(conditional), to_native(e)), obj=ds)
-
-        return result, false_condition
-
-    def _check_conditional(self, conditional, templar, all_vars):
-        '''
-        This method does the low-level evaluation of each conditional
-        set on this object, using jinja2 to wrap the conditionals for
-        evaluation.
-        '''
+        return True, None
 
+    def _check_conditional(self, conditional: str, templar: Templar, all_vars: dict[str, t.Any]) -> bool:
         original = conditional
-
-        if templar.is_template(conditional):
-            display.warning('conditional statements should not include jinja2 '
-                            'templating delimiters such as {{ }} or {%% %%}. '
-                            'Found: %s' % conditional)
-
-        # make sure the templar is using the variables specified with this method
         templar.available_variables = all_vars
-
         try:
-            # if the conditional is "unsafe", disable lookups
+            if templar.is_template(conditional):
+                display.warning(
+                    "conditional statements should not include jinja2 "
+                    "templating delimiters such as {{ }} or {%% %%}. "
+                    "Found: %s" % conditional
+                )
+                conditional = templar.template(conditional)
+                if isinstance(conditional, bool):
+                    return conditional
+                elif conditional == "":
+                    return False
+
+            # If the result of the first-pass template render (to resolve inline templates) is marked unsafe,
+            # explicitly disable lookups on the final pass to prevent evaluation of untrusted content in the
+            # constructed template.
             disable_lookups = hasattr(conditional, '__UNSAFE__')
-            conditional = templar.template(conditional, disable_lookups=disable_lookups)
-
-            if not isinstance(conditional, text_type) or conditional == "":
-                return conditional
-
-            # update the lookups flag, as the string returned above may now be unsafe
-            # and we don't want future templating calls to do unsafe things
-            disable_lookups |= hasattr(conditional, '__UNSAFE__')
-
-            # First, we do some low-level jinja2 parsing involving the AST format of the
-            # statement to ensure we don't do anything unsafe (using the disable_lookup flag above)
-            class CleansingNodeVisitor(ast.NodeVisitor):
-                def generic_visit(self, node, inside_call=False, inside_yield=False):
-                    if isinstance(node, ast.Call):
-                        inside_call = True
-                    elif isinstance(node, ast.Yield):
-                        inside_yield = True
-                    elif isinstance(node, ast.Str):
-                        if disable_lookups:
-                            if inside_call and node.s.startswith("__"):
-                                # calling things with a dunder is generally bad at this point...
-                                raise AnsibleError(
-                                    "Invalid access found in the conditional: '%s'" % conditional
-                                )
-                            elif inside_yield:
-                                # we're inside a yield, so recursively parse and traverse the AST
-                                # of the result to catch forbidden syntax from executing
-                                parsed = ast.parse(node.s, mode='exec')
-                                cnv = CleansingNodeVisitor()
-                                cnv.visit(parsed)
-                    # iterate over all child nodes
-                    for child_node in ast.iter_child_nodes(node):
-                        self.generic_visit(
-                            child_node,
-                            inside_call=inside_call,
-                            inside_yield=inside_yield
-                        )
-            try:
-                res = templar.environment.parse(conditional, None, None)
-                res = generate(res, templar.environment, None, None)
-                parsed = ast.parse(res, mode='exec')
-
-                cnv = CleansingNodeVisitor()
-                cnv.visit(parsed)
-            except Exception as e:
-                raise AnsibleError("Invalid conditional detected: %s" % to_native(e))
-
-            # and finally we generate and template the presented string and look at the resulting string
+
             # NOTE The spaces around True and False are intentional to short-circuit literal_eval for
             #      jinja2_native=False and avoid its expensive calls.
-            presented = "{%% if %s %%} True {%% else %%} False {%% endif %%}" % conditional
-            val = templar.template(presented, disable_lookups=disable_lookups).strip()
-            if val == "True":
-                return True
-            elif val == "False":
-                return False
-            else:
-                raise AnsibleError("unable to evaluate conditional: %s" % original)
-        except (AnsibleUndefinedVariable, UndefinedError) as e:
+            return templar.template(
+                "{%% if %s %%} True {%% else %%} False {%% endif %%}" % conditional,
+                disable_lookups=disable_lookups).strip() == "True"
+        except AnsibleUndefinedVariable as e:
             raise AnsibleUndefinedVariable("error while evaluating conditional (%s): %s" % (original, e))