feat: add hashivault_unseal module #5
@ -17,7 +17,7 @@ local PythonVersion(pyversion='3.8') = {
|
|||||||
local AnsibleVersion(version='devel') = {
|
local AnsibleVersion(version='devel') = {
|
||||||
local gitversion = if version == 'devel' then 'devel' else 'stable-' + version,
|
local gitversion = if version == 'devel' then 'devel' else 'stable-' + version,
|
||||||
name: 'ansible-' + std.strReplace(version, '.', ''),
|
name: 'ansible-' + std.strReplace(version, '.', ''),
|
||||||
image: 'python:3.9',
|
image: 'python:3.10',
|
||||||
environment: {
|
environment: {
|
||||||
PY_COLORS: 1,
|
PY_COLORS: 1,
|
||||||
},
|
},
|
||||||
@ -106,8 +106,8 @@ local PipelineSanityTest = {
|
|||||||
},
|
},
|
||||||
steps: [
|
steps: [
|
||||||
AnsibleVersion(version='devel'),
|
AnsibleVersion(version='devel'),
|
||||||
|
AnsibleVersion(version='2.15'),
|
||||||
AnsibleVersion(version='2.14'),
|
AnsibleVersion(version='2.14'),
|
||||||
AnsibleVersion(version='2.13'),
|
|
||||||
],
|
],
|
||||||
depends_on: [
|
depends_on: [
|
||||||
'unit-test',
|
'unit-test',
|
||||||
|
16
.drone.yml
16
.drone.yml
@ -108,7 +108,7 @@ workspace:
|
|||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: ansible-devel
|
- name: ansible-devel
|
||||||
image: python:3.9
|
image: python:3.10
|
||||||
commands:
|
commands:
|
||||||
- pip install poetry -qq
|
- pip install poetry -qq
|
||||||
- poetry install
|
- poetry install
|
||||||
@ -120,12 +120,12 @@ steps:
|
|||||||
depends_on:
|
depends_on:
|
||||||
- clone
|
- clone
|
||||||
|
|
||||||
- name: ansible-214
|
- name: ansible-215
|
||||||
image: python:3.9
|
image: python:3.10
|
||||||
commands:
|
commands:
|
||||||
- pip install poetry -qq
|
- pip install poetry -qq
|
||||||
- poetry install
|
- poetry install
|
||||||
- poetry run pip install https://github.com/ansible/ansible/archive/stable-2.14.tar.gz --disable-pip-version-check
|
- poetry run pip install https://github.com/ansible/ansible/archive/stable-2.15.tar.gz --disable-pip-version-check
|
||||||
- poetry run ansible --version
|
- poetry run ansible --version
|
||||||
- poetry run ansible-test sanity --exclude .chglog/ --exclude .drone.yml --python 3.9
|
- poetry run ansible-test sanity --exclude .chglog/ --exclude .drone.yml --python 3.9
|
||||||
environment:
|
environment:
|
||||||
@ -133,12 +133,12 @@ steps:
|
|||||||
depends_on:
|
depends_on:
|
||||||
- clone
|
- clone
|
||||||
|
|
||||||
- name: ansible-213
|
- name: ansible-214
|
||||||
image: python:3.9
|
image: python:3.10
|
||||||
commands:
|
commands:
|
||||||
- pip install poetry -qq
|
- pip install poetry -qq
|
||||||
- poetry install
|
- poetry install
|
||||||
- poetry run pip install https://github.com/ansible/ansible/archive/stable-2.13.tar.gz --disable-pip-version-check
|
- poetry run pip install https://github.com/ansible/ansible/archive/stable-2.14.tar.gz --disable-pip-version-check
|
||||||
- poetry run ansible --version
|
- poetry run ansible --version
|
||||||
- poetry run ansible-test sanity --exclude .chglog/ --exclude .drone.yml --python 3.9
|
- poetry run ansible-test sanity --exclude .chglog/ --exclude .drone.yml --python 3.9
|
||||||
environment:
|
environment:
|
||||||
@ -279,6 +279,6 @@ depends_on:
|
|||||||
|
|
||||||
---
|
---
|
||||||
kind: signature
|
kind: signature
|
||||||
hmac: 440b43b8ce15d152c7abdd936c77b25aeb978c5f63e7f7ac9895063afbdba384
|
hmac: d60a76cb5820c26f16756634312756f06a51c55d81aad7e863c6925a43ae2346
|
||||||
|
|
||||||
...
|
...
|
||||||
|
107
plugins/doc_fragments/hashivault.py
Normal file
107
plugins/doc_fragments/hashivault.py
Normal file
@ -0,0 +1,107 @@
|
|||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||||
|
"""Implement documentation fragment for Hashivault module."""
|
||||||
|
|
||||||
|
from __future__ import (absolute_import, division, print_function)
|
||||||
|
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
|
|
||||||
|
class ModuleDocFragment:
|
||||||
|
# Standard documentation
|
||||||
|
DOCUMENTATION = r"""
|
||||||
|
requirements:
|
||||||
|
- hvac>=0.10.1
|
||||||
|
- ansible>=2.0.0
|
||||||
|
- requests
|
||||||
|
options:
|
||||||
|
url:
|
||||||
|
description:
|
||||||
|
- URL of the Vault server.
|
||||||
|
- You can use C(VAULT_ADDR) environment variable.
|
||||||
|
default: ""
|
||||||
|
type: str
|
||||||
|
ca_cert:
|
||||||
|
description:
|
||||||
|
- Path to a PEM-encoded CA cert file to use to verify the Vault server
|
||||||
|
TLS certificate.
|
||||||
|
- You can use C(VAULT_CACERT) environment variable.
|
||||||
|
default: ""
|
||||||
|
type: str
|
||||||
|
ca_path:
|
||||||
|
description:
|
||||||
|
- Path to a directory of PEM-encoded CA cert files to verify the Vault server
|
||||||
|
TLS certificate. If ca_cert is specified, its value will take precedence.
|
||||||
|
- You can use C(VAULT_CAPATH) environment variable.
|
||||||
|
default: ""
|
||||||
|
type: str
|
||||||
|
client_cert:
|
||||||
|
description:
|
||||||
|
- Path to a PEM-encoded client certificate for TLS authentication to the Vault
|
||||||
|
server.
|
||||||
|
- You can use C(VAULT_CLIENT_CERT) environment variable.
|
||||||
|
default: ""
|
||||||
|
type: str
|
||||||
|
client_key:
|
||||||
|
description:
|
||||||
|
- Path to an unencrypted PEM-encoded private key matching the client certificate.
|
||||||
|
- You can use C(VAULT_CLIENT_KEY) environment variable.
|
||||||
|
default: ""
|
||||||
|
type: str
|
||||||
|
verify:
|
||||||
|
description:
|
||||||
|
- If set, do not verify presented TLS certificate before communicating with Vault
|
||||||
|
server. Setting this variable is not recommended except during testing.
|
||||||
|
- You can use C(VAULT_SKIP_VERIFY) environment variable.
|
||||||
|
default: false
|
||||||
|
type: bool
|
||||||
|
authtype:
|
||||||
|
description:
|
||||||
|
- Authentication type.
|
||||||
|
- You can use C(VAULT_AUTHTYPE) environment variable.
|
||||||
|
default: "token"
|
||||||
|
type: str
|
||||||
|
choices: ["token", "userpass", "github", "ldap", "approle"]
|
||||||
|
login_mount_point:
|
||||||
|
description:
|
||||||
|
- Authentication mount point.
|
||||||
|
- You can use C(VAULT_LOGIN_MOUNT_POINT) environment variable.
|
||||||
|
type: str
|
||||||
|
token:
|
||||||
|
description:
|
||||||
|
- Token for vault.
|
||||||
|
- You can use C(VAULT_TOKEN) environment variable.
|
||||||
|
type: str
|
||||||
|
username:
|
||||||
|
description:
|
||||||
|
- Username to login to vault.
|
||||||
|
- You can use C(VAULT_USER) environment variable.
|
||||||
|
default: ""
|
||||||
|
type: str
|
||||||
|
password:
|
||||||
|
description:
|
||||||
|
- Password to login to vault.
|
||||||
|
- You can use C(VAULT_PASSWORD) environment variable.
|
||||||
|
type: str
|
||||||
|
role_id:
|
||||||
|
description:
|
||||||
|
- Role id for vault.
|
||||||
|
- You can use C(VAULT_ROLE_ID) environment variable.
|
||||||
|
type: str
|
||||||
|
secret_id:
|
||||||
|
description:
|
||||||
|
- Secret id for vault.
|
||||||
|
- You can use C(VAULT_SECRET_ID) environment variable.
|
||||||
|
type: str
|
||||||
|
aws_header:
|
||||||
|
description:
|
||||||
|
- X-Vault-AWS-IAM-Server-ID Header value to prevent replay attacks.
|
||||||
|
- You can use C(VAULT_AWS_HEADER) environment variable.
|
||||||
|
type: str
|
||||||
|
namespace:
|
||||||
|
description:
|
||||||
|
- Namespace for vault.
|
||||||
|
- You can use C(VAULT_NAMESPACE) environment variable.
|
||||||
|
type: str
|
||||||
|
"""
|
Loading…
Reference in New Issue
Block a user