feat: add hashivault_unseal module #5
@ -17,7 +17,7 @@ local PythonVersion(pyversion='3.8') = {
|
||||
local AnsibleVersion(version='devel') = {
|
||||
local gitversion = if version == 'devel' then 'devel' else 'stable-' + version,
|
||||
name: 'ansible-' + std.strReplace(version, '.', ''),
|
||||
image: 'python:3.9',
|
||||
image: 'python:3.10',
|
||||
environment: {
|
||||
PY_COLORS: 1,
|
||||
},
|
||||
@ -106,8 +106,8 @@ local PipelineSanityTest = {
|
||||
},
|
||||
steps: [
|
||||
AnsibleVersion(version='devel'),
|
||||
AnsibleVersion(version='2.15'),
|
||||
AnsibleVersion(version='2.14'),
|
||||
AnsibleVersion(version='2.13'),
|
||||
],
|
||||
depends_on: [
|
||||
'unit-test',
|
||||
|
16
.drone.yml
16
.drone.yml
@ -108,7 +108,7 @@ workspace:
|
||||
|
||||
steps:
|
||||
- name: ansible-devel
|
||||
image: python:3.9
|
||||
image: python:3.10
|
||||
commands:
|
||||
- pip install poetry -qq
|
||||
- poetry install
|
||||
@ -120,12 +120,12 @@ steps:
|
||||
depends_on:
|
||||
- clone
|
||||
|
||||
- name: ansible-214
|
||||
image: python:3.9
|
||||
- name: ansible-215
|
||||
image: python:3.10
|
||||
commands:
|
||||
- pip install poetry -qq
|
||||
- poetry install
|
||||
- poetry run pip install https://github.com/ansible/ansible/archive/stable-2.14.tar.gz --disable-pip-version-check
|
||||
- poetry run pip install https://github.com/ansible/ansible/archive/stable-2.15.tar.gz --disable-pip-version-check
|
||||
- poetry run ansible --version
|
||||
- poetry run ansible-test sanity --exclude .chglog/ --exclude .drone.yml --python 3.9
|
||||
environment:
|
||||
@ -133,12 +133,12 @@ steps:
|
||||
depends_on:
|
||||
- clone
|
||||
|
||||
- name: ansible-213
|
||||
image: python:3.9
|
||||
- name: ansible-214
|
||||
image: python:3.10
|
||||
commands:
|
||||
- pip install poetry -qq
|
||||
- poetry install
|
||||
- poetry run pip install https://github.com/ansible/ansible/archive/stable-2.13.tar.gz --disable-pip-version-check
|
||||
- poetry run pip install https://github.com/ansible/ansible/archive/stable-2.14.tar.gz --disable-pip-version-check
|
||||
- poetry run ansible --version
|
||||
- poetry run ansible-test sanity --exclude .chglog/ --exclude .drone.yml --python 3.9
|
||||
environment:
|
||||
@ -279,6 +279,6 @@ depends_on:
|
||||
|
||||
---
|
||||
kind: signature
|
||||
hmac: 440b43b8ce15d152c7abdd936c77b25aeb978c5f63e7f7ac9895063afbdba384
|
||||
hmac: d60a76cb5820c26f16756634312756f06a51c55d81aad7e863c6925a43ae2346
|
||||
|
||||
...
|
||||
|
107
plugins/doc_fragments/hashivault.py
Normal file
107
plugins/doc_fragments/hashivault.py
Normal file
@ -0,0 +1,107 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
"""Implement documentation fragment for Hashivault module."""
|
||||
|
||||
from __future__ import (absolute_import, division, print_function)
|
||||
|
||||
__metaclass__ = type
|
||||
|
||||
|
||||
class ModuleDocFragment:
|
||||
# Standard documentation
|
||||
DOCUMENTATION = r"""
|
||||
requirements:
|
||||
- hvac>=0.10.1
|
||||
- ansible>=2.0.0
|
||||
- requests
|
||||
options:
|
||||
url:
|
||||
description:
|
||||
- URL of the Vault server.
|
||||
- You can use C(VAULT_ADDR) environment variable.
|
||||
default: ""
|
||||
type: str
|
||||
ca_cert:
|
||||
description:
|
||||
- Path to a PEM-encoded CA cert file to use to verify the Vault server
|
||||
TLS certificate.
|
||||
- You can use C(VAULT_CACERT) environment variable.
|
||||
default: ""
|
||||
type: str
|
||||
ca_path:
|
||||
description:
|
||||
- Path to a directory of PEM-encoded CA cert files to verify the Vault server
|
||||
TLS certificate. If ca_cert is specified, its value will take precedence.
|
||||
- You can use C(VAULT_CAPATH) environment variable.
|
||||
default: ""
|
||||
type: str
|
||||
client_cert:
|
||||
description:
|
||||
- Path to a PEM-encoded client certificate for TLS authentication to the Vault
|
||||
server.
|
||||
- You can use C(VAULT_CLIENT_CERT) environment variable.
|
||||
default: ""
|
||||
type: str
|
||||
client_key:
|
||||
description:
|
||||
- Path to an unencrypted PEM-encoded private key matching the client certificate.
|
||||
- You can use C(VAULT_CLIENT_KEY) environment variable.
|
||||
default: ""
|
||||
type: str
|
||||
verify:
|
||||
description:
|
||||
- If set, do not verify presented TLS certificate before communicating with Vault
|
||||
server. Setting this variable is not recommended except during testing.
|
||||
- You can use C(VAULT_SKIP_VERIFY) environment variable.
|
||||
default: false
|
||||
type: bool
|
||||
authtype:
|
||||
description:
|
||||
- Authentication type.
|
||||
- You can use C(VAULT_AUTHTYPE) environment variable.
|
||||
default: "token"
|
||||
type: str
|
||||
choices: ["token", "userpass", "github", "ldap", "approle"]
|
||||
login_mount_point:
|
||||
description:
|
||||
- Authentication mount point.
|
||||
- You can use C(VAULT_LOGIN_MOUNT_POINT) environment variable.
|
||||
type: str
|
||||
token:
|
||||
description:
|
||||
- Token for vault.
|
||||
- You can use C(VAULT_TOKEN) environment variable.
|
||||
type: str
|
||||
username:
|
||||
description:
|
||||
- Username to login to vault.
|
||||
- You can use C(VAULT_USER) environment variable.
|
||||
default: ""
|
||||
type: str
|
||||
password:
|
||||
description:
|
||||
- Password to login to vault.
|
||||
- You can use C(VAULT_PASSWORD) environment variable.
|
||||
type: str
|
||||
role_id:
|
||||
description:
|
||||
- Role id for vault.
|
||||
- You can use C(VAULT_ROLE_ID) environment variable.
|
||||
type: str
|
||||
secret_id:
|
||||
description:
|
||||
- Secret id for vault.
|
||||
- You can use C(VAULT_SECRET_ID) environment variable.
|
||||
type: str
|
||||
aws_header:
|
||||
description:
|
||||
- X-Vault-AWS-IAM-Server-ID Header value to prevent replay attacks.
|
||||
- You can use C(VAULT_AWS_HEADER) environment variable.
|
||||
type: str
|
||||
namespace:
|
||||
description:
|
||||
- Namespace for vault.
|
||||
- You can use C(VAULT_NAMESPACE) environment variable.
|
||||
type: str
|
||||
"""
|
Loading…
Reference in New Issue
Block a user