Compare commits
35 Commits
Author | SHA1 | Date | |
---|---|---|---|
ac6197d4ea | |||
0d6aa820f2 | |||
3430f7b35d | |||
0c6944bb1b | |||
cc5a102211 | |||
1d7240fff6 | |||
1acc16352b | |||
181dd5ce32 | |||
4331062148 | |||
fa92fd43ee | |||
8e11973364 | |||
d37d217a78 | |||
9226ab6209 | |||
14999b6f12 | |||
f8edc9269f | |||
dcf04af784 | |||
579a9713c1 | |||
cd2e86094d | |||
a3eb8800b0 | |||
cf36ca664a | |||
d1f6175719 | |||
22e6546396 | |||
1c62ad049e | |||
32a0d83997 | |||
05592c3dd1 | |||
d65b4d90ae | |||
85cd1071ca | |||
d941eb9150 | |||
31f657a3fa | |||
855860da0a | |||
87180e6f5e | |||
3942150d2f | |||
f685450037 | |||
af571cfb7f | |||
0aaf07547a |
@ -1,23 +0,0 @@
|
|||||||
# Changelog
|
|
||||||
|
|
||||||
{{ range .Versions -}}
|
|
||||||
## {{ if .Tag.Previous }}[{{ .Tag.Name }}]({{ $.Info.RepositoryURL }}/compare/{{ .Tag.Previous.Name }}...{{ .Tag.Name }}){{ else }}{{ .Tag.Name }}{{ end }} ({{ datetime "2006-01-02" .Tag.Date }})
|
|
||||||
|
|
||||||
{{ range .CommitGroups -}}
|
|
||||||
### {{ .Title }}
|
|
||||||
|
|
||||||
{{ range .Commits -}}
|
|
||||||
- {{ if .Scope }}**{{ .Scope }}:** {{ end }}{{ .Subject }}
|
|
||||||
{{ end }}
|
|
||||||
{{ end -}}
|
|
||||||
|
|
||||||
{{- if .NoteGroups -}}
|
|
||||||
{{ range .NoteGroups -}}
|
|
||||||
### {{ .Title }}
|
|
||||||
|
|
||||||
{{ range .Notes }}
|
|
||||||
{{ .Body }}
|
|
||||||
{{ end }}
|
|
||||||
{{ end -}}
|
|
||||||
{{ end -}}
|
|
||||||
{{ end -}}
|
|
@ -1,24 +0,0 @@
|
|||||||
style: github
|
|
||||||
template: CHANGELOG.tpl.md
|
|
||||||
info:
|
|
||||||
title: CHANGELOG
|
|
||||||
repository_url: https://gitea.rknet.org/ansible/xoxys.general
|
|
||||||
options:
|
|
||||||
commit_groups:
|
|
||||||
title_maps:
|
|
||||||
feat: Features
|
|
||||||
fix: Bug Fixes
|
|
||||||
perf: Performance Improvements
|
|
||||||
refactor: Code Refactoring
|
|
||||||
chore: Others
|
|
||||||
test: Testing
|
|
||||||
ci: CI Pipeline
|
|
||||||
header:
|
|
||||||
pattern: "^(\\w*)(?:\\(([\\w\\$\\.\\-\\*\\s]*)\\))?\\:\\s(.*)$"
|
|
||||||
pattern_maps:
|
|
||||||
- Type
|
|
||||||
- Scope
|
|
||||||
- Subject
|
|
||||||
notes:
|
|
||||||
keywords:
|
|
||||||
- BREAKING CHANGE
|
|
2
.dictionary
Normal file
2
.dictionary
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
Ansible
|
||||||
|
Kaussow
|
189
.drone.jsonnet
189
.drone.jsonnet
@ -1,189 +0,0 @@
|
|||||||
local PythonVersion(pyversion='3.6') = {
|
|
||||||
name: 'python' + std.strReplace(pyversion, '.', '') + '-pytest',
|
|
||||||
image: 'python:' + pyversion,
|
|
||||||
environment: {
|
|
||||||
PY_COLORS: 1,
|
|
||||||
},
|
|
||||||
commands: [
|
|
||||||
'pip install -r dev-requirements.txt -qq',
|
|
||||||
'pip install -r test/unit/requirements.txt -qq',
|
|
||||||
'python -m pytest --cov --cov-append --no-cov-on-fail',
|
|
||||||
],
|
|
||||||
depends_on: [
|
|
||||||
'clone',
|
|
||||||
],
|
|
||||||
};
|
|
||||||
|
|
||||||
local PipelineLint = {
|
|
||||||
kind: 'pipeline',
|
|
||||||
name: 'lint',
|
|
||||||
platform: {
|
|
||||||
os: 'linux',
|
|
||||||
arch: 'amd64',
|
|
||||||
},
|
|
||||||
steps: [
|
|
||||||
{
|
|
||||||
name: 'flake8',
|
|
||||||
image: 'python:3.9',
|
|
||||||
environment: {
|
|
||||||
PY_COLORS: 1,
|
|
||||||
},
|
|
||||||
commands: [
|
|
||||||
'pip install -r dev-requirements.txt -qq',
|
|
||||||
'flake8',
|
|
||||||
],
|
|
||||||
},
|
|
||||||
],
|
|
||||||
trigger: {
|
|
||||||
ref: ['refs/heads/master', 'refs/tags/**', 'refs/pull/**'],
|
|
||||||
},
|
|
||||||
};
|
|
||||||
|
|
||||||
local PipelineTest = {
|
|
||||||
kind: 'pipeline',
|
|
||||||
name: 'test',
|
|
||||||
platform: {
|
|
||||||
os: 'linux',
|
|
||||||
arch: 'amd64',
|
|
||||||
},
|
|
||||||
steps: [
|
|
||||||
PythonVersion(pyversion='3.6'),
|
|
||||||
PythonVersion(pyversion='3.7'),
|
|
||||||
PythonVersion(pyversion='3.8'),
|
|
||||||
PythonVersion(pyversion='3.9'),
|
|
||||||
],
|
|
||||||
depends_on: [
|
|
||||||
'lint',
|
|
||||||
],
|
|
||||||
trigger: {
|
|
||||||
ref: ['refs/heads/master', 'refs/tags/**', 'refs/pull/**'],
|
|
||||||
},
|
|
||||||
};
|
|
||||||
|
|
||||||
local PipelineBuild = {
|
|
||||||
kind: 'pipeline',
|
|
||||||
name: 'build',
|
|
||||||
platform: {
|
|
||||||
os: 'linux',
|
|
||||||
arch: 'amd64',
|
|
||||||
},
|
|
||||||
steps: [
|
|
||||||
{
|
|
||||||
name: 'build',
|
|
||||||
image: 'python:3.9',
|
|
||||||
commands: [
|
|
||||||
'GALAXY_VERSION=${DRONE_TAG##v}',
|
|
||||||
"sed -i 's/version: 0.0.0/version: '\"$${GALAXY_VERSION:-0.0.0}\"'/g' galaxy.yml",
|
|
||||||
'pip install ansible -qq',
|
|
||||||
'ansible-galaxy collection build --output-path dist/',
|
|
||||||
],
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: 'checksum',
|
|
||||||
image: 'alpine',
|
|
||||||
commands: [
|
|
||||||
'cd dist/ && sha256sum * > ../sha256sum.txt',
|
|
||||||
],
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: 'changelog',
|
|
||||||
image: 'thegeeklab/git-chglog',
|
|
||||||
commands: [
|
|
||||||
'git fetch -tq',
|
|
||||||
'git-chglog --no-color --no-emoji ${DRONE_TAG:---next-tag unreleased unreleased}',
|
|
||||||
'git-chglog --no-color --no-emoji -o CHANGELOG.md ${DRONE_TAG:---next-tag unreleased unreleased}',
|
|
||||||
],
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: 'publish-gitea',
|
|
||||||
image: 'plugins/gitea-release',
|
|
||||||
settings: {
|
|
||||||
overwrite: true,
|
|
||||||
api_key: { from_secret: 'gitea_token' },
|
|
||||||
files: ['dist/*', 'sha256sum.txt'],
|
|
||||||
base_url: 'https://gitea.rknet.org',
|
|
||||||
title: '${DRONE_TAG}',
|
|
||||||
note: 'CHANGELOG.md',
|
|
||||||
},
|
|
||||||
when: {
|
|
||||||
ref: ['refs/tags/**'],
|
|
||||||
},
|
|
||||||
},
|
|
||||||
],
|
|
||||||
depends_on: [
|
|
||||||
'test',
|
|
||||||
],
|
|
||||||
trigger: {
|
|
||||||
ref: ['refs/heads/master', 'refs/tags/**', 'refs/pull/**'],
|
|
||||||
},
|
|
||||||
};
|
|
||||||
|
|
||||||
local PipelineDocumentation = {
|
|
||||||
kind: 'pipeline',
|
|
||||||
name: 'documentation',
|
|
||||||
platform: {
|
|
||||||
os: 'linux',
|
|
||||||
arch: 'amd64',
|
|
||||||
},
|
|
||||||
steps: [
|
|
||||||
{
|
|
||||||
name: 'publish',
|
|
||||||
image: 'plugins/gh-pages',
|
|
||||||
settings: {
|
|
||||||
netrc_machine: 'gitea.rknet.org',
|
|
||||||
pages_directory: 'docs/',
|
|
||||||
password: {
|
|
||||||
from_secret: 'gitea_token',
|
|
||||||
},
|
|
||||||
remote_url: 'https://gitea.rknet.org/ansible/${DRONE_REPO_NAME}',
|
|
||||||
target_branch: 'docs',
|
|
||||||
username: {
|
|
||||||
from_secret: 'gitea_username',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
],
|
|
||||||
depends_on: [
|
|
||||||
'build',
|
|
||||||
],
|
|
||||||
trigger: {
|
|
||||||
ref: ['refs/heads/master', 'refs/tags/**'],
|
|
||||||
},
|
|
||||||
};
|
|
||||||
|
|
||||||
local PipelineNotifications = {
|
|
||||||
kind: 'pipeline',
|
|
||||||
name: 'notifications',
|
|
||||||
platform: {
|
|
||||||
os: 'linux',
|
|
||||||
arch: 'amd64',
|
|
||||||
},
|
|
||||||
steps: [
|
|
||||||
{
|
|
||||||
name: 'matrix',
|
|
||||||
image: 'plugins/matrix',
|
|
||||||
settings: {
|
|
||||||
homeserver: { from_secret: 'matrix_homeserver' },
|
|
||||||
roomid: { from_secret: 'matrix_roomid' },
|
|
||||||
template: 'Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}',
|
|
||||||
username: { from_secret: 'matrix_username' },
|
|
||||||
password: { from_secret: 'matrix_password' },
|
|
||||||
},
|
|
||||||
},
|
|
||||||
],
|
|
||||||
depends_on: [
|
|
||||||
'documentation',
|
|
||||||
],
|
|
||||||
trigger: {
|
|
||||||
ref: ['refs/heads/master', 'refs/tags/**'],
|
|
||||||
status: ['success', 'failure'],
|
|
||||||
},
|
|
||||||
};
|
|
||||||
|
|
||||||
[
|
|
||||||
PipelineLint,
|
|
||||||
PipelineTest,
|
|
||||||
PipelineBuild,
|
|
||||||
PipelineDocumentation,
|
|
||||||
PipelineNotifications,
|
|
||||||
]
|
|
206
.drone.yml
206
.drone.yml
@ -1,206 +0,0 @@
|
|||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
name: lint
|
|
||||||
|
|
||||||
platform:
|
|
||||||
os: linux
|
|
||||||
arch: amd64
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: flake8
|
|
||||||
image: python:3.9
|
|
||||||
commands:
|
|
||||||
- pip install -r dev-requirements.txt -qq
|
|
||||||
- flake8
|
|
||||||
environment:
|
|
||||||
PY_COLORS: 1
|
|
||||||
|
|
||||||
trigger:
|
|
||||||
ref:
|
|
||||||
- refs/heads/master
|
|
||||||
- refs/tags/**
|
|
||||||
- refs/pull/**
|
|
||||||
|
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
name: test
|
|
||||||
|
|
||||||
platform:
|
|
||||||
os: linux
|
|
||||||
arch: amd64
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: python36-pytest
|
|
||||||
image: python:3.6
|
|
||||||
commands:
|
|
||||||
- pip install -r dev-requirements.txt -qq
|
|
||||||
- pip install -r test/unit/requirements.txt -qq
|
|
||||||
- python -m pytest --cov --cov-append --no-cov-on-fail
|
|
||||||
environment:
|
|
||||||
PY_COLORS: 1
|
|
||||||
depends_on:
|
|
||||||
- clone
|
|
||||||
|
|
||||||
- name: python37-pytest
|
|
||||||
image: python:3.7
|
|
||||||
commands:
|
|
||||||
- pip install -r dev-requirements.txt -qq
|
|
||||||
- pip install -r test/unit/requirements.txt -qq
|
|
||||||
- python -m pytest --cov --cov-append --no-cov-on-fail
|
|
||||||
environment:
|
|
||||||
PY_COLORS: 1
|
|
||||||
depends_on:
|
|
||||||
- clone
|
|
||||||
|
|
||||||
- name: python38-pytest
|
|
||||||
image: python:3.8
|
|
||||||
commands:
|
|
||||||
- pip install -r dev-requirements.txt -qq
|
|
||||||
- pip install -r test/unit/requirements.txt -qq
|
|
||||||
- python -m pytest --cov --cov-append --no-cov-on-fail
|
|
||||||
environment:
|
|
||||||
PY_COLORS: 1
|
|
||||||
depends_on:
|
|
||||||
- clone
|
|
||||||
|
|
||||||
- name: python39-pytest
|
|
||||||
image: python:3.9
|
|
||||||
commands:
|
|
||||||
- pip install -r dev-requirements.txt -qq
|
|
||||||
- pip install -r test/unit/requirements.txt -qq
|
|
||||||
- python -m pytest --cov --cov-append --no-cov-on-fail
|
|
||||||
environment:
|
|
||||||
PY_COLORS: 1
|
|
||||||
depends_on:
|
|
||||||
- clone
|
|
||||||
|
|
||||||
trigger:
|
|
||||||
ref:
|
|
||||||
- refs/heads/master
|
|
||||||
- refs/tags/**
|
|
||||||
- refs/pull/**
|
|
||||||
|
|
||||||
depends_on:
|
|
||||||
- lint
|
|
||||||
|
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
name: build
|
|
||||||
|
|
||||||
platform:
|
|
||||||
os: linux
|
|
||||||
arch: amd64
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: build
|
|
||||||
image: python:3.9
|
|
||||||
commands:
|
|
||||||
- GALAXY_VERSION=${DRONE_TAG##v}
|
|
||||||
- "sed -i 's/version: 0.0.0/version: '\"$${GALAXY_VERSION:-0.0.0}\"'/g' galaxy.yml"
|
|
||||||
- pip install ansible -qq
|
|
||||||
- ansible-galaxy collection build --output-path dist/
|
|
||||||
|
|
||||||
- name: checksum
|
|
||||||
image: alpine
|
|
||||||
commands:
|
|
||||||
- cd dist/ && sha256sum * > ../sha256sum.txt
|
|
||||||
|
|
||||||
- name: changelog
|
|
||||||
image: thegeeklab/git-chglog
|
|
||||||
commands:
|
|
||||||
- git fetch -tq
|
|
||||||
- git-chglog --no-color --no-emoji ${DRONE_TAG:---next-tag unreleased unreleased}
|
|
||||||
- git-chglog --no-color --no-emoji -o CHANGELOG.md ${DRONE_TAG:---next-tag unreleased unreleased}
|
|
||||||
|
|
||||||
- name: publish-gitea
|
|
||||||
image: plugins/gitea-release
|
|
||||||
settings:
|
|
||||||
api_key:
|
|
||||||
from_secret: gitea_token
|
|
||||||
base_url: https://gitea.rknet.org
|
|
||||||
files:
|
|
||||||
- dist/*
|
|
||||||
- sha256sum.txt
|
|
||||||
note: CHANGELOG.md
|
|
||||||
overwrite: true
|
|
||||||
title: ${DRONE_TAG}
|
|
||||||
when:
|
|
||||||
ref:
|
|
||||||
- refs/tags/**
|
|
||||||
|
|
||||||
trigger:
|
|
||||||
ref:
|
|
||||||
- refs/heads/master
|
|
||||||
- refs/tags/**
|
|
||||||
- refs/pull/**
|
|
||||||
|
|
||||||
depends_on:
|
|
||||||
- test
|
|
||||||
|
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
name: documentation
|
|
||||||
|
|
||||||
platform:
|
|
||||||
os: linux
|
|
||||||
arch: amd64
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: publish
|
|
||||||
image: plugins/gh-pages
|
|
||||||
settings:
|
|
||||||
netrc_machine: gitea.rknet.org
|
|
||||||
pages_directory: docs/
|
|
||||||
password:
|
|
||||||
from_secret: gitea_token
|
|
||||||
remote_url: https://gitea.rknet.org/ansible/${DRONE_REPO_NAME}
|
|
||||||
target_branch: docs
|
|
||||||
username:
|
|
||||||
from_secret: gitea_username
|
|
||||||
|
|
||||||
trigger:
|
|
||||||
ref:
|
|
||||||
- refs/heads/master
|
|
||||||
- refs/tags/**
|
|
||||||
|
|
||||||
depends_on:
|
|
||||||
- build
|
|
||||||
|
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
name: notifications
|
|
||||||
|
|
||||||
platform:
|
|
||||||
os: linux
|
|
||||||
arch: amd64
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: matrix
|
|
||||||
image: plugins/matrix
|
|
||||||
settings:
|
|
||||||
homeserver:
|
|
||||||
from_secret: matrix_homeserver
|
|
||||||
password:
|
|
||||||
from_secret: matrix_password
|
|
||||||
roomid:
|
|
||||||
from_secret: matrix_roomid
|
|
||||||
template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}"
|
|
||||||
username:
|
|
||||||
from_secret: matrix_username
|
|
||||||
|
|
||||||
trigger:
|
|
||||||
ref:
|
|
||||||
- refs/heads/master
|
|
||||||
- refs/tags/**
|
|
||||||
status:
|
|
||||||
- success
|
|
||||||
- failure
|
|
||||||
|
|
||||||
depends_on:
|
|
||||||
- documentation
|
|
||||||
|
|
||||||
---
|
|
||||||
kind: signature
|
|
||||||
hmac: 324dc2e7454b73282e8fe95124742fbb10274ac11595f8bd9349a5c9108890f7
|
|
||||||
|
|
||||||
...
|
|
1
.gitignore
vendored
1
.gitignore
vendored
@ -108,3 +108,4 @@ docs/public/
|
|||||||
resources/_gen/
|
resources/_gen/
|
||||||
|
|
||||||
CHANGELOG.md
|
CHANGELOG.md
|
||||||
|
tests/output
|
||||||
|
47
.gitsv/config.yml
Normal file
47
.gitsv/config.yml
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
---
|
||||||
|
version: "1.1"
|
||||||
|
|
||||||
|
versioning:
|
||||||
|
update-major: []
|
||||||
|
update-minor: [feat]
|
||||||
|
update-patch: [fix, perf, refactor, chore, test, ci, docs]
|
||||||
|
|
||||||
|
tag:
|
||||||
|
pattern: "v%d.%d.%d"
|
||||||
|
|
||||||
|
release-notes:
|
||||||
|
sections:
|
||||||
|
- name: Features
|
||||||
|
commit-types: [feat]
|
||||||
|
section-type: commits
|
||||||
|
- name: Bug Fixes
|
||||||
|
commit-types: [fix]
|
||||||
|
section-type: commits
|
||||||
|
- name: Performance Improvements
|
||||||
|
commit-types: [perf]
|
||||||
|
section-type: commits
|
||||||
|
- name: Code Refactoring
|
||||||
|
commit-types: [refactor]
|
||||||
|
section-type: commits
|
||||||
|
- name: Others
|
||||||
|
commit-types: [chore]
|
||||||
|
section-type: commits
|
||||||
|
- name: Testing
|
||||||
|
commit-types: [test]
|
||||||
|
section-type: commits
|
||||||
|
- name: CI Pipeline
|
||||||
|
commit-types: [ci]
|
||||||
|
section-type: commits
|
||||||
|
- name: Documentation
|
||||||
|
commit-types: [docs]
|
||||||
|
section-type: commits
|
||||||
|
- name: Breaking Changes
|
||||||
|
section-type: breaking-changes
|
||||||
|
|
||||||
|
commit-message:
|
||||||
|
footer:
|
||||||
|
issue:
|
||||||
|
key: issue
|
||||||
|
add-value-prefix: "#"
|
||||||
|
issue:
|
||||||
|
regex: "#?[0-9]+"
|
7
.markdownlint.yml
Normal file
7
.markdownlint.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
default: True
|
||||||
|
MD013: False
|
||||||
|
MD041: False
|
||||||
|
MD024: False
|
||||||
|
MD004:
|
||||||
|
style: dash
|
2
.prettierignore
Normal file
2
.prettierignore
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
*.tpl.md
|
||||||
|
LICENSE
|
46
.woodpecker/build-package.yml
Normal file
46
.woodpecker/build-package.yml
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
---
|
||||||
|
when:
|
||||||
|
- event: [pull_request, tag]
|
||||||
|
- event: [push, manual]
|
||||||
|
branch:
|
||||||
|
- ${CI_REPO_DEFAULT_BRANCH}
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: build
|
||||||
|
image: docker.io/library/python:3.12
|
||||||
|
commands:
|
||||||
|
- GALAXY_VERSION=${CI_COMMIT_TAG##v}
|
||||||
|
- 'sed -i ''s/version: 0.0.0/version: ''"$${GALAXY_VERSION:-0.0.0}"''/g'' galaxy.yml'
|
||||||
|
- pip install poetry -qq
|
||||||
|
- poetry install --all-extras --no-root
|
||||||
|
- poetry run ansible-galaxy collection build --output-path dist/
|
||||||
|
|
||||||
|
- name: checksum
|
||||||
|
image: quay.io/thegeeklab/alpine-tools
|
||||||
|
commands:
|
||||||
|
- cd dist/ && sha256sum * > ../sha256sum.txt
|
||||||
|
|
||||||
|
- name: changelog
|
||||||
|
image: quay.io/thegeeklab/git-sv
|
||||||
|
commands:
|
||||||
|
- git sv current-version
|
||||||
|
- git sv release-notes -t ${CI_COMMIT_TAG:-next} -o CHANGELOG.md
|
||||||
|
- cat CHANGELOG.md
|
||||||
|
|
||||||
|
- name: publish-gitea
|
||||||
|
image: quay.io/thegeeklab/wp-gitea-release
|
||||||
|
settings:
|
||||||
|
api_key:
|
||||||
|
from_secret: gitea_token
|
||||||
|
base_url: https://gitea.rknet.org
|
||||||
|
files:
|
||||||
|
- dist/*
|
||||||
|
- sha256sum.txt
|
||||||
|
note: CHANGELOG.md
|
||||||
|
title: ${CI_COMMIT_TAG}
|
||||||
|
when:
|
||||||
|
- event: [tag]
|
||||||
|
|
||||||
|
depends_on:
|
||||||
|
- unit-test
|
||||||
|
- sanity-test
|
47
.woodpecker/docs.yml
Normal file
47
.woodpecker/docs.yml
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
---
|
||||||
|
when:
|
||||||
|
- event: [pull_request, tag]
|
||||||
|
- event: [push, manual]
|
||||||
|
branch:
|
||||||
|
- ${CI_REPO_DEFAULT_BRANCH}
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: markdownlint
|
||||||
|
image: quay.io/thegeeklab/markdownlint-cli
|
||||||
|
commands:
|
||||||
|
- markdownlint 'docs/**/*.md' 'README.md'
|
||||||
|
|
||||||
|
- name: spellcheck
|
||||||
|
image: quay.io/thegeeklab/alpine-tools
|
||||||
|
commands:
|
||||||
|
- spellchecker --files 'docs/**/*.md' 'README.md' -d .dictionary -p spell indefinite-article syntax-urls frontmatter --frontmatter-keys title tags
|
||||||
|
environment:
|
||||||
|
FORCE_COLOR: "true"
|
||||||
|
|
||||||
|
- name: link-validation
|
||||||
|
image: docker.io/lycheeverse/lychee
|
||||||
|
commands:
|
||||||
|
- lychee --no-progress --format detailed docs/ README.md
|
||||||
|
|
||||||
|
- name: publish
|
||||||
|
image: quay.io/thegeeklab/wp-git-action
|
||||||
|
depends_on: [markdownlint, spellcheck, link-validation]
|
||||||
|
settings:
|
||||||
|
action:
|
||||||
|
- pages
|
||||||
|
author_email: shipper@rknet.org
|
||||||
|
author_name: shipper
|
||||||
|
branch: docs
|
||||||
|
message: auto-update documentation
|
||||||
|
netrc_machine: gitea.rknet.org
|
||||||
|
netrc_password:
|
||||||
|
from_secret: gitea_token
|
||||||
|
pages_directory: docs/
|
||||||
|
remote_url: https://gitea.rknet.org/ansible/${CI_REPO_NAME}
|
||||||
|
when:
|
||||||
|
- event: [push, manual]
|
||||||
|
branch:
|
||||||
|
- ${CI_REPO_DEFAULT_BRANCH}
|
||||||
|
|
||||||
|
depends_on:
|
||||||
|
- build-package
|
25
.woodpecker/lint.yml
Normal file
25
.woodpecker/lint.yml
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
---
|
||||||
|
when:
|
||||||
|
- event: [pull_request, tag]
|
||||||
|
- event: [push, manual]
|
||||||
|
branch:
|
||||||
|
- ${CI_REPO_DEFAULT_BRANCH}
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: check-format
|
||||||
|
image: docker.io/library/python:3.12
|
||||||
|
commands:
|
||||||
|
- pip install poetry -qq
|
||||||
|
- poetry install --all-extras --no-root
|
||||||
|
- poetry run ruff format --check --diff ./plugins
|
||||||
|
environment:
|
||||||
|
PY_COLORS: "1"
|
||||||
|
|
||||||
|
- name: check-coding
|
||||||
|
image: docker.io/library/python:3.12
|
||||||
|
commands:
|
||||||
|
- pip install poetry -qq
|
||||||
|
- poetry install --all-extras --no-root
|
||||||
|
- poetry run ruff ./plugins
|
||||||
|
environment:
|
||||||
|
PY_COLORS: "1"
|
26
.woodpecker/notify.yml
Normal file
26
.woodpecker/notify.yml
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
---
|
||||||
|
when:
|
||||||
|
- event: [tag]
|
||||||
|
- event: [push, manual]
|
||||||
|
branch:
|
||||||
|
- ${CI_REPO_DEFAULT_BRANCH}
|
||||||
|
|
||||||
|
runs_on: [success, failure]
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: matrix
|
||||||
|
image: quay.io/thegeeklab/wp-matrix
|
||||||
|
settings:
|
||||||
|
homeserver:
|
||||||
|
from_secret: matrix_homeserver
|
||||||
|
room_id:
|
||||||
|
from_secret: matrix_room_id
|
||||||
|
user_id:
|
||||||
|
from_secret: matrix_user_id
|
||||||
|
access_token:
|
||||||
|
from_secret: matrix_access_token
|
||||||
|
when:
|
||||||
|
- status: [failure]
|
||||||
|
|
||||||
|
depends_on:
|
||||||
|
- docs
|
45
.woodpecker/sanity-test.yml
Normal file
45
.woodpecker/sanity-test.yml
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
---
|
||||||
|
when:
|
||||||
|
- event: [pull_request, tag]
|
||||||
|
- event: [push, manual]
|
||||||
|
branch:
|
||||||
|
- ${CI_REPO_DEFAULT_BRANCH}
|
||||||
|
|
||||||
|
variables:
|
||||||
|
- &ansible_base
|
||||||
|
image: docker.io/library/python:3.11
|
||||||
|
depends_on: []
|
||||||
|
commands:
|
||||||
|
- pip install poetry -qq
|
||||||
|
- poetry install --all-extras --no-root
|
||||||
|
- poetry run pip install https://github.com/ansible/ansible/archive/$${ANSIBLE_VERSION}.tar.gz --disable-pip-version-check
|
||||||
|
- poetry run ansible --version
|
||||||
|
- poetry run ansible-test sanity --exclude .gitsv/ --exclude .woodpecker/ --python 3.11
|
||||||
|
- &ansible_env
|
||||||
|
PY_COLORS: "1"
|
||||||
|
|
||||||
|
workspace:
|
||||||
|
base: /woodpecker/src
|
||||||
|
path: ansible_collections/${CI_REPO_NAME/./\/}
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: ansible-devel
|
||||||
|
<<: *ansible_base
|
||||||
|
environment:
|
||||||
|
ANSIBLE_VERSION: "devel"
|
||||||
|
<<: *ansible_env
|
||||||
|
|
||||||
|
- name: ansible-217
|
||||||
|
<<: *ansible_base
|
||||||
|
environment:
|
||||||
|
ANSIBLE_VERSION: "stable-2.17"
|
||||||
|
<<: *ansible_env
|
||||||
|
|
||||||
|
- name: ansible-216
|
||||||
|
<<: *ansible_base
|
||||||
|
environment:
|
||||||
|
ANSIBLE_VERSION: "stable-2.16"
|
||||||
|
<<: *ansible_env
|
||||||
|
|
||||||
|
depends_on:
|
||||||
|
- lint
|
36
.woodpecker/unit-test.yml
Normal file
36
.woodpecker/unit-test.yml
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
---
|
||||||
|
when:
|
||||||
|
- event: [pull_request, tag]
|
||||||
|
- event: [push, manual]
|
||||||
|
branch:
|
||||||
|
- ${CI_REPO_DEFAULT_BRANCH}
|
||||||
|
|
||||||
|
variables:
|
||||||
|
- &pytest_base
|
||||||
|
depends_on: []
|
||||||
|
commands:
|
||||||
|
- pip install poetry -qq
|
||||||
|
- poetry install --all-extras --no-root
|
||||||
|
- poetry run pytest
|
||||||
|
environment:
|
||||||
|
PY_COLORS: "1"
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: pyton-313
|
||||||
|
image: docker.io/library/python:3.13
|
||||||
|
<<: *pytest_base
|
||||||
|
|
||||||
|
- name: pyton-312
|
||||||
|
image: docker.io/library/python:3.12
|
||||||
|
<<: *pytest_base
|
||||||
|
|
||||||
|
- name: pyton-311
|
||||||
|
image: docker.io/library/python:3.11
|
||||||
|
<<: *pytest_base
|
||||||
|
|
||||||
|
- name: pyton-310
|
||||||
|
image: docker.io/library/python:3.10
|
||||||
|
<<: *pytest_base
|
||||||
|
|
||||||
|
depends_on:
|
||||||
|
- lint
|
2
LICENSE
2
LICENSE
@ -1,6 +1,6 @@
|
|||||||
MIT License
|
MIT License
|
||||||
|
|
||||||
Copyright (c) 2020 Robert Kaussow <mail@thegeeklab.de>
|
Copyright (c) 2022 Robert Kaussow <mail@thegeeklab.de>
|
||||||
|
|
||||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
of this software and associated documentation files (the "Software"), to deal
|
of this software and associated documentation files (the "Software"), to deal
|
||||||
|
10
README.md
10
README.md
@ -1,14 +1,10 @@
|
|||||||
# xoxys.general
|
# xoxys.general
|
||||||
|
|
||||||
[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.general?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.general)
|
[![Build Status](https://ci.rknet.org/api/badges/ansible/xoxys.general/status.svg)](https://ci.rknet.org/repos/ansible/xoxys.general)
|
||||||
[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](LICENSE)
|
[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](https://gitea.rknet.org/ansible/xoxys.general/src/branch/main/LICENSE)
|
||||||
|
|
||||||
Custom general Ansible collection.
|
Custom general Ansible collection.
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
||||||
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
|
This project is licensed under the MIT License - see the [LICENSE](https://gitea.rknet.org/ansible/xoxys.general/src/branch/main/LICENSE) file for details.
|
||||||
|
|
||||||
## Maintainers and Contributors
|
|
||||||
|
|
||||||
[Robert Kaussow](https://gitea.rknet.org/xoxys)
|
|
||||||
|
@ -1,18 +0,0 @@
|
|||||||
pydocstyle
|
|
||||||
flake8
|
|
||||||
flake8-blind-except
|
|
||||||
flake8-builtins
|
|
||||||
flake8-docstrings
|
|
||||||
flake8-isort
|
|
||||||
flake8-logging-format
|
|
||||||
flake8-polyfill
|
|
||||||
flake8-quotes
|
|
||||||
flake8-pep3101
|
|
||||||
flake8-eradicate
|
|
||||||
pep8-naming
|
|
||||||
wheel
|
|
||||||
pytest
|
|
||||||
pytest-mock
|
|
||||||
pytest-cov
|
|
||||||
bandit
|
|
||||||
yapf
|
|
@ -6,5 +6,7 @@ geekdocFlatSection: true
|
|||||||
General custom content collection for Ansible.
|
General custom content collection for Ansible.
|
||||||
|
|
||||||
<!-- spellchecker-disable -->
|
<!-- spellchecker-disable -->
|
||||||
|
|
||||||
{{< toc-tree >}}
|
{{< toc-tree >}}
|
||||||
|
|
||||||
<!-- spellchecker-enable -->
|
<!-- spellchecker-enable -->
|
||||||
|
@ -14,6 +14,7 @@ my_list:
|
|||||||
```
|
```
|
||||||
|
|
||||||
Or pass a custom prefix:
|
Or pass a custom prefix:
|
||||||
|
|
||||||
```Yaml
|
```Yaml
|
||||||
my_list:
|
my_list:
|
||||||
- item1
|
- item1
|
||||||
|
@ -14,6 +14,7 @@ my_list:
|
|||||||
```
|
```
|
||||||
|
|
||||||
Or pass a custom wrapper:
|
Or pass a custom wrapper:
|
||||||
|
|
||||||
```Yaml
|
```Yaml
|
||||||
my_list:
|
my_list:
|
||||||
- item1
|
- item1
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
namespace: xoxys
|
namespace: xoxys
|
||||||
name: general
|
name: general
|
||||||
# The version is generated during the release by Drone CI.
|
# The version is generated during the release by Woocpecker CI.
|
||||||
version: 0.0.0
|
version: 0.0.0
|
||||||
readme: README.md
|
readme: README.md
|
||||||
authors:
|
authors:
|
||||||
|
107
plugins/doc_fragments/hashivault.py
Normal file
107
plugins/doc_fragments/hashivault.py
Normal file
@ -0,0 +1,107 @@
|
|||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||||
|
"""Implement documentation fragment for Hashivault module."""
|
||||||
|
|
||||||
|
from __future__ import absolute_import, division, print_function
|
||||||
|
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
|
|
||||||
|
class ModuleDocFragment: # noqa
|
||||||
|
# Standard documentation
|
||||||
|
DOCUMENTATION = r"""
|
||||||
|
requirements:
|
||||||
|
- hvac>=0.10.1
|
||||||
|
- ansible>=2.0.0
|
||||||
|
- requests
|
||||||
|
options:
|
||||||
|
url:
|
||||||
|
description:
|
||||||
|
- URL of the Vault server.
|
||||||
|
- You can use C(VAULT_ADDR) environment variable.
|
||||||
|
default: ""
|
||||||
|
type: str
|
||||||
|
ca_cert:
|
||||||
|
description:
|
||||||
|
- Path to a PEM-encoded CA cert file to use to verify the Vault server
|
||||||
|
TLS certificate.
|
||||||
|
- You can use C(VAULT_CACERT) environment variable.
|
||||||
|
default: ""
|
||||||
|
type: str
|
||||||
|
ca_path:
|
||||||
|
description:
|
||||||
|
- Path to a directory of PEM-encoded CA cert files to verify the Vault server
|
||||||
|
TLS certificate. If ca_cert is specified, its value will take precedence.
|
||||||
|
- You can use C(VAULT_CAPATH) environment variable.
|
||||||
|
default: ""
|
||||||
|
type: str
|
||||||
|
client_cert:
|
||||||
|
description:
|
||||||
|
- Path to a PEM-encoded client certificate for TLS authentication to the Vault
|
||||||
|
server.
|
||||||
|
- You can use C(VAULT_CLIENT_CERT) environment variable.
|
||||||
|
default: ""
|
||||||
|
type: str
|
||||||
|
client_key:
|
||||||
|
description:
|
||||||
|
- Path to an unencrypted PEM-encoded private key matching the client certificate.
|
||||||
|
- You can use C(VAULT_CLIENT_KEY) environment variable.
|
||||||
|
default: ""
|
||||||
|
type: str
|
||||||
|
verify:
|
||||||
|
description:
|
||||||
|
- If set, do not verify presented TLS certificate before communicating with Vault
|
||||||
|
server. Setting this variable is not recommended except during testing.
|
||||||
|
- You can use C(VAULT_SKIP_VERIFY) environment variable.
|
||||||
|
default: false
|
||||||
|
type: bool
|
||||||
|
authtype:
|
||||||
|
description:
|
||||||
|
- Authentication type.
|
||||||
|
- You can use C(VAULT_AUTHTYPE) environment variable.
|
||||||
|
default: "token"
|
||||||
|
type: str
|
||||||
|
choices: ["token", "userpass", "github", "ldap", "approle"]
|
||||||
|
login_mount_point:
|
||||||
|
description:
|
||||||
|
- Authentication mount point.
|
||||||
|
- You can use C(VAULT_LOGIN_MOUNT_POINT) environment variable.
|
||||||
|
type: str
|
||||||
|
token:
|
||||||
|
description:
|
||||||
|
- Token for vault.
|
||||||
|
- You can use C(VAULT_TOKEN) environment variable.
|
||||||
|
type: str
|
||||||
|
username:
|
||||||
|
description:
|
||||||
|
- Username to login to vault.
|
||||||
|
- You can use C(VAULT_USER) environment variable.
|
||||||
|
default: ""
|
||||||
|
type: str
|
||||||
|
password:
|
||||||
|
description:
|
||||||
|
- Password to login to vault.
|
||||||
|
- You can use C(VAULT_PASSWORD) environment variable.
|
||||||
|
type: str
|
||||||
|
role_id:
|
||||||
|
description:
|
||||||
|
- Role id for vault.
|
||||||
|
- You can use C(VAULT_ROLE_ID) environment variable.
|
||||||
|
type: str
|
||||||
|
secret_id:
|
||||||
|
description:
|
||||||
|
- Secret id for vault.
|
||||||
|
- You can use C(VAULT_SECRET_ID) environment variable.
|
||||||
|
type: str
|
||||||
|
aws_header:
|
||||||
|
description:
|
||||||
|
- X-Vault-AWS-IAM-Server-ID Header value to prevent replay attacks.
|
||||||
|
- You can use C(VAULT_AWS_HEADER) environment variable.
|
||||||
|
type: str
|
||||||
|
namespace:
|
||||||
|
description:
|
||||||
|
- Namespace for vault.
|
||||||
|
- You can use C(VAULT_NAMESPACE) environment variable.
|
||||||
|
type: str
|
||||||
|
"""
|
@ -1,11 +1,14 @@
|
|||||||
"""Filter to prefix all itams from a list."""
|
"""Filter to prefix all itams from a list."""
|
||||||
|
|
||||||
|
from __future__ import absolute_import, division, print_function
|
||||||
|
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
|
|
||||||
def prefix(value, prefix="--"):
|
def prefix(value, prefix="--"):
|
||||||
return [prefix + x for x in value]
|
return [prefix + x for x in value]
|
||||||
|
|
||||||
|
|
||||||
class FilterModule(object):
|
class FilterModule(object): # noqa
|
||||||
|
|
||||||
def filters(self):
|
def filters(self):
|
||||||
return {"prefix": prefix}
|
return {"prefix": prefix}
|
||||||
|
@ -1,11 +1,14 @@
|
|||||||
"""Filter to wrap all items from a list."""
|
"""Filter to wrap all items from a list."""
|
||||||
|
|
||||||
|
from __future__ import absolute_import, division, print_function
|
||||||
|
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
|
|
||||||
def wrap(value, wrapper="'"):
|
def wrap(value, wrapper="'"):
|
||||||
return [wrapper + x + wrapper for x in value]
|
return [wrapper + x + wrapper for x in value]
|
||||||
|
|
||||||
|
|
||||||
class FilterModule(object):
|
class FilterModule(object): # noqa
|
||||||
|
|
||||||
def filters(self):
|
def filters(self):
|
||||||
return {"wrap": wrap}
|
return {"wrap": wrap}
|
||||||
|
@ -1,4 +1,3 @@
|
|||||||
# -*- coding: utf-8 -*-
|
|
||||||
# Copyright (c) 2014, Mathieu GAUTHIER-LAFAYE <gauthierl@lapth.cnrs.fr>
|
# Copyright (c) 2014, Mathieu GAUTHIER-LAFAYE <gauthierl@lapth.cnrs.fr>
|
||||||
# Copyright (c) 2016, Matt Harris <matthaeus.harris@gmail.com>
|
# Copyright (c) 2016, Matt Harris <matthaeus.harris@gmail.com>
|
||||||
# Copyright (c) 2020, Robert Kaussow <mail@thegeeklab.de>
|
# Copyright (c) 2020, Robert Kaussow <mail@thegeeklab.de>
|
||||||
@ -10,43 +9,58 @@ from __future__ import absolute_import, division, print_function
|
|||||||
__metaclass__ = type
|
__metaclass__ = type
|
||||||
|
|
||||||
DOCUMENTATION = """
|
DOCUMENTATION = """
|
||||||
name: proxmox
|
---
|
||||||
plugin_type: inventory
|
name: proxmox
|
||||||
short_description: Proxmox VE inventory source
|
short_description: Proxmox VE inventory source
|
||||||
version_added: 1.0.0
|
version_added: 1.1.0
|
||||||
description:
|
description:
|
||||||
- Get inventory hosts from the proxmox service.
|
- Get inventory hosts from the proxmox service.
|
||||||
- "Uses a configuration file as an inventory source, it must end in C(.proxmox.yml) or C(.proxmox.yaml) and has a C(plugin: xoxys.general.proxmox) entry."
|
- "Uses a configuration file as an inventory source, it must end in C(.proxmox.yml) or C(.proxmox.yaml) and has a C(plugin: xoxys.general.proxmox) entry."
|
||||||
extends_documentation_fragment:
|
extends_documentation_fragment:
|
||||||
- inventory_cache
|
- inventory_cache
|
||||||
options:
|
options:
|
||||||
plugin:
|
plugin:
|
||||||
description: The name of this plugin, it should always be set to C(xoxys.general.proxmox) for this plugin to recognize it as it's own.
|
description: The name of this plugin, it should always be set to C(xoxys.general.proxmox) for this plugin to recognize it as it's own.
|
||||||
required: yes
|
required: yes
|
||||||
choices: ["xoxys.general.proxmox"]
|
choices: ["xoxys.general.proxmox"]
|
||||||
server:
|
api_host:
|
||||||
description: Proxmox VE server url.
|
description:
|
||||||
default: "pve.example.com"
|
- Specify the target host of the Proxmox VE cluster.
|
||||||
type: string
|
type: str
|
||||||
required: yes
|
required: true
|
||||||
env:
|
env:
|
||||||
- name: PROXMOX_SERVER
|
- name: PROXMOX_SERVER
|
||||||
user:
|
api_user:
|
||||||
description: Proxmox VE authentication user.
|
description:
|
||||||
type: string
|
- Specify the user to authenticate with.
|
||||||
required: yes
|
type: str
|
||||||
|
required: true
|
||||||
env:
|
env:
|
||||||
- name: PROXMOX_USER
|
- name: PROXMOX_USER
|
||||||
password:
|
api_password:
|
||||||
description: Proxmox VE authentication password.
|
description:
|
||||||
type: string
|
- Specify the password to authenticate with.
|
||||||
required: yes
|
type: str
|
||||||
env:
|
env:
|
||||||
- name: PROXMOX_PASSWORD
|
- name: PROXMOX_PASSWORD
|
||||||
|
api_token_id:
|
||||||
|
description:
|
||||||
|
- Specify the token ID.
|
||||||
|
type: str
|
||||||
|
env:
|
||||||
|
- name: PROXMOX_TOKEN_ID
|
||||||
|
api_token_secret:
|
||||||
|
description:
|
||||||
|
- Specify the token secret.
|
||||||
|
type: str
|
||||||
|
env:
|
||||||
|
- name: PROXMOX_TOKEN_SECRET
|
||||||
verify_ssl:
|
verify_ssl:
|
||||||
description: Skip SSL certificate verification.
|
description:
|
||||||
type: boolean
|
- If C(false), SSL certificates will not be validated.
|
||||||
default: yes
|
- This should only be used on personally controlled sites using self-signed certificates.
|
||||||
|
type: bool
|
||||||
|
default: True
|
||||||
auth_timeout:
|
auth_timeout:
|
||||||
description: Proxmox VE authentication timeout.
|
description: Proxmox VE authentication timeout.
|
||||||
type: int
|
type: int
|
||||||
@ -68,46 +82,73 @@ DOCUMENTATION = """
|
|||||||
want_facts:
|
want_facts:
|
||||||
description: Toggle, if C(true) the plugin will retrieve host facts from the server
|
description: Toggle, if C(true) the plugin will retrieve host facts from the server
|
||||||
type: boolean
|
type: boolean
|
||||||
default: yes
|
default: True
|
||||||
|
requirements:
|
||||||
|
- "proxmoxer"
|
||||||
""" # noqa
|
""" # noqa
|
||||||
|
|
||||||
EXAMPLES = """
|
EXAMPLES = """
|
||||||
# proxmox.yml
|
# proxmox.yml
|
||||||
plugin: xoxys.general.proxmox
|
plugin: xoxys.general.proxmox
|
||||||
server: pve.example.com
|
api_user: root@pam
|
||||||
user: admin@pve
|
api_password: secret
|
||||||
password: secure
|
api_host: helldorado
|
||||||
"""
|
"""
|
||||||
|
|
||||||
import json
|
import json
|
||||||
import re
|
import re
|
||||||
import socket
|
import socket
|
||||||
|
from collections import defaultdict
|
||||||
|
|
||||||
from ansible.errors import AnsibleError
|
from ansible.errors import AnsibleError
|
||||||
from ansible.module_utils._text import to_native
|
from ansible.module_utils._text import to_native
|
||||||
from ansible.module_utils.parsing.convert_bool import boolean
|
from ansible.module_utils.parsing.convert_bool import boolean
|
||||||
from ansible.module_utils.six import iteritems
|
from ansible.module_utils.six import iteritems
|
||||||
from ansible.plugins.inventory import BaseInventoryPlugin
|
from ansible.plugins.inventory import BaseInventoryPlugin
|
||||||
from collections import defaultdict
|
from ansible_collections.xoxys.general.plugins.module_utils.version import LooseVersion
|
||||||
from distutils.version import LooseVersion
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
from proxmoxer import ProxmoxAPI
|
from proxmoxer import ProxmoxAPI
|
||||||
|
|
||||||
HAS_PROXMOXER = True
|
HAS_PROXMOXER = True
|
||||||
except ImportError:
|
except ImportError:
|
||||||
HAS_PROXMOXER = False
|
HAS_PROXMOXER = False
|
||||||
|
|
||||||
|
try:
|
||||||
|
from requests.packages import urllib3
|
||||||
|
|
||||||
|
HAS_URLLIB3 = True
|
||||||
|
except ImportError:
|
||||||
|
try:
|
||||||
|
import urllib3
|
||||||
|
|
||||||
|
HAS_URLLIB3 = True
|
||||||
|
except ImportError:
|
||||||
|
HAS_URLLIB3 = False
|
||||||
|
|
||||||
|
|
||||||
class InventoryModule(BaseInventoryPlugin):
|
class InventoryModule(BaseInventoryPlugin):
|
||||||
|
"""Provide Proxmox VE inventory."""
|
||||||
|
|
||||||
NAME = "xoxys.general.proxmox"
|
NAME = "xoxys.general.proxmox"
|
||||||
|
|
||||||
def _auth(self):
|
def _proxmox_auth(self):
|
||||||
return ProxmoxAPI(
|
auth_args = {"user": self.get_option("api_user")}
|
||||||
self.get_option("server"),
|
if not (self.get_option("api_token_id") and self.get_option("api_token_secret")):
|
||||||
user=self.get_option("user"),
|
auth_args["password"] = self.get_option("api_password")
|
||||||
password=self.get_option("password"),
|
else:
|
||||||
verify_ssl=boolean(self.get_option("password"), strict=False),
|
auth_args["token_name"] = self.get_option("api_token_id")
|
||||||
timeout=self.get_option("auth_timeout")
|
auth_args["token_value"] = self.get_option("api_token_secret")
|
||||||
|
|
||||||
|
verify_ssl = boolean(self.get_option("verify_ssl"), strict=False)
|
||||||
|
if not verify_ssl and HAS_URLLIB3:
|
||||||
|
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
|
||||||
|
|
||||||
|
self.client = ProxmoxAPI(
|
||||||
|
self.get_option("api_host"),
|
||||||
|
verify_ssl=verify_ssl,
|
||||||
|
timeout=self.get_option("auth_timeout"),
|
||||||
|
**auth_args,
|
||||||
)
|
)
|
||||||
|
|
||||||
def _get_version(self):
|
def _get_version(self):
|
||||||
@ -117,14 +158,12 @@ class InventoryModule(BaseInventoryPlugin):
|
|||||||
return LooseVersion(self.client.version.get()["release"])
|
return LooseVersion(self.client.version.get()["release"])
|
||||||
|
|
||||||
def _get_names(self, pve_list, pve_type):
|
def _get_names(self, pve_list, pve_type):
|
||||||
names = []
|
|
||||||
|
|
||||||
if pve_type == "node":
|
if pve_type == "node":
|
||||||
names = [node["node"] for node in pve_list]
|
return [node["node"] for node in pve_list]
|
||||||
elif pve_type == "pool":
|
if pve_type == "pool":
|
||||||
names = [pool["poolid"] for pool in pve_list]
|
return [pool["poolid"] for pool in pve_list]
|
||||||
|
|
||||||
return names
|
return []
|
||||||
|
|
||||||
def _get_variables(self, pve_list, pve_type):
|
def _get_variables(self, pve_list, pve_type):
|
||||||
variables = {}
|
variables = {}
|
||||||
@ -139,15 +178,12 @@ class InventoryModule(BaseInventoryPlugin):
|
|||||||
return variables
|
return variables
|
||||||
|
|
||||||
def _get_ip_address(self, pve_type, pve_node, vmid):
|
def _get_ip_address(self, pve_type, pve_node, vmid):
|
||||||
|
|
||||||
def validate(address):
|
def validate(address):
|
||||||
try:
|
try:
|
||||||
# IP address validation
|
# IP address validation
|
||||||
if socket.inet_aton(address):
|
if socket.inet_aton(address) and address != "127.0.0.1":
|
||||||
# Ignore localhost
|
|
||||||
if address != "127.0.0.1":
|
|
||||||
return address
|
return address
|
||||||
except socket.error:
|
except OSError:
|
||||||
return False
|
return False
|
||||||
|
|
||||||
address = False
|
address = False
|
||||||
@ -159,19 +195,18 @@ class InventoryModule(BaseInventoryPlugin):
|
|||||||
networks = self.client.nodes(pve_node).get(
|
networks = self.client.nodes(pve_node).get(
|
||||||
"qemu", vmid, "agent", "network-get-interfaces"
|
"qemu", vmid, "agent", "network-get-interfaces"
|
||||||
)["result"]
|
)["result"]
|
||||||
except Exception:
|
except Exception: # noqa
|
||||||
pass
|
pass
|
||||||
|
|
||||||
if networks:
|
if networks and isinstance(networks, list):
|
||||||
if type(networks) is list:
|
|
||||||
for network in networks:
|
for network in networks:
|
||||||
for ip_address in network["ip-addresses"]:
|
for ip_address in network.get("ip-addresses", []):
|
||||||
address = validate(ip_address["ip-address"])
|
address = validate(ip_address["ip-address"])
|
||||||
else:
|
else:
|
||||||
try:
|
try:
|
||||||
config = self.client.nodes(pve_node).get(pve_type, vmid, "config")
|
config = self.client.nodes(pve_node).get(pve_type, vmid, "config")
|
||||||
address = re.search(r"ip=(\d*\.\d*\.\d*\.\d*)", config["net0"]).group(1)
|
address = re.search(r"ip=(\d*\.\d*\.\d*\.\d*)", config["net0"]).group(1)
|
||||||
except Exception:
|
except Exception: # noqa
|
||||||
pass
|
pass
|
||||||
|
|
||||||
return address
|
return address
|
||||||
@ -197,8 +232,8 @@ class InventoryModule(BaseInventoryPlugin):
|
|||||||
try:
|
try:
|
||||||
qemu_list = self._exclude(self.client.nodes(node).qemu.get())
|
qemu_list = self._exclude(self.client.nodes(node).qemu.get())
|
||||||
container_list = self._exclude(self.client.nodes(node).lxc.get())
|
container_list = self._exclude(self.client.nodes(node).lxc.get())
|
||||||
except Exception as e:
|
except Exception as e: # noqa
|
||||||
raise AnsibleError("Proxmoxer API error: {0}".format(to_native(e)))
|
raise AnsibleError(f"Proxmoxer API error: {to_native(e)}") from e
|
||||||
|
|
||||||
# Merge QEMU and Containers lists from this node
|
# Merge QEMU and Containers lists from this node
|
||||||
instances = self._get_variables(qemu_list, "qemu").copy()
|
instances = self._get_variables(qemu_list, "qemu").copy()
|
||||||
@ -213,12 +248,13 @@ class InventoryModule(BaseInventoryPlugin):
|
|||||||
pve_type = "qemu"
|
pve_type = "qemu"
|
||||||
|
|
||||||
try:
|
try:
|
||||||
description = self.client.nodes(node).get(pve_type, vmid,
|
description = self.client.nodes(node).get(pve_type, vmid, "config")[
|
||||||
"config")["description"]
|
"description"
|
||||||
|
]
|
||||||
except KeyError:
|
except KeyError:
|
||||||
description = None
|
description = None
|
||||||
except Exception as e:
|
except Exception as e: # noqa
|
||||||
raise AnsibleError("Proxmoxer API error: {0}".format(to_native(e)))
|
raise AnsibleError(f"Proxmoxer API error: {to_native(e)}") from e
|
||||||
|
|
||||||
try:
|
try:
|
||||||
metadata = json.loads(description)
|
metadata = json.loads(description)
|
||||||
@ -252,8 +288,8 @@ class InventoryModule(BaseInventoryPlugin):
|
|||||||
for pool in self._get_names(self.client.pools.get(), "pool"):
|
for pool in self._get_names(self.client.pools.get(), "pool"):
|
||||||
try:
|
try:
|
||||||
pool_list = self._exclude(self.client.pool(pool).get()["members"])
|
pool_list = self._exclude(self.client.pool(pool).get()["members"])
|
||||||
except Exception as e:
|
except Exception as e: # noqa
|
||||||
raise AnsibleError("Proxmoxer API error: {0}".format(to_native(e)))
|
raise AnsibleError(f"Proxmoxer API error: {to_native(e)}") from e
|
||||||
|
|
||||||
members = [
|
members = [
|
||||||
member["name"]
|
member["name"]
|
||||||
@ -266,13 +302,13 @@ class InventoryModule(BaseInventoryPlugin):
|
|||||||
|
|
||||||
def verify_file(self, path):
|
def verify_file(self, path):
|
||||||
"""Verify the Proxmox VE configuration file."""
|
"""Verify the Proxmox VE configuration file."""
|
||||||
if super(InventoryModule, self).verify_file(path):
|
if super().verify_file(path):
|
||||||
endings = ("proxmox.yaml", "proxmox.yml")
|
endings = ("proxmox.yaml", "proxmox.yml")
|
||||||
if any((path.endswith(ending) for ending in endings)):
|
if any(path.endswith(ending) for ending in endings):
|
||||||
return True
|
return True
|
||||||
return False
|
return False
|
||||||
|
|
||||||
def parse(self, inventory, loader, path, cache=True):
|
def parse(self, inventory, loader, path, cache=True): # noqa
|
||||||
"""Dynamically parse the Proxmox VE cloud inventory."""
|
"""Dynamically parse the Proxmox VE cloud inventory."""
|
||||||
if not HAS_PROXMOXER:
|
if not HAS_PROXMOXER:
|
||||||
raise AnsibleError(
|
raise AnsibleError(
|
||||||
@ -280,8 +316,8 @@ class InventoryModule(BaseInventoryPlugin):
|
|||||||
"https://pypi.org/project/proxmoxer/"
|
"https://pypi.org/project/proxmoxer/"
|
||||||
)
|
)
|
||||||
|
|
||||||
super(InventoryModule, self).parse(inventory, loader, path)
|
super().parse(inventory, loader, path)
|
||||||
|
|
||||||
self._read_config_data(path)
|
self._read_config_data(path)
|
||||||
self.client = self._auth()
|
self._proxmox_auth()
|
||||||
self._propagate()
|
self._propagate()
|
||||||
|
402
plugins/module_utils/hashivault.py
Normal file
402
plugins/module_utils/hashivault.py
Normal file
@ -0,0 +1,402 @@
|
|||||||
|
"""Provide helper functions for Hashivault module."""
|
||||||
|
|
||||||
|
from __future__ import absolute_import, division, print_function
|
||||||
|
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
|
import os
|
||||||
|
import traceback
|
||||||
|
|
||||||
|
from ansible.module_utils.basic import missing_required_lib
|
||||||
|
from ansible.module_utils.basic import AnsibleModule
|
||||||
|
from ansible.module_utils.basic import env_fallback
|
||||||
|
|
||||||
|
HVAC_IMP_ERR = None
|
||||||
|
try:
|
||||||
|
import hvac
|
||||||
|
from hvac.exceptions import InvalidPath
|
||||||
|
|
||||||
|
HAS_HVAC = True
|
||||||
|
except ImportError:
|
||||||
|
HAS_HVAC = False
|
||||||
|
HVAC_IMP_ERR = traceback.format_exc()
|
||||||
|
|
||||||
|
|
||||||
|
def hashivault_argspec():
|
||||||
|
return dict(
|
||||||
|
url=dict(required=False, default=os.environ.get("VAULT_ADDR", ""), type="str"),
|
||||||
|
ca_cert=dict(required=False, default=os.environ.get("VAULT_CACERT", ""), type="str"),
|
||||||
|
ca_path=dict(required=False, default=os.environ.get("VAULT_CAPATH", ""), type="str"),
|
||||||
|
client_cert=dict(
|
||||||
|
required=False, default=os.environ.get("VAULT_CLIENT_CERT", ""), type="str"
|
||||||
|
),
|
||||||
|
client_key=dict(
|
||||||
|
required=False, default=os.environ.get("VAULT_CLIENT_KEY", ""), type="str", no_log=True
|
||||||
|
),
|
||||||
|
verify=dict(
|
||||||
|
required=False, default=(not os.environ.get("VAULT_SKIP_VERIFY", "False")), type="bool"
|
||||||
|
),
|
||||||
|
authtype=dict(
|
||||||
|
required=False,
|
||||||
|
default=os.environ.get("VAULT_AUTHTYPE", "token"),
|
||||||
|
type="str",
|
||||||
|
choices=["token", "userpass", "github", "ldap", "approle"],
|
||||||
|
),
|
||||||
|
login_mount_point=dict(
|
||||||
|
required=False, default=os.environ.get("VAULT_LOGIN_MOUNT_POINT", None), type="str"
|
||||||
|
),
|
||||||
|
token=dict(
|
||||||
|
required=False,
|
||||||
|
fallback=(hashivault_default_token, ["VAULT_TOKEN"]),
|
||||||
|
type="str",
|
||||||
|
no_log=True,
|
||||||
|
),
|
||||||
|
username=dict(required=False, default=os.environ.get("VAULT_USER", ""), type="str"),
|
||||||
|
password=dict(
|
||||||
|
required=False, fallback=(env_fallback, ["VAULT_PASSWORD"]), type="str", no_log=True
|
||||||
|
),
|
||||||
|
role_id=dict(
|
||||||
|
required=False, fallback=(env_fallback, ["VAULT_ROLE_ID"]), type="str", no_log=True
|
||||||
|
),
|
||||||
|
secret_id=dict(
|
||||||
|
required=False, fallback=(env_fallback, ["VAULT_SECRET_ID"]), type="str", no_log=True
|
||||||
|
),
|
||||||
|
aws_header=dict(
|
||||||
|
required=False, fallback=(env_fallback, ["VAULT_AWS_HEADER"]), type="str", no_log=True
|
||||||
|
),
|
||||||
|
namespace=dict(
|
||||||
|
required=False, default=os.environ.get("VAULT_NAMESPACE", None), type="str"
|
||||||
|
),
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def hashivault_init(
|
||||||
|
argument_spec,
|
||||||
|
supports_check_mode=False,
|
||||||
|
required_if=None,
|
||||||
|
required_together=None,
|
||||||
|
required_one_of=None,
|
||||||
|
mutually_exclusive=None,
|
||||||
|
):
|
||||||
|
module = AnsibleModule(
|
||||||
|
argument_spec=argument_spec,
|
||||||
|
supports_check_mode=supports_check_mode,
|
||||||
|
required_if=required_if,
|
||||||
|
required_together=required_together,
|
||||||
|
required_one_of=required_one_of,
|
||||||
|
mutually_exclusive=mutually_exclusive,
|
||||||
|
)
|
||||||
|
|
||||||
|
if not HAS_HVAC:
|
||||||
|
module.fail_json(msg=missing_required_lib("hvac"), exception=HVAC_IMP_ERR)
|
||||||
|
|
||||||
|
module.no_log_values.discard("0")
|
||||||
|
module.no_log_values.discard(0)
|
||||||
|
module.no_log_values.discard("1")
|
||||||
|
module.no_log_values.discard(1)
|
||||||
|
module.no_log_values.discard(True)
|
||||||
|
module.no_log_values.discard(False)
|
||||||
|
module.no_log_values.discard("ttl")
|
||||||
|
|
||||||
|
return module
|
||||||
|
|
||||||
|
|
||||||
|
def hashivault_client(params):
|
||||||
|
url = params.get("url")
|
||||||
|
ca_cert = params.get("ca_cert")
|
||||||
|
ca_path = params.get("ca_path")
|
||||||
|
client_cert = params.get("client_cert")
|
||||||
|
client_key = params.get("client_key")
|
||||||
|
cert = (client_cert, client_key)
|
||||||
|
check_verify = params.get("verify")
|
||||||
|
namespace = params.get("namespace", None)
|
||||||
|
|
||||||
|
if check_verify == "" or check_verify:
|
||||||
|
if ca_cert:
|
||||||
|
verify = ca_cert
|
||||||
|
elif ca_path:
|
||||||
|
verify = ca_path
|
||||||
|
else:
|
||||||
|
verify = check_verify
|
||||||
|
else:
|
||||||
|
verify = check_verify
|
||||||
|
|
||||||
|
return hvac.Client(url=url, cert=cert, verify=verify, namespace=namespace)
|
||||||
|
|
||||||
|
|
||||||
|
def hashivault_auth(client, params):
|
||||||
|
token = params.get("token")
|
||||||
|
authtype = params.get("authtype")
|
||||||
|
login_mount_point = params.get("login_mount_point", authtype)
|
||||||
|
if not login_mount_point:
|
||||||
|
login_mount_point = authtype
|
||||||
|
username = params.get("username")
|
||||||
|
password = params.get("password")
|
||||||
|
secret_id = params.get("secret_id")
|
||||||
|
role_id = params.get("role_id")
|
||||||
|
|
||||||
|
if authtype == "github":
|
||||||
|
client.auth.github.login(token, mount_point=login_mount_point)
|
||||||
|
elif authtype == "userpass":
|
||||||
|
client.auth_userpass(username, password, mount_point=login_mount_point)
|
||||||
|
elif authtype == "ldap":
|
||||||
|
client.auth.ldap.login(username, password, mount_point=login_mount_point)
|
||||||
|
elif authtype == "approle":
|
||||||
|
client = AppRoleClient(client, role_id, secret_id, mount_point=login_mount_point)
|
||||||
|
elif authtype == "tls":
|
||||||
|
client.auth_tls()
|
||||||
|
else:
|
||||||
|
client.token = token
|
||||||
|
return client
|
||||||
|
|
||||||
|
|
||||||
|
def hashivault_auth_client(params):
|
||||||
|
client = hashivault_client(params)
|
||||||
|
return hashivault_auth(client, params)
|
||||||
|
|
||||||
|
|
||||||
|
def hashiwrapper(function):
|
||||||
|
def wrapper(*args, **kwargs):
|
||||||
|
result = {"changed": False, "rc": 0}
|
||||||
|
result.update(function(*args, **kwargs))
|
||||||
|
return result
|
||||||
|
|
||||||
|
return wrapper
|
||||||
|
|
||||||
|
|
||||||
|
def hashivault_default_token(env):
|
||||||
|
"""Get a default Vault token from an environment variable or a file."""
|
||||||
|
envvar = env[0]
|
||||||
|
if envvar in os.environ:
|
||||||
|
return os.environ[envvar]
|
||||||
|
token_file = os.path.expanduser("~/.vault-token")
|
||||||
|
if os.path.exists(token_file):
|
||||||
|
with open(token_file) as f:
|
||||||
|
return f.read().strip()
|
||||||
|
return ""
|
||||||
|
|
||||||
|
|
||||||
|
@hashiwrapper
|
||||||
|
def hashivault_read(params):
|
||||||
|
result = {"changed": False, "rc": 0}
|
||||||
|
client = hashivault_auth_client(params)
|
||||||
|
version = params.get("version")
|
||||||
|
mount_point = params.get("mount_point")
|
||||||
|
secret = params.get("secret")
|
||||||
|
secret_version = params.get("secret_version")
|
||||||
|
|
||||||
|
key = params.get("key")
|
||||||
|
default = params.get("default")
|
||||||
|
|
||||||
|
if secret.startswith("/"):
|
||||||
|
secret = secret.lstrip("/")
|
||||||
|
mount_point = ""
|
||||||
|
|
||||||
|
secret_path = f"{mount_point}/{secret}" if mount_point else secret
|
||||||
|
|
||||||
|
try:
|
||||||
|
if version == 2:
|
||||||
|
response = client.secrets.kv.v2.read_secret_version(
|
||||||
|
secret, mount_point=mount_point, version=secret_version
|
||||||
|
)
|
||||||
|
else:
|
||||||
|
response = client.secrets.kv.v1.read_secret(secret, mount_point=mount_point)
|
||||||
|
except InvalidPath:
|
||||||
|
response = None
|
||||||
|
except Exception as e: # noqa: BLE001
|
||||||
|
result["rc"] = 1
|
||||||
|
result["failed"] = True
|
||||||
|
error_string = f"{e.__class__.__name__}({e})"
|
||||||
|
result["msg"] = f"Error {error_string} reading {secret_path}"
|
||||||
|
return result
|
||||||
|
if not response:
|
||||||
|
if default is not None:
|
||||||
|
result["value"] = default
|
||||||
|
return result
|
||||||
|
result["rc"] = 1
|
||||||
|
result["failed"] = True
|
||||||
|
result["msg"] = f"Secret {secret_path} is not in vault"
|
||||||
|
return result
|
||||||
|
if version == 2:
|
||||||
|
try:
|
||||||
|
data = response.get("data", {})
|
||||||
|
data = data.get("data", {})
|
||||||
|
except Exception: # noqa: BLE001
|
||||||
|
data = str(response)
|
||||||
|
else:
|
||||||
|
data = response["data"]
|
||||||
|
lease_duration = response.get("lease_duration", None)
|
||||||
|
if lease_duration is not None:
|
||||||
|
result["lease_duration"] = lease_duration
|
||||||
|
lease_id = response.get("lease_id", None)
|
||||||
|
if lease_id is not None:
|
||||||
|
result["lease_id"] = lease_id
|
||||||
|
renewable = response.get("renewable", None)
|
||||||
|
if renewable is not None:
|
||||||
|
result["renewable"] = renewable
|
||||||
|
wrap_info = response.get("wrap_info", None)
|
||||||
|
if wrap_info is not None:
|
||||||
|
result["wrap_info"] = wrap_info
|
||||||
|
if key and key not in data:
|
||||||
|
if default is not None:
|
||||||
|
result["value"] = default
|
||||||
|
return result
|
||||||
|
result["rc"] = 1
|
||||||
|
result["failed"] = True
|
||||||
|
result["msg"] = f"Key {key} is not in secret {secret_path}"
|
||||||
|
return result
|
||||||
|
value = data[key] if key else data
|
||||||
|
result["value"] = value
|
||||||
|
return result
|
||||||
|
|
||||||
|
|
||||||
|
class AppRoleClient:
|
||||||
|
"""
|
||||||
|
hvac.Client decorator generate and set a new approle token.
|
||||||
|
|
||||||
|
This allows multiple calls to Vault without having to manually
|
||||||
|
generate and set a token on every Vault call.
|
||||||
|
"""
|
||||||
|
|
||||||
|
def __init__(self, client, role_id, secret_id, mount_point):
|
||||||
|
object.__setattr__(self, "client", client)
|
||||||
|
object.__setattr__(self, "role_id", role_id)
|
||||||
|
object.__setattr__(self, "secret_id", secret_id)
|
||||||
|
object.__setattr__(self, "login_mount_point", mount_point)
|
||||||
|
|
||||||
|
def __setattr__(self, name, val):
|
||||||
|
client = object.__getattribute__(self, "client")
|
||||||
|
client.__setattr__(name, val)
|
||||||
|
|
||||||
|
def __getattribute__(self, name):
|
||||||
|
client = object.__getattribute__(self, "client")
|
||||||
|
attr = client.__getattribute__(name)
|
||||||
|
|
||||||
|
role_id = object.__getattribute__(self, "role_id")
|
||||||
|
secret_id = object.__getattribute__(self, "secret_id")
|
||||||
|
login_mount_point = object.__getattribute__(self, "login_mount_point")
|
||||||
|
resp = client.auth_approle(role_id, secret_id=secret_id, mount_point=login_mount_point)
|
||||||
|
client.token = str(resp["auth"]["client_token"])
|
||||||
|
return attr
|
||||||
|
|
||||||
|
|
||||||
|
def _compare_state(desired_state, current_state, ignore=None):
|
||||||
|
"""
|
||||||
|
Compare desired state to current state.
|
||||||
|
|
||||||
|
Returns true if objects are equal.
|
||||||
|
|
||||||
|
Recursively walks dict object to compare all keys.
|
||||||
|
|
||||||
|
:param desired_state: The state user desires.
|
||||||
|
:param current_state: The state that currently exists.
|
||||||
|
:param ignore: Ignore these keys.
|
||||||
|
:type ignore: list
|
||||||
|
|
||||||
|
:return: True if the states are the same.
|
||||||
|
:rtype: bool
|
||||||
|
"""
|
||||||
|
|
||||||
|
if ignore is None:
|
||||||
|
ignore = []
|
||||||
|
if isinstance(desired_state, list):
|
||||||
|
if not isinstance(current_state, list) or (len(desired_state) != len(current_state)):
|
||||||
|
return False
|
||||||
|
return set(desired_state) == set(current_state)
|
||||||
|
|
||||||
|
if isinstance(desired_state, dict):
|
||||||
|
if not isinstance(current_state, dict):
|
||||||
|
return False
|
||||||
|
|
||||||
|
# iterate over dictionary keys
|
||||||
|
for key in desired_state:
|
||||||
|
if key in ignore:
|
||||||
|
continue
|
||||||
|
v = desired_state[key]
|
||||||
|
if (key not in current_state) or (not _compare_state(v, current_state.get(key))):
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
||||||
|
# Lots of things get handled as strings in ansible that aren"t necessarily strings,
|
||||||
|
# can extend this list later.
|
||||||
|
if isinstance(desired_state, str) and isinstance(current_state, int):
|
||||||
|
current_state = str(current_state)
|
||||||
|
|
||||||
|
return desired_state == current_state
|
||||||
|
|
||||||
|
|
||||||
|
def _convert_to_seconds(original_value):
|
||||||
|
try:
|
||||||
|
value = str(original_value)
|
||||||
|
seconds = 0
|
||||||
|
if "h" in value:
|
||||||
|
ray = value.split("h")
|
||||||
|
seconds = int(ray.pop(0)) * 3600
|
||||||
|
value = "".join(ray)
|
||||||
|
if "m" in value:
|
||||||
|
ray = value.split("m")
|
||||||
|
seconds += int(ray.pop(0)) * 60
|
||||||
|
value = "".join(ray)
|
||||||
|
if value:
|
||||||
|
ray = value.split("s")
|
||||||
|
seconds += int(ray.pop(0))
|
||||||
|
return seconds
|
||||||
|
except Exception: # noqa: BLE001,S110
|
||||||
|
pass
|
||||||
|
return original_value
|
||||||
|
|
||||||
|
|
||||||
|
def get_keys_updated(desired_state, current_state, ignore=None):
|
||||||
|
"""
|
||||||
|
|
||||||
|
Return list of keys that have different values.
|
||||||
|
|
||||||
|
Recursively walks dict object to compare all keys.
|
||||||
|
|
||||||
|
:param desired_state: The state user desires.
|
||||||
|
:type desired_state: dict
|
||||||
|
:param current_state: The state that currently exists.
|
||||||
|
:type current_state: dict
|
||||||
|
:param ignore: Ignore these keys.
|
||||||
|
:type ignore: list
|
||||||
|
|
||||||
|
:return: Different items
|
||||||
|
:rtype: list
|
||||||
|
"""
|
||||||
|
|
||||||
|
if ignore is None:
|
||||||
|
ignore = []
|
||||||
|
|
||||||
|
differences = []
|
||||||
|
for key in desired_state:
|
||||||
|
if key in ignore:
|
||||||
|
continue
|
||||||
|
if key not in current_state:
|
||||||
|
differences.append(key)
|
||||||
|
continue
|
||||||
|
new_value = desired_state[key]
|
||||||
|
old_value = current_state[key]
|
||||||
|
if (
|
||||||
|
"ttl" in key and (_convert_to_seconds(old_value) != _convert_to_seconds(new_value))
|
||||||
|
) or not _compare_state(new_value, old_value):
|
||||||
|
differences.append(key)
|
||||||
|
return differences
|
||||||
|
|
||||||
|
|
||||||
|
def is_state_changed(desired_state, current_state, ignore=None): # noqa: ARG001
|
||||||
|
"""
|
||||||
|
Return list of keys that have different values.
|
||||||
|
|
||||||
|
Recursively walks dict object to compare all keys.
|
||||||
|
|
||||||
|
:param desired_state: The state user desires.
|
||||||
|
:type desired_state: dict
|
||||||
|
:param current_state: The state that currently exists.
|
||||||
|
:type current_state: dict
|
||||||
|
:param ignore: Ignore these keys.
|
||||||
|
:type ignore: list
|
||||||
|
|
||||||
|
:return: Different
|
||||||
|
:rtype: bool
|
||||||
|
"""
|
||||||
|
return len(get_keys_updated(desired_state, current_state)) > 0
|
24
plugins/module_utils/version.py
Normal file
24
plugins/module_utils/version.py
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
# Copyright (c) 2021, Felix Fontein <felix@fontein.de>
|
||||||
|
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||||
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||||
|
"""Provide version object to compare version numbers."""
|
||||||
|
|
||||||
|
from __future__ import absolute_import, division, print_function
|
||||||
|
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
|
from ansible.module_utils.six import raise_from
|
||||||
|
|
||||||
|
try:
|
||||||
|
from ansible.module_utils.compat.version import LooseVersion # noqa: F401,E501 pylint: disable=unused-import
|
||||||
|
except ImportError:
|
||||||
|
try:
|
||||||
|
from distutils.version import LooseVersion # noqa: F401, pylint: disable=unused-import
|
||||||
|
except ImportError as exc:
|
||||||
|
msg = (
|
||||||
|
"To use this plugin or module with ansible-core 2.11, you need to use Python < 3.12 "
|
||||||
|
"with distutils.version present"
|
||||||
|
)
|
||||||
|
raise_from(ImportError(msg), exc)
|
72
plugins/modules/hashivault_unseal.py
Normal file
72
plugins/modules/hashivault_unseal.py
Normal file
@ -0,0 +1,72 @@
|
|||||||
|
#!/usr/bin/python
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||||
|
"""Unseal Hashicorp Vault servers."""
|
||||||
|
|
||||||
|
from __future__ import absolute_import, division, print_function
|
||||||
|
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
|
ANSIBLE_METADATA = {"status": ["stableinterface"], "supported_by": "community", "version": "1.1"}
|
||||||
|
|
||||||
|
DOCUMENTATION = """
|
||||||
|
---
|
||||||
|
module: hashivault_unseal
|
||||||
|
short_description: Hashicorp Vault unseal module.
|
||||||
|
version_added: 1.2.0
|
||||||
|
description:
|
||||||
|
- "Module to unseal Hashicorp Vault."
|
||||||
|
options:
|
||||||
|
keys:
|
||||||
|
description:
|
||||||
|
- Vault key shard(s).
|
||||||
|
type: list
|
||||||
|
elements: str
|
||||||
|
required: true
|
||||||
|
author:
|
||||||
|
- Robert Kaussow (@xoxys)
|
||||||
|
extends_documentation_fragment:
|
||||||
|
- xoxys.general.hashivault
|
||||||
|
"""
|
||||||
|
|
||||||
|
EXAMPLES = """
|
||||||
|
---
|
||||||
|
- name: Unseal vault
|
||||||
|
hashivault_unseal:
|
||||||
|
keys:
|
||||||
|
- 26479cc0-54bc-4252-9c34-baca54aa5de7
|
||||||
|
- 47f942e3-8525-4b44-ba2f-84a4ae81db7d
|
||||||
|
- 2ee9c868-4275-4836-8747-4f8fb7611aa0
|
||||||
|
url: https://vault.example.com
|
||||||
|
"""
|
||||||
|
|
||||||
|
from ansible_collections.xoxys.general.plugins.module_utils.hashivault import hashivault_argspec
|
||||||
|
from ansible_collections.xoxys.general.plugins.module_utils.hashivault import hashivault_client
|
||||||
|
from ansible_collections.xoxys.general.plugins.module_utils.hashivault import hashivault_init
|
||||||
|
from ansible_collections.xoxys.general.plugins.module_utils.hashivault import hashiwrapper
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
argspec = hashivault_argspec()
|
||||||
|
argspec["keys"] = dict(required=True, type="list", elements="str", no_log=True)
|
||||||
|
module = hashivault_init(argspec)
|
||||||
|
result = hashivault_unseal(module.params)
|
||||||
|
if result.get("failed"):
|
||||||
|
module.fail_json(**result)
|
||||||
|
else:
|
||||||
|
module.exit_json(**result)
|
||||||
|
|
||||||
|
|
||||||
|
@hashiwrapper
|
||||||
|
def hashivault_unseal(params):
|
||||||
|
keys = params.get("keys")
|
||||||
|
client = hashivault_client(params)
|
||||||
|
if client.sys.is_sealed():
|
||||||
|
return {"status": client.sys.submit_unseal_keys(keys), "changed": True}
|
||||||
|
|
||||||
|
return {"changed": False}
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == "__main__":
|
||||||
|
main()
|
@ -1,3 +1,4 @@
|
|||||||
|
#!/usr/bin/python
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
"""
|
"""
|
||||||
IPtables raw module.
|
IPtables raw module.
|
||||||
@ -21,13 +22,17 @@ You should have received a copy of the GNU General Public License
|
|||||||
along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
from __future__ import (absolute_import, division, print_function)
|
||||||
|
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
ANSIBLE_METADATA = {'status': ['preview'], 'supported_by': 'community', 'metadata_version': '1.0'}
|
ANSIBLE_METADATA = {'status': ['preview'], 'supported_by': 'community', 'metadata_version': '1.0'}
|
||||||
|
|
||||||
DOCUMENTATION = r'''
|
DOCUMENTATION = r'''
|
||||||
---
|
---
|
||||||
module: iptables_raw
|
module: iptables_raw
|
||||||
short_description: Manage iptables rules
|
short_description: Manage iptables rules
|
||||||
version_added: "2.4"
|
version_added: 1.1.0
|
||||||
description:
|
description:
|
||||||
- Add/remove iptables rules while keeping state.
|
- Add/remove iptables rules while keeping state.
|
||||||
options:
|
options:
|
||||||
@ -35,13 +40,14 @@ options:
|
|||||||
description:
|
description:
|
||||||
- Create a backup of the iptables state file before overwriting it.
|
- Create a backup of the iptables state file before overwriting it.
|
||||||
required: false
|
required: false
|
||||||
choices: ["yes", "no"]
|
type: bool
|
||||||
default: "no"
|
default: False
|
||||||
ipversion:
|
ipversion:
|
||||||
description:
|
description:
|
||||||
- Target the IP version this rule is for.
|
- Target the IP version this rule is for.
|
||||||
required: false
|
required: false
|
||||||
default: "4"
|
default: "4"
|
||||||
|
type: str
|
||||||
choices: ["4", "6"]
|
choices: ["4", "6"]
|
||||||
keep_unmanaged:
|
keep_unmanaged:
|
||||||
description:
|
description:
|
||||||
@ -54,8 +60,8 @@ options:
|
|||||||
first time, since if you don't specify correct rules, you can block
|
first time, since if you don't specify correct rules, you can block
|
||||||
yourself out of the managed host."
|
yourself out of the managed host."
|
||||||
required: false
|
required: false
|
||||||
choices: ["yes", "no"]
|
type: bool
|
||||||
default: "yes"
|
default: True
|
||||||
name:
|
name:
|
||||||
description:
|
description:
|
||||||
- Name that will be used as an identifier for these rules. It can contain
|
- Name that will be used as an identifier for these rules. It can contain
|
||||||
@ -64,17 +70,21 @@ options:
|
|||||||
C(state=absent) to flush all rules in the selected table, or even all
|
C(state=absent) to flush all rules in the selected table, or even all
|
||||||
tables with C(table=*).
|
tables with C(table=*).
|
||||||
required: true
|
required: true
|
||||||
|
type: str
|
||||||
rules:
|
rules:
|
||||||
description:
|
description:
|
||||||
- The rules that we want to add. Accepts multiline values.
|
- The rules that we want to add. Accepts multiline values.
|
||||||
- "Note: You can only use C(-A)/C(--append), C(-N)/C(--new-chain), and
|
- "Note: You can only use C(-A)/C(--append), C(-N)/C(--new-chain), and
|
||||||
C(-P)/C(--policy) to specify rules."
|
C(-P)/C(--policy) to specify rules."
|
||||||
required: false
|
required: false
|
||||||
|
type: str
|
||||||
|
default: ""
|
||||||
state:
|
state:
|
||||||
description:
|
description:
|
||||||
- The state this rules fragment should be in.
|
- The state this rules fragment should be in.
|
||||||
choices: ["present", "absent"]
|
choices: ["present", "absent"]
|
||||||
required: false
|
required: false
|
||||||
|
type: str
|
||||||
default: present
|
default: present
|
||||||
table:
|
table:
|
||||||
description:
|
description:
|
||||||
@ -82,12 +92,13 @@ options:
|
|||||||
with C(name=*) and C(state=absent) to flush all rules in all tables.
|
with C(name=*) and C(state=absent) to flush all rules in all tables.
|
||||||
choices: ["filter", "nat", "mangle", "raw", "security", "*"]
|
choices: ["filter", "nat", "mangle", "raw", "security", "*"]
|
||||||
required: false
|
required: false
|
||||||
|
type: str
|
||||||
default: filter
|
default: filter
|
||||||
weight:
|
weight:
|
||||||
description:
|
description:
|
||||||
- Determines the order of the rules. Lower C(weight) means higher
|
- Determines the order of the rules. Lower C(weight) means higher
|
||||||
priority. Supported range is C(0 - 99)
|
priority. Supported range is C(0 - 99)
|
||||||
choices: ["0 - 99"]
|
type: int
|
||||||
required: false
|
required: false
|
||||||
default: 40
|
default: 40
|
||||||
notes:
|
notes:
|
||||||
@ -116,7 +127,7 @@ EXAMPLES = '''
|
|||||||
- iptables_raw:
|
- iptables_raw:
|
||||||
name: default_rules
|
name: default_rules
|
||||||
weight: 10
|
weight: 10
|
||||||
keep_unmanaged: no
|
keep_unmanaged: false
|
||||||
rules: |
|
rules: |
|
||||||
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
|
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
|
||||||
-A INPUT -i lo -j ACCEPT
|
-A INPUT -i lo -j ACCEPT
|
||||||
@ -156,12 +167,12 @@ RETURN = '''
|
|||||||
state:
|
state:
|
||||||
description: state of the rules
|
description: state of the rules
|
||||||
returned: success
|
returned: success
|
||||||
type: string
|
type: str
|
||||||
sample: present
|
sample: present
|
||||||
name:
|
name:
|
||||||
description: name of the rules
|
description: name of the rules
|
||||||
returned: success
|
returned: success
|
||||||
type: string
|
type: str
|
||||||
sample: open_tcp_80
|
sample: open_tcp_80
|
||||||
weight:
|
weight:
|
||||||
description: weight of the rules
|
description: weight of the rules
|
||||||
@ -176,22 +187,22 @@ ipversion:
|
|||||||
rules:
|
rules:
|
||||||
description: passed rules
|
description: passed rules
|
||||||
returned: success
|
returned: success
|
||||||
type: string
|
type: str
|
||||||
sample: "-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT"
|
sample: "-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT"
|
||||||
table:
|
table:
|
||||||
description: iptables table used
|
description: iptables table used
|
||||||
returned: success
|
returned: success
|
||||||
type: string
|
type: str
|
||||||
sample: filter
|
sample: filter
|
||||||
backup:
|
backup:
|
||||||
description: if the iptables file should backed up
|
description: if the iptables file should backed up
|
||||||
returned: success
|
returned: success
|
||||||
type: boolean
|
type: bool
|
||||||
sample: False
|
sample: False
|
||||||
keep_unmanaged:
|
keep_unmanaged:
|
||||||
description: if it should keep unmanaged rules
|
description: if it should keep unmanaged rules
|
||||||
returned: success
|
returned: success
|
||||||
type: boolean
|
type: bool
|
||||||
sample: True
|
sample: True
|
||||||
'''
|
'''
|
||||||
|
|
||||||
@ -205,6 +216,7 @@ from collections import defaultdict
|
|||||||
|
|
||||||
from ansible.module_utils.basic import AnsibleModule
|
from ansible.module_utils.basic import AnsibleModule
|
||||||
from ansible.module_utils.basic import json
|
from ansible.module_utils.basic import json
|
||||||
|
from ansible_collections.xoxys.general.plugins.module_utils.version import LooseVersion
|
||||||
|
|
||||||
|
|
||||||
# Genereates a diff dictionary from an old and new table dump.
|
# Genereates a diff dictionary from an old and new table dump.
|
||||||
@ -346,7 +358,6 @@ class Iptables:
|
|||||||
|
|
||||||
# Checks if iptables is installed and if we have a correct version.
|
# Checks if iptables is installed and if we have a correct version.
|
||||||
def _check_compatibility(self):
|
def _check_compatibility(self):
|
||||||
from distutils.version import StrictVersion
|
|
||||||
cmd = [self.bins['iptables'], '--version']
|
cmd = [self.bins['iptables'], '--version']
|
||||||
rc, stdout, stderr = Iptables.module.run_command(cmd, check_rc=False)
|
rc, stdout, stderr = Iptables.module.run_command(cmd, check_rc=False)
|
||||||
if rc == 0:
|
if rc == 0:
|
||||||
@ -355,7 +366,7 @@ class Iptables:
|
|||||||
version = result.group(1)
|
version = result.group(1)
|
||||||
# CentOS 5 ip6tables (v1.3.x) doesn't support comments,
|
# CentOS 5 ip6tables (v1.3.x) doesn't support comments,
|
||||||
# which means it cannot be used with this module.
|
# which means it cannot be used with this module.
|
||||||
if StrictVersion(version) < StrictVersion('1.4'):
|
if LooseVersion(version) < LooseVersion('1.4'):
|
||||||
Iptables.module.fail_json(
|
Iptables.module.fail_json(
|
||||||
msg="This module isn't compatible with ip6tables versions older than 1.4.x"
|
msg="This module isn't compatible with ip6tables versions older than 1.4.x"
|
||||||
)
|
)
|
||||||
|
@ -1,25 +1,36 @@
|
|||||||
|
#!/usr/bin/python
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||||
"""OpenSSL PKCS12 module."""
|
"""OpenSSL PKCS12 module."""
|
||||||
|
|
||||||
|
from __future__ import absolute_import, division, print_function
|
||||||
|
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
ANSIBLE_METADATA = {"metadata_version": "1.0", "status": ["preview"], "supported_by": "community"}
|
ANSIBLE_METADATA = {"metadata_version": "1.0", "status": ["preview"], "supported_by": "community"}
|
||||||
|
|
||||||
DOCUMENTATION = """
|
DOCUMENTATION = """
|
||||||
---
|
---
|
||||||
module: openssl_pkcs12
|
module: openssl_pkcs12
|
||||||
author: "Guillaume Delpierre (@gdelpierre)"
|
author: "Guillaume Delpierre (@gdelpierre)"
|
||||||
version_added: "2.4"
|
version_added: 1.1.0
|
||||||
short_description: Generate OpenSSL pkcs12 archive.
|
short_description: Generate OpenSSL pkcs12 archive.
|
||||||
description:
|
description:
|
||||||
- "This module allows one to (re-)generate PKCS#12."
|
- "This module allows one to (re-)generate PKCS#12."
|
||||||
requirements:
|
requirements:
|
||||||
- "python-pyOpenSSL"
|
- "python-pyOpenSSL"
|
||||||
|
extends_documentation_fragment: files
|
||||||
options:
|
options:
|
||||||
ca_certificates:
|
ca_certificates:
|
||||||
required: False
|
required: False
|
||||||
|
type: list
|
||||||
|
elements: str
|
||||||
description:
|
description:
|
||||||
- List of CA certificate to include.
|
- List of CA certificate to include.
|
||||||
cert_path:
|
cert_path:
|
||||||
required: False
|
required: False
|
||||||
|
type: path
|
||||||
description:
|
description:
|
||||||
- The path to read certificates and private keys from.
|
- The path to read certificates and private keys from.
|
||||||
Must be in PEM format.
|
Must be in PEM format.
|
||||||
@ -27,61 +38,70 @@ options:
|
|||||||
required: False
|
required: False
|
||||||
default: "export"
|
default: "export"
|
||||||
choices: ["parse", "export"]
|
choices: ["parse", "export"]
|
||||||
|
type: str
|
||||||
description:
|
description:
|
||||||
- Create (export) or parse a PKCS#12.
|
- Create (export) or parse a PKCS#12.
|
||||||
src:
|
src:
|
||||||
required: False
|
required: False
|
||||||
|
type: path
|
||||||
description:
|
description:
|
||||||
- PKCS#12 file path to parse.
|
- PKCS#12 file path to parse.
|
||||||
path:
|
path:
|
||||||
required: True
|
required: True
|
||||||
default: null
|
type: path
|
||||||
description:
|
description:
|
||||||
- Filename to write the PKCS#12 file to.
|
- Filename to write the PKCS#12 file to.
|
||||||
force:
|
force:
|
||||||
required: False
|
required: False
|
||||||
default: False
|
default: False
|
||||||
|
type: bool
|
||||||
description:
|
description:
|
||||||
- Should the file be regenerated even it it already exists.
|
- Should the file be regenerated even it it already exists.
|
||||||
friendly_name:
|
friendly_name:
|
||||||
required: False
|
required: False
|
||||||
default: null
|
type: str
|
||||||
aliases: "name"
|
aliases:
|
||||||
|
- "name"
|
||||||
description:
|
description:
|
||||||
- Specifies the friendly name for the certificate and private key.
|
- Specifies the friendly name for the certificate and private key.
|
||||||
iter_size:
|
iter_size:
|
||||||
required: False
|
required: False
|
||||||
default: 2048
|
default: 2048
|
||||||
|
type: int
|
||||||
description:
|
description:
|
||||||
- Number of times to repeat the encryption step.
|
- Number of times to repeat the encryption step.
|
||||||
maciter_size:
|
maciter_size:
|
||||||
required: False
|
required: False
|
||||||
default: 1
|
default: 1
|
||||||
|
type: int
|
||||||
description:
|
description:
|
||||||
- Number of times to repeat the MAC step.
|
- Number of times to repeat the MAC step.
|
||||||
mode:
|
mode:
|
||||||
required: False
|
required: False
|
||||||
default: 0400
|
default: "0400"
|
||||||
|
type: str
|
||||||
description:
|
description:
|
||||||
- Default mode for the generated PKCS#12 file.
|
- Default mode for the generated PKCS#12 file.
|
||||||
passphrase:
|
passphrase:
|
||||||
required: False
|
required: False
|
||||||
default: null
|
type: str
|
||||||
description:
|
description:
|
||||||
- The PKCS#12 password.
|
- The PKCS#12 password.
|
||||||
privatekey_path:
|
privatekey_path:
|
||||||
required: False
|
required: False
|
||||||
|
type: path
|
||||||
description:
|
description:
|
||||||
- File to read private key from.
|
- File to read private key from.
|
||||||
privatekey_passphrase:
|
privatekey_passphrase:
|
||||||
required: False
|
required: False
|
||||||
default: null
|
type: str
|
||||||
description:
|
description:
|
||||||
- Passphrase source to decrypt any input private keys with.
|
- Passphrase source to decrypt any input private keys with.
|
||||||
state:
|
state:
|
||||||
required: False
|
required: False
|
||||||
default: "present"
|
default: "present"
|
||||||
choices: ["present", "absent"]
|
choices: ["present", "absent"]
|
||||||
|
type: str
|
||||||
description:
|
description:
|
||||||
- Whether the file should exist or not.
|
- Whether the file should exist or not.
|
||||||
"""
|
"""
|
||||||
@ -133,7 +153,7 @@ RETURN = """
|
|||||||
filename:
|
filename:
|
||||||
description: Path to the generate PKCS#12 file.
|
description: Path to the generate PKCS#12 file.
|
||||||
returned: changed or success
|
returned: changed or success
|
||||||
type: string
|
type: str
|
||||||
sample: /opt/certs/ansible.p12
|
sample: /opt/certs/ansible.p12
|
||||||
"""
|
"""
|
||||||
|
|
||||||
@ -151,12 +171,11 @@ else:
|
|||||||
pyopenssl_found = True
|
pyopenssl_found = True
|
||||||
|
|
||||||
|
|
||||||
class PkcsError(Exception):
|
class PkcsError(Exception): # noqa
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class Pkcs(object):
|
class Pkcs(object): # noqa
|
||||||
|
|
||||||
def __init__(self, module):
|
def __init__(self, module):
|
||||||
self.path = module.params["path"]
|
self.path = module.params["path"]
|
||||||
self.force = module.params["force"]
|
self.force = module.params["force"]
|
||||||
@ -181,56 +200,56 @@ class Pkcs(object):
|
|||||||
def load_privatekey(self, path, passphrase=None):
|
def load_privatekey(self, path, passphrase=None):
|
||||||
"""Load the specified OpenSSL private key."""
|
"""Load the specified OpenSSL private key."""
|
||||||
try:
|
try:
|
||||||
if passphrase:
|
return (
|
||||||
privatekey = crypto.load_privatekey(
|
crypto.load_privatekey(
|
||||||
crypto.FILETYPE_PEM,
|
crypto.FILETYPE_PEM,
|
||||||
open(path, "rb").read(), passphrase
|
open(path, "rb").read(), # noqa
|
||||||
|
passphrase,
|
||||||
)
|
)
|
||||||
else:
|
if passphrase
|
||||||
privatekey = crypto.load_privatekey(crypto.FILETYPE_PEM, open(path, "rb").read())
|
else crypto.load_privatekey(
|
||||||
|
crypto.FILETYPE_PEM,
|
||||||
return privatekey
|
open(path, "rb").read(), # noqa
|
||||||
except (IOError, OSError) as exc:
|
)
|
||||||
raise PkcsError(exc)
|
)
|
||||||
|
except OSError as exc:
|
||||||
|
raise PkcsError(exc) from exc
|
||||||
|
|
||||||
def load_certificate(self, path):
|
def load_certificate(self, path):
|
||||||
"""Load the specified certificate."""
|
"""Load the specified certificate."""
|
||||||
try:
|
try:
|
||||||
cert_content = open(path, "rb").read()
|
cert_content = open(path, "rb").read() # noqa
|
||||||
cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert_content)
|
return crypto.load_certificate(crypto.FILETYPE_PEM, cert_content)
|
||||||
return cert
|
except OSError as exc:
|
||||||
except (IOError, OSError) as exc:
|
raise PkcsError(exc) from exc
|
||||||
raise PkcsError(exc)
|
|
||||||
|
|
||||||
def load_pkcs12(self, path, passphrase=None):
|
def load_pkcs12(self, path, passphrase=None):
|
||||||
"""Load pkcs12 file."""
|
"""Load pkcs12 file."""
|
||||||
try:
|
try:
|
||||||
if passphrase:
|
if passphrase:
|
||||||
return crypto.load_pkcs12(open(path, "rb").read(), passphrase)
|
return crypto.load_pkcs12(open(path, "rb").read(), passphrase) # noqa
|
||||||
else:
|
|
||||||
return crypto.load_pkcs12(open(path, "rb").read())
|
return crypto.load_pkcs12(open(path, "rb").read()) # noqa
|
||||||
except (IOError, OSError) as exc:
|
except OSError as exc:
|
||||||
raise PkcsError(exc)
|
raise PkcsError(exc) from exc
|
||||||
|
|
||||||
def dump_privatekey(self, path):
|
def dump_privatekey(self, path):
|
||||||
"""Dump the specified OpenSSL private key."""
|
"""Dump the specified OpenSSL private key."""
|
||||||
try:
|
try:
|
||||||
return crypto.dump_privatekey(
|
return crypto.dump_privatekey(
|
||||||
crypto.FILETYPE_PEM,
|
crypto.FILETYPE_PEM, self.load_pkcs12(path).get_privatekey()
|
||||||
self.load_pkcs12(path).get_privatekey()
|
|
||||||
)
|
)
|
||||||
except (IOError, OSError) as exc:
|
except OSError as exc:
|
||||||
raise PkcsError(exc)
|
raise PkcsError(exc) from exc
|
||||||
|
|
||||||
def dump_certificate(self, path):
|
def dump_certificate(self, path):
|
||||||
"""Dump the specified certificate."""
|
"""Dump the specified certificate."""
|
||||||
try:
|
try:
|
||||||
return crypto.dump_certificate(
|
return crypto.dump_certificate(
|
||||||
crypto.FILETYPE_PEM,
|
crypto.FILETYPE_PEM, self.load_pkcs12(path).get_certificate()
|
||||||
self.load_pkcs12(path).get_certificate()
|
|
||||||
)
|
)
|
||||||
except (IOError, OSError) as exc:
|
except OSError as exc:
|
||||||
raise PkcsError(exc)
|
raise PkcsError(exc) from exc
|
||||||
|
|
||||||
def generate(self, module):
|
def generate(self, module):
|
||||||
"""Generate PKCS#12 file archive."""
|
"""Generate PKCS#12 file archive."""
|
||||||
@ -264,9 +283,9 @@ class Pkcs(object):
|
|||||||
)
|
)
|
||||||
module.set_mode_if_different(self.path, self.mode, False)
|
module.set_mode_if_different(self.path, self.mode, False)
|
||||||
self.changed = True
|
self.changed = True
|
||||||
except (IOError, OSError) as exc:
|
except OSError as exc:
|
||||||
self.remove()
|
self.remove()
|
||||||
raise PkcsError(exc)
|
raise PkcsError(exc) from exc
|
||||||
|
|
||||||
file_args = module.load_file_common_arguments(module.params)
|
file_args = module.load_file_common_arguments(module.params)
|
||||||
if module.set_fs_attributes_if_different(file_args, False):
|
if module.set_fs_attributes_if_different(file_args, False):
|
||||||
@ -281,14 +300,12 @@ class Pkcs(object):
|
|||||||
|
|
||||||
with open(self.path, "wb") as content:
|
with open(self.path, "wb") as content:
|
||||||
content.write(
|
content.write(
|
||||||
"{0}{1}".format(
|
f"{self.dump_privatekey(self.src)}{self.dump_certificate(self.src)}"
|
||||||
self.dump_privatekey(self.src), self.dump_certificate(self.src)
|
|
||||||
)
|
|
||||||
)
|
)
|
||||||
module.set_mode_if_different(self.path, self.mode, False)
|
module.set_mode_if_different(self.path, self.mode, False)
|
||||||
self.changed = True
|
self.changed = True
|
||||||
except IOError as exc:
|
except OSError as exc:
|
||||||
raise PkcsError(exc)
|
raise PkcsError(exc) from exc
|
||||||
|
|
||||||
file_args = module.load_file_common_arguments(module.params)
|
file_args = module.load_file_common_arguments(module.params)
|
||||||
if module.set_fs_attributes_if_different(file_args, False):
|
if module.set_fs_attributes_if_different(file_args, False):
|
||||||
@ -302,12 +319,11 @@ class Pkcs(object):
|
|||||||
self.changed = True
|
self.changed = True
|
||||||
except OSError as exc:
|
except OSError as exc:
|
||||||
if exc.errno != errno.ENOENT:
|
if exc.errno != errno.ENOENT:
|
||||||
raise PkcsError(exc)
|
raise PkcsError(exc) from exc
|
||||||
else:
|
|
||||||
pass
|
pass
|
||||||
|
|
||||||
def check(self, module, perms_required=True):
|
def check(self, module, perms_required=True): # noqa
|
||||||
|
|
||||||
def _check_pkey_passphrase():
|
def _check_pkey_passphrase():
|
||||||
if self.privatekey_passphrase:
|
if self.privatekey_passphrase:
|
||||||
try:
|
try:
|
||||||
@ -337,19 +353,20 @@ class Pkcs(object):
|
|||||||
|
|
||||||
def main():
|
def main():
|
||||||
argument_spec = dict(
|
argument_spec = dict(
|
||||||
action=dict(default="export", choices=["parse", "export"], type="str"),
|
action=dict(default="export", choices=["parse", "export"], type="str", required=False),
|
||||||
ca_certificates=dict(type="list"),
|
ca_certificates=dict(type="list", elements="str", required=False),
|
||||||
cert_path=dict(type="path"),
|
cert_path=dict(type="path"),
|
||||||
force=dict(default=False, type="bool"),
|
force=dict(default=False, type="bool"),
|
||||||
friendly_name=dict(type="str", aliases=["name"]),
|
friendly_name=dict(type="str", aliases=["name"]),
|
||||||
iter_size=dict(default=2048, type="int"),
|
iter_size=dict(default=2048, type="int"),
|
||||||
maciter_size=dict(default=1, type="int"),
|
maciter_size=dict(default=1, type="int"),
|
||||||
passphrase=dict(type="str", no_log=True),
|
passphrase=dict(type="str", no_log=True),
|
||||||
path=dict(required=True, type="path"),
|
path=dict(type="path", required=True),
|
||||||
privatekey_path=dict(type="path"),
|
privatekey_path=dict(type="path"),
|
||||||
privatekey_passphrase=dict(type="str", no_log=True),
|
privatekey_passphrase=dict(type="str", no_log=True),
|
||||||
state=dict(default="present", choices=["present", "absent"], type="str"),
|
state=dict(default="present", choices=["present", "absent"], type="str"),
|
||||||
src=dict(type="path"),
|
src=dict(type="path"),
|
||||||
|
mode=dict(default="0400", type="str", required=False),
|
||||||
)
|
)
|
||||||
|
|
||||||
required_if = [
|
required_if = [
|
||||||
@ -376,8 +393,7 @@ def main():
|
|||||||
if not os.path.isdir(base_dir):
|
if not os.path.isdir(base_dir):
|
||||||
module.fail_json(
|
module.fail_json(
|
||||||
name=base_dir,
|
name=base_dir,
|
||||||
msg="The directory {0} does not exist or "
|
msg=f"The directory {base_dir} does not exist or the file is not a directory",
|
||||||
"the file is not a directory".format(base_dir)
|
|
||||||
)
|
)
|
||||||
|
|
||||||
pkcs12 = Pkcs(module)
|
pkcs12 = Pkcs(module)
|
||||||
|
File diff suppressed because it is too large
Load Diff
@ -1,5 +1,12 @@
|
|||||||
|
#!/usr/bin/python
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
"""Module to control Univention Corporate Registry."""
|
|
||||||
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||||
|
"""Control Univention Corporate Registry."""
|
||||||
|
|
||||||
|
from __future__ import absolute_import, division, print_function
|
||||||
|
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
ANSIBLE_METADATA = {"metadata_version": "1.1", "status": ["preview"], "supported_by": "community"}
|
ANSIBLE_METADATA = {"metadata_version": "1.1", "status": ["preview"], "supported_by": "community"}
|
||||||
|
|
||||||
@ -7,7 +14,7 @@ DOCUMENTATION = """
|
|||||||
---
|
---
|
||||||
module: ucr
|
module: ucr
|
||||||
short_description: Manage variables in univention configuration registry.
|
short_description: Manage variables in univention configuration registry.
|
||||||
version_added: "2.6"
|
version_added: 1.1.0
|
||||||
description:
|
description:
|
||||||
- "This module allows to manage variables inside the univention configuration registry
|
- "This module allows to manage variables inside the univention configuration registry
|
||||||
on a univention corporate server (UCS)."
|
on a univention corporate server (UCS)."
|
||||||
@ -15,16 +22,21 @@ options:
|
|||||||
path:
|
path:
|
||||||
description:
|
description:
|
||||||
- Path for the variable
|
- Path for the variable
|
||||||
|
aliases:
|
||||||
|
- name
|
||||||
required: True
|
required: True
|
||||||
default: null
|
type: str
|
||||||
value:
|
value:
|
||||||
description:
|
description:
|
||||||
- New value of the variable
|
- New value of the variable
|
||||||
required: False
|
required: False
|
||||||
|
type: str
|
||||||
|
default: ""
|
||||||
state:
|
state:
|
||||||
required: False
|
required: False
|
||||||
default: "present"
|
default: "present"
|
||||||
choices: ["present", "absent"]
|
choices: ["present", "absent"]
|
||||||
|
type: str
|
||||||
description:
|
description:
|
||||||
- Whether the variable should be exist or not.
|
- Whether the variable should be exist or not.
|
||||||
author:
|
author:
|
||||||
@ -49,43 +61,46 @@ RETURN = """
|
|||||||
original_message:
|
original_message:
|
||||||
description: The original name param that was passed in
|
description: The original name param that was passed in
|
||||||
type: str
|
type: str
|
||||||
|
returned: success
|
||||||
message:
|
message:
|
||||||
description: The output message that the sample module generates
|
description: The output message that the sample module generates
|
||||||
|
type: str
|
||||||
|
returned: success
|
||||||
"""
|
"""
|
||||||
|
|
||||||
from ansible.module_utils.basic import AnsibleModule
|
from ansible.module_utils.basic import AnsibleModule
|
||||||
from univention.config_registry import ConfigRegistry # noqa
|
|
||||||
from univention.config_registry.frontend import ucr_update # noqa
|
try:
|
||||||
|
from univention.config_registry import ConfigRegistry
|
||||||
|
from univention.config_registry.frontend import ucr_update
|
||||||
|
|
||||||
|
HAS_UNIVENTION = True
|
||||||
|
except ImportError:
|
||||||
|
HAS_UNIVENTION = False
|
||||||
|
|
||||||
|
|
||||||
def get_variable(ucr, path):
|
def get_variable(ucr, path):
|
||||||
ucr.load()
|
ucr.load()
|
||||||
if path in ucr:
|
return ucr.get(path) if path in ucr else None
|
||||||
value = ucr.get(path)
|
|
||||||
else:
|
|
||||||
value = None
|
|
||||||
return value
|
|
||||||
|
|
||||||
|
|
||||||
def set_variable(ucr, path, value, result):
|
def set_variable(ucr, path, value, result): # noqa
|
||||||
org_value = get_variable(ucr, path)
|
org_value = get_variable(ucr, path)
|
||||||
ucr_update(ucr, {path: value})
|
ucr_update(ucr, {path: value})
|
||||||
new_value = get_variable(ucr, path)
|
new_value = get_variable(ucr, path)
|
||||||
return not org_value == new_value
|
return org_value != new_value
|
||||||
|
|
||||||
|
|
||||||
def dry_variable(ucr, path, value, result):
|
def dry_variable(ucr, path, value, result): # noqa
|
||||||
org_value = get_variable(ucr, path)
|
org_value = get_variable(ucr, path)
|
||||||
return not org_value == value
|
return org_value != value
|
||||||
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
ucr = ConfigRegistry()
|
|
||||||
|
|
||||||
module_args = dict(
|
module_args = dict(
|
||||||
path=dict(type="str", required=True, aliases=["name"]),
|
path=dict(type="str", required=True, aliases=["name"]),
|
||||||
value=dict(type="str", required=False, default=""),
|
value=dict(type="str", required=False, default=""),
|
||||||
state=dict(default="present", choices=["present", "absent"], type="str")
|
state=dict(default="present", choices=["present", "absent"], type="str"),
|
||||||
)
|
)
|
||||||
|
|
||||||
required_if = [["state", "present", ["value"]]]
|
required_if = [["state", "present", ["value"]]]
|
||||||
@ -94,12 +109,16 @@ def main():
|
|||||||
argument_spec=module_args, supports_check_mode=True, required_if=required_if
|
argument_spec=module_args, supports_check_mode=True, required_if=required_if
|
||||||
)
|
)
|
||||||
|
|
||||||
|
if not HAS_UNIVENTION:
|
||||||
|
module.fail_json(msg="univention required for this module")
|
||||||
|
|
||||||
|
ucr = ConfigRegistry()
|
||||||
|
|
||||||
result = dict(changed=False, original_message="", message="")
|
result = dict(changed=False, original_message="", message="")
|
||||||
|
|
||||||
path = module.params["path"]
|
path = module.params["path"]
|
||||||
value = module.params["value"]
|
value = module.params["value"]
|
||||||
if module.params["state"] == "present":
|
if module.params["state"] == "present" and (value is None or value == "None"):
|
||||||
if value is None or value == "None":
|
|
||||||
value = ""
|
value = ""
|
||||||
elif module.params["state"] == "absent":
|
elif module.params["state"] == "absent":
|
||||||
value = None
|
value = None
|
||||||
|
1158
poetry.lock
generated
Normal file
1158
poetry.lock
generated
Normal file
File diff suppressed because it is too large
Load Diff
152
pyproject.toml
Normal file
152
pyproject.toml
Normal file
@ -0,0 +1,152 @@
|
|||||||
|
[tool.poetry]
|
||||||
|
authors = ["Robert Kaussow <mail@thegeeklab.de>"]
|
||||||
|
classifiers = [
|
||||||
|
"Development Status :: 5 - Production/Stable",
|
||||||
|
"Environment :: Console",
|
||||||
|
"License :: OSI Approved :: MIT License",
|
||||||
|
"Intended Audience :: Developers",
|
||||||
|
"Intended Audience :: Information Technology",
|
||||||
|
"Intended Audience :: System Administrators",
|
||||||
|
"Natural Language :: English",
|
||||||
|
"Operating System :: POSIX",
|
||||||
|
"Programming Language :: Python :: 3",
|
||||||
|
"Programming Language :: Python :: 3.9",
|
||||||
|
"Programming Language :: Python :: 3.10",
|
||||||
|
"Programming Language :: Python :: 3.11",
|
||||||
|
"Programming Language :: Python :: 3.12",
|
||||||
|
"Topic :: Utilities",
|
||||||
|
"Topic :: Software Development",
|
||||||
|
"Topic :: Software Development :: Documentation",
|
||||||
|
]
|
||||||
|
description = "Build environment for Ansible Collection."
|
||||||
|
license = "MIT"
|
||||||
|
name = "xoxys.general"
|
||||||
|
readme = "README.md"
|
||||||
|
repository = "https://gitea.rknet.org/ansible/xoxys.general"
|
||||||
|
version = "0.0.0"
|
||||||
|
|
||||||
|
[tool.poetry.dependencies]
|
||||||
|
python = "^3.9.0"
|
||||||
|
ansible-core = { version = "<=2.14.0", optional = true }
|
||||||
|
pyopenssl = "23.0.0"
|
||||||
|
proxmoxer = "2.0.1"
|
||||||
|
hcloud = "1.18.2"
|
||||||
|
|
||||||
|
[tool.poetry.extras]
|
||||||
|
ansible = ["ansible-core"]
|
||||||
|
|
||||||
|
[tool.poetry.group.dev.dependencies]
|
||||||
|
ruff = "0.1.7"
|
||||||
|
pytest = "7.2.1"
|
||||||
|
pytest-mock = "3.10.0"
|
||||||
|
pytest-cov = "4.0.0"
|
||||||
|
toml = "0.10.2"
|
||||||
|
pycodestyle = "2.10.0"
|
||||||
|
yamllint = "1.29.0"
|
||||||
|
pylint = "2.15.0"
|
||||||
|
voluptuous = "0.13.1"
|
||||||
|
pytest-ansible = "3.1.5"
|
||||||
|
pytest-forked = "1.6.0"
|
||||||
|
pytest-xdist = "3.3.1"
|
||||||
|
|
||||||
|
[tool.pytest.ini_options]
|
||||||
|
addopts = "--cov --cov-report=xml:coverage.xml --cov-report=term --cov-append --no-cov-on-fail"
|
||||||
|
pythonpath = [
|
||||||
|
"."
|
||||||
|
]
|
||||||
|
testpaths = [
|
||||||
|
"tests",
|
||||||
|
]
|
||||||
|
filterwarnings = [
|
||||||
|
"ignore::FutureWarning",
|
||||||
|
"ignore::DeprecationWarning",
|
||||||
|
"ignore:.*pep8.*:FutureWarning",
|
||||||
|
"ignore:AnsibleCollectionFinder.*:UserWarning"
|
||||||
|
]
|
||||||
|
|
||||||
|
[tool.coverage.run]
|
||||||
|
omit = ["**/tests/*"]
|
||||||
|
|
||||||
|
[build-system]
|
||||||
|
build-backend = "poetry_dynamic_versioning.backend"
|
||||||
|
requires = ["poetry-core>=1.0.0", "poetry-dynamic-versioning"]
|
||||||
|
|
||||||
|
[tool.ruff]
|
||||||
|
exclude = [
|
||||||
|
".git",
|
||||||
|
"__pycache__",
|
||||||
|
"build",
|
||||||
|
"dist",
|
||||||
|
"tests",
|
||||||
|
"*.pyc",
|
||||||
|
"*.egg-info",
|
||||||
|
".cache",
|
||||||
|
".eggs",
|
||||||
|
"env*",
|
||||||
|
".venv",
|
||||||
|
"iptables_raw.py",
|
||||||
|
]
|
||||||
|
|
||||||
|
line-length = 99
|
||||||
|
indent-width = 4
|
||||||
|
|
||||||
|
# Explanation of errors
|
||||||
|
#
|
||||||
|
# D102: Missing docstring in public method
|
||||||
|
# D103: Missing docstring in public function
|
||||||
|
# D105: Missing docstring in magic method
|
||||||
|
# D107: Missing docstring in __init__
|
||||||
|
# D202: No blank lines allowed after function docstring
|
||||||
|
# D203: One blank line required before class docstring
|
||||||
|
# E402: Module level import not at top of file
|
||||||
|
# SIM105: Use `contextlib.suppress(Exception)` instead of try-except-pass
|
||||||
|
# C402: Unnecessary generator (rewrite as a `dict` comprehension)
|
||||||
|
# C408: Unnecessary `dict` call (rewrite as a literal)
|
||||||
|
# I001: Import block is un-sorted or un-formatted
|
||||||
|
# UP001: `__metaclass__ = type` is implied
|
||||||
|
# UP009: UTF-8 encoding declaration is unnecessary
|
||||||
|
# UP010: Unnecessary `__future__` imports `absolute_import`, `division`, `print_function` for target Python version
|
||||||
|
ignore = [
|
||||||
|
"D102",
|
||||||
|
"D103",
|
||||||
|
"D105",
|
||||||
|
"D107",
|
||||||
|
"D202",
|
||||||
|
"D203",
|
||||||
|
"D212",
|
||||||
|
"E402",
|
||||||
|
"SIM105",
|
||||||
|
"C402",
|
||||||
|
"C408",
|
||||||
|
"I001",
|
||||||
|
"UP001",
|
||||||
|
"UP009",
|
||||||
|
"UP010",
|
||||||
|
"RUF100",
|
||||||
|
]
|
||||||
|
select = [
|
||||||
|
"D",
|
||||||
|
"E",
|
||||||
|
"F",
|
||||||
|
"Q",
|
||||||
|
"W",
|
||||||
|
"I",
|
||||||
|
"S",
|
||||||
|
"BLE",
|
||||||
|
"N",
|
||||||
|
"UP",
|
||||||
|
"B",
|
||||||
|
"A",
|
||||||
|
"C4",
|
||||||
|
"T20",
|
||||||
|
"SIM",
|
||||||
|
"RET",
|
||||||
|
"ARG",
|
||||||
|
"ERA",
|
||||||
|
"RUF",
|
||||||
|
]
|
||||||
|
|
||||||
|
[tool.ruff.format]
|
||||||
|
quote-style = "double"
|
||||||
|
indent-style = "space"
|
||||||
|
line-ending = "lf"
|
@ -1,4 +0,0 @@
|
|||||||
ansible-base
|
|
||||||
pyopenssl
|
|
||||||
proxmoxer
|
|
||||||
hcloud
|
|
42
setup.cfg
42
setup.cfg
@ -1,42 +0,0 @@
|
|||||||
[isort]
|
|
||||||
default_section = THIRDPARTY
|
|
||||||
sections = FUTURE,STDLIB,THIRDPARTY,FIRSTPARTY,LOCALFOLDER
|
|
||||||
force_single_line = true
|
|
||||||
line_length = 99
|
|
||||||
skip_glob = **/.venv*,**/venv/*,**/docs/*,**/inventory/*,**/modules/*
|
|
||||||
|
|
||||||
[yapf]
|
|
||||||
based_on_style = google
|
|
||||||
column_limit = 99
|
|
||||||
dedent_closing_brackets = true
|
|
||||||
coalesce_brackets = true
|
|
||||||
split_before_logical_operator = true
|
|
||||||
|
|
||||||
[tool:pytest]
|
|
||||||
filterwarnings =
|
|
||||||
ignore::FutureWarning
|
|
||||||
ignore:.*collections.*:DeprecationWarning
|
|
||||||
ignore:.*pep8.*:FutureWarning
|
|
||||||
|
|
||||||
[coverage:run]
|
|
||||||
omit =
|
|
||||||
**/test/*
|
|
||||||
**/.venv/*
|
|
||||||
|
|
||||||
[flake8]
|
|
||||||
ignore = D101, D102, D103, D105, D107, D202, E402, W503, B902
|
|
||||||
max-line-length = 99
|
|
||||||
inline-quotes = double
|
|
||||||
exclude =
|
|
||||||
.git
|
|
||||||
.tox
|
|
||||||
__pycache__
|
|
||||||
build
|
|
||||||
dist
|
|
||||||
test
|
|
||||||
*.pyc
|
|
||||||
*.egg-info
|
|
||||||
.cache
|
|
||||||
.eggs
|
|
||||||
env*
|
|
||||||
iptables_raw.py
|
|
@ -1 +0,0 @@
|
|||||||
# noqa
|
|
@ -1,11 +0,0 @@
|
|||||||
ansible
|
|
||||||
|
|
||||||
# requirement for the proxmox modules
|
|
||||||
proxmoxer
|
|
||||||
requests
|
|
||||||
|
|
||||||
# requirement for the corenetworks modules
|
|
||||||
corenetworks
|
|
||||||
|
|
||||||
# requirement for the openssl_pkcs12 module
|
|
||||||
pyOpenSSL
|
|
2
tests/config.yml
Normal file
2
tests/config.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
modules:
|
||||||
|
python_requires: ">=3.9"
|
@ -1,16 +1,16 @@
|
|||||||
"""Test inventory plugin proxmox."""
|
"""Test inventory plugin proxmox."""
|
||||||
# -*- coding: utf-8 -*-
|
|
||||||
# Copyright (c) 2020, Robert Kaussow <mail@thegeeklab.de>
|
# Copyright (c) 2020, Robert Kaussow <mail@thegeeklab.de>
|
||||||
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||||
|
|
||||||
from __future__ import (absolute_import, division, print_function)
|
from __future__ import (absolute_import, division, print_function)
|
||||||
|
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
import pytest
|
import pytest
|
||||||
|
|
||||||
proxmox = pytest.importorskip("proxmoxer")
|
proxmox = pytest.importorskip("proxmoxer")
|
||||||
|
|
||||||
from ansible.errors import AnsibleError, AnsibleParserError # noqa
|
from ansible_collections.xoxys.general.plugins.inventory.proxmox import InventoryModule
|
||||||
from plugins.inventory.proxmox import InventoryModule
|
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
@ -58,7 +58,7 @@ def test_get_ip_address(inventory, mocker):
|
|||||||
inventory.client = mocker.MagicMock()
|
inventory.client = mocker.MagicMock()
|
||||||
inventory.client.nodes.return_value.get.return_value = networks
|
inventory.client.nodes.return_value.get.return_value = networks
|
||||||
|
|
||||||
assert "10.0.0.1" == inventory._get_ip_address("qemu", None, None)
|
assert inventory._get_ip_address("qemu", None, None) == "10.0.0.1"
|
||||||
|
|
||||||
|
|
||||||
def test_exclude(inventory, mocker):
|
def test_exclude(inventory, mocker):
|
Loading…
Reference in New Issue
Block a user