diff --git a/.drone.jsonnet b/.drone.jsonnet index 23b2219..6b6e729 100644 --- a/.drone.jsonnet +++ b/.drone.jsonnet @@ -17,7 +17,7 @@ local PythonVersion(pyversion='3.8') = { local AnsibleVersion(version='devel') = { local gitversion = if version == 'devel' then 'devel' else 'stable-' + version, name: 'ansible-' + std.strReplace(version, '.', ''), - image: 'python:3.9', + image: 'python:3.10', environment: { PY_COLORS: 1, }, @@ -106,8 +106,8 @@ local PipelineSanityTest = { }, steps: [ AnsibleVersion(version='devel'), + AnsibleVersion(version='2.15'), AnsibleVersion(version='2.14'), - AnsibleVersion(version='2.13'), ], depends_on: [ 'unit-test', diff --git a/.drone.yml b/.drone.yml index 8ab7723..9e74eaa 100644 --- a/.drone.yml +++ b/.drone.yml @@ -108,7 +108,7 @@ workspace: steps: - name: ansible-devel - image: python:3.9 + image: python:3.10 commands: - pip install poetry -qq - poetry install @@ -120,12 +120,12 @@ steps: depends_on: - clone - - name: ansible-214 - image: python:3.9 + - name: ansible-215 + image: python:3.10 commands: - pip install poetry -qq - poetry install - - poetry run pip install https://github.com/ansible/ansible/archive/stable-2.14.tar.gz --disable-pip-version-check + - poetry run pip install https://github.com/ansible/ansible/archive/stable-2.15.tar.gz --disable-pip-version-check - poetry run ansible --version - poetry run ansible-test sanity --exclude .chglog/ --exclude .drone.yml --python 3.9 environment: @@ -133,12 +133,12 @@ steps: depends_on: - clone - - name: ansible-213 - image: python:3.9 + - name: ansible-214 + image: python:3.10 commands: - pip install poetry -qq - poetry install - - poetry run pip install https://github.com/ansible/ansible/archive/stable-2.13.tar.gz --disable-pip-version-check + - poetry run pip install https://github.com/ansible/ansible/archive/stable-2.14.tar.gz --disable-pip-version-check - poetry run ansible --version - poetry run ansible-test sanity --exclude .chglog/ --exclude .drone.yml --python 3.9 environment: @@ -279,6 +279,6 @@ depends_on: --- kind: signature -hmac: 440b43b8ce15d152c7abdd936c77b25aeb978c5f63e7f7ac9895063afbdba384 +hmac: d60a76cb5820c26f16756634312756f06a51c55d81aad7e863c6925a43ae2346 ... diff --git a/plugins/doc_fragments/hashivault.py b/plugins/doc_fragments/hashivault.py new file mode 100644 index 0000000..d94dda5 --- /dev/null +++ b/plugins/doc_fragments/hashivault.py @@ -0,0 +1,107 @@ +# -*- coding: utf-8 -*- + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +"""Implement documentation fragment for Hashivault module.""" + +from __future__ import (absolute_import, division, print_function) + +__metaclass__ = type + + +class ModuleDocFragment: + # Standard documentation + DOCUMENTATION = r""" + requirements: + - hvac>=0.10.1 + - ansible>=2.0.0 + - requests + options: + url: + description: + - URL of the Vault server. + - You can use C(VAULT_ADDR) environment variable. + default: "" + type: str + ca_cert: + description: + - Path to a PEM-encoded CA cert file to use to verify the Vault server + TLS certificate. + - You can use C(VAULT_CACERT) environment variable. + default: "" + type: str + ca_path: + description: + - Path to a directory of PEM-encoded CA cert files to verify the Vault server + TLS certificate. If ca_cert is specified, its value will take precedence. + - You can use C(VAULT_CAPATH) environment variable. + default: "" + type: str + client_cert: + description: + - Path to a PEM-encoded client certificate for TLS authentication to the Vault + server. + - You can use C(VAULT_CLIENT_CERT) environment variable. + default: "" + type: str + client_key: + description: + - Path to an unencrypted PEM-encoded private key matching the client certificate. + - You can use C(VAULT_CLIENT_KEY) environment variable. + default: "" + type: str + verify: + description: + - If set, do not verify presented TLS certificate before communicating with Vault + server. Setting this variable is not recommended except during testing. + - You can use C(VAULT_SKIP_VERIFY) environment variable. + default: false + type: bool + authtype: + description: + - Authentication type. + - You can use C(VAULT_AUTHTYPE) environment variable. + default: "token" + type: str + choices: ["token", "userpass", "github", "ldap", "approle"] + login_mount_point: + description: + - Authentication mount point. + - You can use C(VAULT_LOGIN_MOUNT_POINT) environment variable. + type: str + token: + description: + - Token for vault. + - You can use C(VAULT_TOKEN) environment variable. + type: str + username: + description: + - Username to login to vault. + - You can use C(VAULT_USER) environment variable. + default: "" + type: str + password: + description: + - Password to login to vault. + - You can use C(VAULT_PASSWORD) environment variable. + type: str + role_id: + description: + - Role id for vault. + - You can use C(VAULT_ROLE_ID) environment variable. + type: str + secret_id: + description: + - Secret id for vault. + - You can use C(VAULT_SECRET_ID) environment variable. + type: str + aws_header: + description: + - X-Vault-AWS-IAM-Server-ID Header value to prevent replay attacks. + - You can use C(VAULT_AWS_HEADER) environment variable. + type: str + namespace: + description: + - Namespace for vault. + - You can use C(VAULT_NAMESPACE) environment variable. + type: str +"""