mirror of https://github.com/ansible/ansible.git
Merge branch 'devel' of https://github.com/ansible/ansible-modules-extras into devel
Pavol Ipoth
9 years ago
commit
2be58bf100
@ -0,0 +1,137 @@
|
||||
#!/usr/bin/python
|
||||
# Copyright (c) 2016 Hewlett-Packard Enterprise Corporation
|
||||
#
|
||||
# This module is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This software is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this software. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
|
||||
try:
|
||||
import shade
|
||||
HAS_SHADE = True
|
||||
except ImportError:
|
||||
HAS_SHADE = False
|
||||
|
||||
DOCUMENTATION = '''
|
||||
---
|
||||
module: os_keystone_domain_facts
|
||||
short_description: Retrieve facts about one or more OpenStack domains
|
||||
extends_documentation_fragment: openstack
|
||||
version_added: "2.1"
|
||||
author: "Ricardo Carrillo Cruz (@rcarrillocruz)"
|
||||
description:
|
||||
- Retrieve facts about a one or more OpenStack domains
|
||||
requirements:
|
||||
- "python >= 2.6"
|
||||
- "shade"
|
||||
options:
|
||||
name:
|
||||
description:
|
||||
- Name or ID of the domain
|
||||
required: true
|
||||
filters:
|
||||
description:
|
||||
- A dictionary of meta data to use for further filtering. Elements of
|
||||
this dictionary may be additional dictionaries.
|
||||
required: false
|
||||
default: None
|
||||
'''
|
||||
|
||||
EXAMPLES = '''
|
||||
# Gather facts about previously created domain
|
||||
- os_keystone_domain_facts:
|
||||
cloud: awesomecloud
|
||||
- debug: var=openstack_domains
|
||||
|
||||
# Gather facts about a previously created domain by name
|
||||
- os_keystone_domain_facts:
|
||||
cloud: awesomecloud
|
||||
name: demodomain
|
||||
- debug: var=openstack_domains
|
||||
|
||||
# Gather facts about a previously created domain with filter
|
||||
- os_keystone_domain_facts
|
||||
cloud: awesomecloud
|
||||
name: demodomain
|
||||
filters:
|
||||
enabled: False
|
||||
- debug: var=openstack_domains
|
||||
'''
|
||||
|
||||
|
||||
RETURN = '''
|
||||
openstack_domains:
|
||||
description: has all the OpenStack facts about domains
|
||||
returned: always, but can be null
|
||||
type: complex
|
||||
contains:
|
||||
id:
|
||||
description: Unique UUID.
|
||||
returned: success
|
||||
type: string
|
||||
name:
|
||||
description: Name given to the domain.
|
||||
returned: success
|
||||
type: string
|
||||
description:
|
||||
description: Description of the domain.
|
||||
returned: success
|
||||
type: string
|
||||
enabled:
|
||||
description: Flag to indicate if the domain is enabled.
|
||||
returned: success
|
||||
type: bool
|
||||
'''
|
||||
|
||||
def main():
|
||||
|
||||
argument_spec = openstack_full_argument_spec(
|
||||
name=dict(required=False, default=None),
|
||||
filters=dict(required=False, type='dict', default=None),
|
||||
)
|
||||
module_kwargs = openstack_module_kwargs(
|
||||
mutually_exclusive=[
|
||||
['name', 'filters'],
|
||||
]
|
||||
)
|
||||
module = AnsibleModule(argument_spec, **module_kwargs)
|
||||
|
||||
if not HAS_SHADE:
|
||||
module.fail_json(msg='shade is required for this module')
|
||||
|
||||
try:
|
||||
name = module.params['name']
|
||||
filters = module.params['filters']
|
||||
|
||||
opcloud = shade.operator_cloud(**module.params)
|
||||
|
||||
if name:
|
||||
# Let's suppose user is passing domain ID
|
||||
try:
|
||||
domains = cloud.get_domain(name)
|
||||
except:
|
||||
domains = opcloud.search_domains(filters={'name': name})
|
||||
|
||||
else:
|
||||
domains = opcloud.search_domains(filters)
|
||||
|
||||
module.exit_json(changed=False, ansible_facts=dict(
|
||||
openstack_domains=domains))
|
||||
|
||||
except shade.OpenStackCloudException as e:
|
||||
module.fail_json(msg=str(e))
|
||||
|
||||
from ansible.module_utils.basic import *
|
||||
from ansible.module_utils.openstack import *
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
||||
@ -0,0 +1,225 @@
|
||||
#!/usr/bin/python
|
||||
|
||||
# Copyright (c) 2016 IBM
|
||||
#
|
||||
# This module is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This software is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this software. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
try:
|
||||
import shade
|
||||
HAS_SHADE = True
|
||||
except ImportError:
|
||||
HAS_SHADE = False
|
||||
|
||||
DOCUMENTATION = '''
|
||||
module: os_port_facts
|
||||
short_description: Retrieve facts about ports within OpenStack.
|
||||
version_added: "2.1"
|
||||
author: "David Shrewsbury (@Shrews)"
|
||||
description:
|
||||
- Retrieve facts about ports from OpenStack.
|
||||
notes:
|
||||
- Facts are placed in the C(openstack_ports) variable.
|
||||
requirements:
|
||||
- "python >= 2.6"
|
||||
- "shade"
|
||||
options:
|
||||
port:
|
||||
description:
|
||||
- Unique name or ID of a port.
|
||||
required: false
|
||||
default: null
|
||||
filters:
|
||||
description:
|
||||
- A dictionary of meta data to use for further filtering. Elements
|
||||
of this dictionary will be matched against the returned port
|
||||
dictionaries. Matching is currently limited to strings within
|
||||
the port dictionary, or strings within nested dictionaries.
|
||||
required: false
|
||||
default: null
|
||||
extends_documentation_fragment: openstack
|
||||
'''
|
||||
|
||||
EXAMPLES = '''
|
||||
# Gather facts about all ports
|
||||
- os_port_facts:
|
||||
cloud: mycloud
|
||||
|
||||
# Gather facts about a single port
|
||||
- os_port_facts:
|
||||
cloud: mycloud
|
||||
port: 6140317d-e676-31e1-8a4a-b1913814a471
|
||||
|
||||
# Gather facts about all ports that have device_id set to a specific value
|
||||
# and with a status of ACTIVE.
|
||||
- os_port_facts:
|
||||
cloud: mycloud
|
||||
filters:
|
||||
device_id: 1038a010-3a37-4a9d-82ea-652f1da36597
|
||||
status: ACTIVE
|
||||
'''
|
||||
|
||||
RETURN = '''
|
||||
openstack_ports:
|
||||
description: List of port dictionaries. A subset of the dictionary keys
|
||||
listed below may be returned, depending on your cloud provider.
|
||||
returned: always, but can be null
|
||||
type: complex
|
||||
contains:
|
||||
admin_state_up:
|
||||
description: The administrative state of the router, which is
|
||||
up (true) or down (false).
|
||||
returned: success
|
||||
type: boolean
|
||||
sample: true
|
||||
allowed_address_pairs:
|
||||
description: A set of zero or more allowed address pairs. An
|
||||
address pair consists of an IP address and MAC address.
|
||||
returned: success
|
||||
type: list
|
||||
sample: []
|
||||
"binding:host_id":
|
||||
description: The UUID of the host where the port is allocated.
|
||||
returned: success
|
||||
type: string
|
||||
sample: "b4bd682d-234a-4091-aa5b-4b025a6a7759"
|
||||
"binding:profile":
|
||||
description: A dictionary the enables the application running on
|
||||
the host to pass and receive VIF port-specific
|
||||
information to the plug-in.
|
||||
returned: success
|
||||
type: dict
|
||||
sample: {}
|
||||
"binding:vif_details":
|
||||
description: A dictionary that enables the application to pass
|
||||
information about functions that the Networking API
|
||||
provides.
|
||||
returned: success
|
||||
type: dict
|
||||
sample: {"port_filter": true}
|
||||
"binding:vif_type":
|
||||
description: The VIF type for the port.
|
||||
returned: success
|
||||
type: dict
|
||||
sample: "ovs"
|
||||
"binding:vnic_type":
|
||||
description: The virtual network interface card (vNIC) type that is
|
||||
bound to the neutron port.
|
||||
returned: success
|
||||
type: string
|
||||
sample: "normal"
|
||||
device_id:
|
||||
description: The UUID of the device that uses this port.
|
||||
returned: success
|
||||
type: string
|
||||
sample: "b4bd682d-234a-4091-aa5b-4b025a6a7759"
|
||||
device_owner:
|
||||
description: The UUID of the entity that uses this port.
|
||||
returned: success
|
||||
type: string
|
||||
sample: "network:router_interface"
|
||||
dns_assignment:
|
||||
description: DNS assignment information.
|
||||
returned: success
|
||||
type: list
|
||||
dns_name:
|
||||
description: DNS name
|
||||
returned: success
|
||||
type: string
|
||||
sample: ""
|
||||
extra_dhcp_opts:
|
||||
description: A set of zero or more extra DHCP option pairs.
|
||||
An option pair consists of an option value and name.
|
||||
returned: success
|
||||
type: list
|
||||
sample: []
|
||||
fixed_ips:
|
||||
description: The IP addresses for the port. Includes the IP address
|
||||
and UUID of the subnet.
|
||||
returned: success
|
||||
type: list
|
||||
id:
|
||||
description: The UUID of the port.
|
||||
returned: success
|
||||
type: string
|
||||
sample: "3ec25c97-7052-4ab8-a8ba-92faf84148de"
|
||||
ip_address:
|
||||
description: The IP address.
|
||||
returned: success
|
||||
type: string
|
||||
sample: "127.0.0.1"
|
||||
mac_address:
|
||||
description: The MAC address.
|
||||
returned: success
|
||||
type: string
|
||||
sample: "fa:16:30:5f:10:f1"
|
||||
name:
|
||||
description: The port name.
|
||||
returned: success
|
||||
type: string
|
||||
sample: "port_name"
|
||||
network_id:
|
||||
description: The UUID of the attached network.
|
||||
returned: success
|
||||
type: string
|
||||
sample: "dd1ede4f-3952-4131-aab6-3b8902268c7d"
|
||||
port_security_enabled:
|
||||
description: The port security status. The status is enabled (true) or disabled (false).
|
||||
returned: success
|
||||
type: boolean
|
||||
sample: false
|
||||
security_groups:
|
||||
description: The UUIDs of any attached security groups.
|
||||
returned: success
|
||||
type: list
|
||||
status:
|
||||
description: The port status.
|
||||
returned: success
|
||||
type: string
|
||||
sample: "ACTIVE"
|
||||
tenant_id:
|
||||
description: The UUID of the tenant who owns the network.
|
||||
returned: success
|
||||
type: string
|
||||
sample: "51fce036d7984ba6af4f6c849f65ef00"
|
||||
'''
|
||||
|
||||
|
||||
def main():
|
||||
argument_spec = openstack_full_argument_spec(
|
||||
port=dict(required=False),
|
||||
filters=dict(type='dict', required=False),
|
||||
)
|
||||
module_kwargs = openstack_module_kwargs()
|
||||
module = AnsibleModule(argument_spec, **module_kwargs)
|
||||
|
||||
if not HAS_SHADE:
|
||||
module.fail_json(msg='shade is required for this module')
|
||||
|
||||
port = module.params.pop('port')
|
||||
filters = module.params.pop('filters')
|
||||
|
||||
try:
|
||||
cloud = shade.openstack_cloud(**module.params)
|
||||
ports = cloud.search_ports(port, filters)
|
||||
module.exit_json(changed=False, ansible_facts=dict(
|
||||
openstack_ports=ports))
|
||||
|
||||
except shade.OpenStackCloudException as e:
|
||||
module.fail_json(msg=str(e))
|
||||
|
||||
from ansible.module_utils.basic import *
|
||||
from ansible.module_utils.openstack import *
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
||||
@ -0,0 +1,163 @@
|
||||
#!/usr/bin/python
|
||||
# Copyright (c) 2016 Hewlett-Packard Enterprise Corporation
|
||||
#
|
||||
# This module is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This software is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this software. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
|
||||
try:
|
||||
import shade
|
||||
HAS_SHADE = True
|
||||
except ImportError:
|
||||
HAS_SHADE = False
|
||||
|
||||
DOCUMENTATION = '''
|
||||
---
|
||||
module: os_project_facts
|
||||
short_description: Retrieve facts about one or more OpenStack projects
|
||||
extends_documentation_fragment: openstack
|
||||
version_added: "2.1"
|
||||
author: "Ricardo Carrillo Cruz (@rcarrillocruz)"
|
||||
description:
|
||||
- Retrieve facts about a one or more OpenStack projects
|
||||
requirements:
|
||||
- "python >= 2.6"
|
||||
- "shade"
|
||||
options:
|
||||
name:
|
||||
description:
|
||||
- Name or ID of the project
|
||||
required: true
|
||||
domain:
|
||||
description:
|
||||
- Name or ID of the domain containing the project if the cloud supports domains
|
||||
required: false
|
||||
default: None
|
||||
filters:
|
||||
description:
|
||||
- A dictionary of meta data to use for further filtering. Elements of
|
||||
this dictionary may be additional dictionaries.
|
||||
required: false
|
||||
default: None
|
||||
'''
|
||||
|
||||
EXAMPLES = '''
|
||||
# Gather facts about previously created projects
|
||||
- os_project_facts:
|
||||
cloud: awesomecloud
|
||||
- debug: var=openstack_projects
|
||||
|
||||
# Gather facts about a previously created project by name
|
||||
- os_project_facts:
|
||||
cloud: awesomecloud
|
||||
name: demoproject
|
||||
- debug: var=openstack_projects
|
||||
|
||||
# Gather facts about a previously created project in a specific domain
|
||||
- os_project_facts
|
||||
cloud: awesomecloud
|
||||
name: demoproject
|
||||
domain: admindomain
|
||||
- debug: var=openstack_projects
|
||||
|
||||
# Gather facts about a previously created project in a specific domain
|
||||
with filter
|
||||
- os_project_facts
|
||||
cloud: awesomecloud
|
||||
name: demoproject
|
||||
domain: admindomain
|
||||
filters:
|
||||
enabled: False
|
||||
- debug: var=openstack_projects
|
||||
'''
|
||||
|
||||
|
||||
RETURN = '''
|
||||
openstack_projects:
|
||||
description: has all the OpenStack facts about projects
|
||||
returned: always, but can be null
|
||||
type: complex
|
||||
contains:
|
||||
id:
|
||||
description: Unique UUID.
|
||||
returned: success
|
||||
type: string
|
||||
name:
|
||||
description: Name given to the project.
|
||||
returned: success
|
||||
type: string
|
||||
description:
|
||||
description: Description of the project
|
||||
returned: success
|
||||
type: string
|
||||
enabled:
|
||||
description: Flag to indicate if the project is enabled
|
||||
returned: success
|
||||
type: bool
|
||||
domain_id:
|
||||
description: Domain ID containing the project (keystone v3 clouds only)
|
||||
returned: success
|
||||
type: bool
|
||||
'''
|
||||
|
||||
def main():
|
||||
|
||||
argument_spec = openstack_full_argument_spec(
|
||||
name=dict(required=False, default=None),
|
||||
domain=dict(required=False, default=None),
|
||||
filters=dict(required=False, type='dict', default=None),
|
||||
)
|
||||
|
||||
module = AnsibleModule(argument_spec)
|
||||
|
||||
if not HAS_SHADE:
|
||||
module.fail_json(msg='shade is required for this module')
|
||||
|
||||
try:
|
||||
name = module.params['name']
|
||||
domain = module.params['domain']
|
||||
filters = module.params['filters']
|
||||
|
||||
opcloud = shade.operator_cloud(**module.params)
|
||||
|
||||
if domain:
|
||||
try:
|
||||
# We assume admin is passing domain id
|
||||
dom = opcloud.get_domain(domain)['id']
|
||||
domain = dom
|
||||
except:
|
||||
# If we fail, maybe admin is passing a domain name.
|
||||
# Note that domains have unique names, just like id.
|
||||
dom = opcloud.search_domains(filters={'name': domain})
|
||||
if dom:
|
||||
domain = dom[0]['id']
|
||||
else:
|
||||
module.fail_json(msg='Domain name or ID does not exist')
|
||||
|
||||
if not filters:
|
||||
filters = {}
|
||||
|
||||
filters['domain_id'] = domain
|
||||
|
||||
projects = opcloud.search_projects(name, filters)
|
||||
module.exit_json(changed=False, ansible_facts=dict(
|
||||
openstack_projects=projects))
|
||||
|
||||
except shade.OpenStackCloudException as e:
|
||||
module.fail_json(msg=str(e))
|
||||
|
||||
from ansible.module_utils.basic import *
|
||||
from ansible.module_utils.openstack import *
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
||||
@ -0,0 +1,172 @@
|
||||
#!/usr/bin/python
|
||||
# Copyright (c) 2016 Hewlett-Packard Enterprise Corporation
|
||||
#
|
||||
# This module is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This software is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this software. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
|
||||
try:
|
||||
import shade
|
||||
HAS_SHADE = True
|
||||
except ImportError:
|
||||
HAS_SHADE = False
|
||||
|
||||
DOCUMENTATION = '''
|
||||
---
|
||||
module: os_user_facts
|
||||
short_description: Retrieve facts about one or more OpenStack users
|
||||
extends_documentation_fragment: openstack
|
||||
version_added: "2.1"
|
||||
author: "Ricardo Carrillo Cruz (@rcarrillocruz)"
|
||||
description:
|
||||
- Retrieve facts about a one or more OpenStack users
|
||||
requirements:
|
||||
- "python >= 2.6"
|
||||
- "shade"
|
||||
options:
|
||||
name:
|
||||
description:
|
||||
- Name or ID of the user
|
||||
required: true
|
||||
domain:
|
||||
description:
|
||||
- Name or ID of the domain containing the user if the cloud supports domains
|
||||
required: false
|
||||
default: None
|
||||
filters:
|
||||
description:
|
||||
- A dictionary of meta data to use for further filtering. Elements of
|
||||
this dictionary may be additional dictionaries.
|
||||
required: false
|
||||
default: None
|
||||
'''
|
||||
|
||||
EXAMPLES = '''
|
||||
# Gather facts about previously created users
|
||||
- os_user_facts:
|
||||
cloud: awesomecloud
|
||||
- debug: var=openstack_users
|
||||
|
||||
# Gather facts about a previously created user by name
|
||||
- os_user_facts:
|
||||
cloud: awesomecloud
|
||||
name: demouser
|
||||
- debug: var=openstack_users
|
||||
|
||||
# Gather facts about a previously created user in a specific domain
|
||||
- os_user_facts
|
||||
cloud: awesomecloud
|
||||
name: demouser
|
||||
domain: admindomain
|
||||
- debug: var=openstack_users
|
||||
|
||||
# Gather facts about a previously created user in a specific domain
|
||||
with filter
|
||||
- os_user_facts
|
||||
cloud: awesomecloud
|
||||
name: demouser
|
||||
domain: admindomain
|
||||
filters:
|
||||
enabled: False
|
||||
- debug: var=openstack_users
|
||||
'''
|
||||
|
||||
|
||||
RETURN = '''
|
||||
openstack_users:
|
||||
description: has all the OpenStack facts about users
|
||||
returned: always, but can be null
|
||||
type: complex
|
||||
contains:
|
||||
id:
|
||||
description: Unique UUID.
|
||||
returned: success
|
||||
type: string
|
||||
name:
|
||||
description: Name given to the user.
|
||||
returned: success
|
||||
type: string
|
||||
enabled:
|
||||
description: Flag to indicate if the user is enabled
|
||||
returned: success
|
||||
type: bool
|
||||
domain_id:
|
||||
description: Domain ID containing the user
|
||||
returned: success
|
||||
type: string
|
||||
default_project_id:
|
||||
description: Default project ID of the user
|
||||
returned: success
|
||||
type: string
|
||||
email:
|
||||
description: Email of the user
|
||||
returned: success
|
||||
type: string
|
||||
username:
|
||||
description: Username of the user
|
||||
returned: success
|
||||
type: string
|
||||
'''
|
||||
|
||||
def main():
|
||||
|
||||
argument_spec = openstack_full_argument_spec(
|
||||
name=dict(required=False, default=None),
|
||||
domain=dict(required=False, default=None),
|
||||
filters=dict(required=False, type='dict', default=None),
|
||||
)
|
||||
|
||||
module = AnsibleModule(argument_spec)
|
||||
|
||||
if not HAS_SHADE:
|
||||
module.fail_json(msg='shade is required for this module')
|
||||
|
||||
try:
|
||||
name = module.params['name']
|
||||
domain = module.params['domain']
|
||||
filters = module.params['filters']
|
||||
|
||||
opcloud = shade.operator_cloud(**module.params)
|
||||
|
||||
if domain:
|
||||
try:
|
||||
# We assume admin is passing domain id
|
||||
dom = opcloud.get_domain(domain)['id']
|
||||
domain = dom
|
||||
except:
|
||||
# If we fail, maybe admin is passing a domain name.
|
||||
# Note that domains have unique names, just like id.
|
||||
dom = opcloud.search_domains(filters={'name': domain})
|
||||
if dom:
|
||||
domain = dom[0]['id']
|
||||
else:
|
||||
module.fail_json(msg='Domain name or ID does not exist')
|
||||
|
||||
if not filters:
|
||||
filters = {}
|
||||
|
||||
filters['domain_id'] = domain
|
||||
|
||||
users = opcloud.search_users(name,
|
||||
filters)
|
||||
module.exit_json(changed=False, ansible_facts=dict(
|
||||
openstack_users=users))
|
||||
|
||||
except shade.OpenStackCloudException as e:
|
||||
module.fail_json(msg=str(e))
|
||||
|
||||
from ansible.module_utils.basic import *
|
||||
from ansible.module_utils.openstack import *
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
||||
@ -0,0 +1,215 @@
|
||||
#!/usr/bin/python
|
||||
# (c) 2015, Werner Dijkerman (ikben@werner-dijkerman.nl)
|
||||
#
|
||||
# This file is part of Ansible
|
||||
#
|
||||
# Ansible is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# Ansible is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
DOCUMENTATION = '''
|
||||
---
|
||||
module: gitlab_group
|
||||
short_description: Creates/updates/deletes Gitlab Groups
|
||||
description:
|
||||
- When the group does not exists in Gitlab, it will be created.
|
||||
- When the group does exists and state=absent, the group will be deleted.
|
||||
version_added: "2.1"
|
||||
author: "Werner Dijkerman (@dj-wasabi)"
|
||||
requirements:
|
||||
- pyapi-gitlab python module
|
||||
options:
|
||||
server_url:
|
||||
description:
|
||||
- Url of Gitlab server, with protocol (http or https).
|
||||
required: true
|
||||
validate_certs:
|
||||
description:
|
||||
- When using https if SSL certificate needs to be verified.
|
||||
required: false
|
||||
default: true
|
||||
aliases:
|
||||
- verify_ssl
|
||||
login_user:
|
||||
description:
|
||||
- Gitlab user name.
|
||||
required: false
|
||||
default: null
|
||||
login_password:
|
||||
description:
|
||||
- Gitlab password for login_user
|
||||
required: false
|
||||
default: null
|
||||
login_token:
|
||||
description:
|
||||
- Gitlab token for logging in.
|
||||
required: false
|
||||
default: null
|
||||
name:
|
||||
description:
|
||||
- Name of the group you want to create.
|
||||
required: true
|
||||
path:
|
||||
description:
|
||||
- The path of the group you want to create, this will be server_url/group_path
|
||||
- If not supplied, the group_name will be used.
|
||||
required: false
|
||||
default: null
|
||||
state:
|
||||
description:
|
||||
- create or delete group.
|
||||
- Possible values are present and absent.
|
||||
required: false
|
||||
default: "present"
|
||||
choices: ["present", "absent"]
|
||||
'''
|
||||
|
||||
EXAMPLES = '''
|
||||
- name: "Delete Gitlab Group"
|
||||
local_action: gitlab_group
|
||||
server_url="http://gitlab.dj-wasabi.local"
|
||||
validate_certs=false
|
||||
login_token="WnUzDsxjy8230-Dy_k"
|
||||
name=my_first_group
|
||||
state=absent
|
||||
|
||||
- name: "Create Gitlab Group"
|
||||
local_action: gitlab_group
|
||||
server_url="https://gitlab.dj-wasabi.local"
|
||||
validate_certs=true
|
||||
login_user=dj-wasabi
|
||||
login_password="MySecretPassword"
|
||||
name=my_first_group
|
||||
path=my_first_group
|
||||
state=present
|
||||
'''
|
||||
|
||||
RETURN = '''# '''
|
||||
|
||||
try:
|
||||
import gitlab
|
||||
HAS_GITLAB_PACKAGE = True
|
||||
except:
|
||||
HAS_GITLAB_PACKAGE = False
|
||||
|
||||
|
||||
class GitLabGroup(object):
|
||||
def __init__(self, module, git):
|
||||
self._module = module
|
||||
self._gitlab = git
|
||||
|
||||
def createGroup(self, group_name, group_path):
|
||||
if self._module.check_mode:
|
||||
self._module.exit_json(changed=True)
|
||||
return self._gitlab.creategroup(group_name, group_path)
|
||||
|
||||
def deleteGroup(self, group_name):
|
||||
is_group_empty = True
|
||||
group_id = self.idGroup(group_name)
|
||||
|
||||
for project in self._gitlab.getall(self._gitlab.getprojects):
|
||||
owner = project['namespace']['name']
|
||||
if owner == group_name:
|
||||
is_group_empty = False
|
||||
|
||||
if is_group_empty:
|
||||
if self._module.check_mode:
|
||||
self._module.exit_json(changed=True)
|
||||
return self._gitlab.deletegroup(group_id)
|
||||
else:
|
||||
self._module.fail_json(msg="There are still projects in this group. These needs to be moved or deleted before this group can be removed.")
|
||||
|
||||
def existsGroup(self, group_name):
|
||||
for group in self._gitlab.getall(self._gitlab.getgroups):
|
||||
if group['name'] == group_name:
|
||||
return True
|
||||
return False
|
||||
|
||||
def idGroup(self, group_name):
|
||||
for group in self._gitlab.getall(self._gitlab.getgroups):
|
||||
if group['name'] == group_name:
|
||||
return group['id']
|
||||
|
||||
|
||||
def main():
|
||||
module = AnsibleModule(
|
||||
argument_spec=dict(
|
||||
server_url=dict(required=True),
|
||||
validate_certs=dict(required=False, default=True, type=bool, aliases=['verify_ssl']),
|
||||
login_user=dict(required=False, no_log=True),
|
||||
login_password=dict(required=False, no_log=True),
|
||||
login_token=dict(required=False, no_log=True),
|
||||
name=dict(required=True),
|
||||
path=dict(required=False),
|
||||
state=dict(default="present", choices=["present", "absent"]),
|
||||
),
|
||||
supports_check_mode=True
|
||||
)
|
||||
|
||||
if not HAS_GITLAB_PACKAGE:
|
||||
module.fail_json(msg="Missing requried gitlab module (check docs or install with: pip install pyapi-gitlab")
|
||||
|
||||
server_url = module.params['server_url']
|
||||
verify_ssl = module.params['validate_certs']
|
||||
login_user = module.params['login_user']
|
||||
login_password = module.params['login_password']
|
||||
login_token = module.params['login_token']
|
||||
group_name = module.params['name']
|
||||
group_path = module.params['path']
|
||||
state = module.params['state']
|
||||
|
||||
# We need both login_user and login_password or login_token, otherwise we fail.
|
||||
if login_user is not None and login_password is not None:
|
||||
use_credentials = True
|
||||
elif login_token is not None:
|
||||
use_credentials = False
|
||||
else:
|
||||
module.fail_json(msg="No login credentials are given. Use login_user with login_password, or login_token")
|
||||
|
||||
# Set group_path to group_name if it is empty.
|
||||
if group_path is None:
|
||||
group_path = group_name.replace(" ", "_")
|
||||
|
||||
# Lets make an connection to the Gitlab server_url, with either login_user and login_password
|
||||
# or with login_token
|
||||
try:
|
||||
if use_credentials:
|
||||
git = gitlab.Gitlab(host=server_url)
|
||||
git.login(user=login_user, password=login_password)
|
||||
else:
|
||||
git = gitlab.Gitlab(server_url, token=login_token, verify_ssl=verify_ssl)
|
||||
except Exception, e:
|
||||
module.fail_json(msg="Failed to connect to Gitlab server: %s " % e)
|
||||
|
||||
# Validate if group exists and take action based on "state"
|
||||
group = GitLabGroup(module, git)
|
||||
group_name = group_name.lower()
|
||||
group_exists = group.existsGroup(group_name)
|
||||
|
||||
if group_exists and state == "absent":
|
||||
group.deleteGroup(group_name)
|
||||
module.exit_json(changed=True, result="Successfully deleted group %s" % group_name)
|
||||
else:
|
||||
if state == "absent":
|
||||
module.exit_json(changed=False, result="Group deleted or does not exists")
|
||||
else:
|
||||
if group_exists:
|
||||
module.exit_json(changed=False)
|
||||
else:
|
||||
if group.createGroup(group_name, group_path):
|
||||
module.exit_json(changed=True, result="Successfully created or updated the group %s" % group_name)
|
||||
|
||||
|
||||
from ansible.module_utils.basic import *
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
||||
@ -0,0 +1,397 @@
|
||||
#!/usr/bin/python
|
||||
# (c) 2015, Werner Dijkerman (ikben@werner-dijkerman.nl)
|
||||
#
|
||||
# This file is part of Ansible
|
||||
#
|
||||
# Ansible is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# Ansible is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
DOCUMENTATION = '''
|
||||
---
|
||||
module: gitlab_project
|
||||
short_description: Creates/updates/deletes Gitlab Projects
|
||||
description:
|
||||
- When the project does not exists in Gitlab, it will be created.
|
||||
- When the project does exists and state=absent, the project will be deleted.
|
||||
- When changes are made to the project, the project will be updated.
|
||||
version_added: "2.1"
|
||||
author: "Werner Dijkerman (@dj-wasabi)"
|
||||
requirements:
|
||||
- pyapi-gitlab python module
|
||||
options:
|
||||
server_url:
|
||||
description:
|
||||
- Url of Gitlab server, with protocol (http or https).
|
||||
required: true
|
||||
validate_certs:
|
||||
description:
|
||||
- When using https if SSL certificate needs to be verified.
|
||||
required: false
|
||||
default: true
|
||||
aliases:
|
||||
- verify_ssl
|
||||
login_user:
|
||||
description:
|
||||
- Gitlab user name.
|
||||
required: false
|
||||
default: null
|
||||
login_password:
|
||||
description:
|
||||
- Gitlab password for login_user
|
||||
required: false
|
||||
default: null
|
||||
login_token:
|
||||
description:
|
||||
- Gitlab token for logging in.
|
||||
required: false
|
||||
default: null
|
||||
group:
|
||||
description:
|
||||
- The name of the group of which this projects belongs to.
|
||||
- When not provided, project will belong to user which is configured in 'login_user' or 'login_token'
|
||||
- When provided with username, project will be created for this user. 'login_user' or 'login_token' needs admin rights.
|
||||
required: false
|
||||
default: null
|
||||
name:
|
||||
description:
|
||||
- The name of the project
|
||||
required: true
|
||||
path:
|
||||
description:
|
||||
- The path of the project you want to create, this will be server_url/<group>/path
|
||||
- If not supplied, name will be used.
|
||||
required: false
|
||||
default: null
|
||||
description:
|
||||
description:
|
||||
- An description for the project.
|
||||
required: false
|
||||
default: null
|
||||
issues_enabled:
|
||||
description:
|
||||
- Whether you want to create issues or not.
|
||||
- Possible values are true and false.
|
||||
required: false
|
||||
default: true
|
||||
merge_requests_enabled:
|
||||
description:
|
||||
- If merge requests can be made or not.
|
||||
- Possible values are true and false.
|
||||
required: false
|
||||
default: true
|
||||
wiki_enabled:
|
||||
description:
|
||||
- If an wiki for this project should be available or not.
|
||||
- Possible values are true and false.
|
||||
required: false
|
||||
default: true
|
||||
snippets_enabled:
|
||||
description:
|
||||
- If creating snippets should be available or not.
|
||||
- Possible values are true and false.
|
||||
required: false
|
||||
default: true
|
||||
public:
|
||||
description:
|
||||
- If the project is public available or not.
|
||||
- Setting this to true is same as setting visibility_level to 20.
|
||||
- Possible values are true and false.
|
||||
required: false
|
||||
default: false
|
||||
visibility_level:
|
||||
description:
|
||||
- Private. visibility_level is 0. Project access must be granted explicitly for each user.
|
||||
- Internal. visibility_level is 10. The project can be cloned by any logged in user.
|
||||
- Public. visibility_level is 20. The project can be cloned without any authentication.
|
||||
- Possible values are 0, 10 and 20.
|
||||
required: false
|
||||
default: 0
|
||||
import_url:
|
||||
description:
|
||||
- Git repository which will me imported into gitlab.
|
||||
- Gitlab server needs read access to this git repository.
|
||||
required: false
|
||||
default: false
|
||||
state:
|
||||
description:
|
||||
- create or delete project.
|
||||
- Possible values are present and absent.
|
||||
required: false
|
||||
default: "present"
|
||||
choices: ["present", "absent"]
|
||||
'''
|
||||
|
||||
EXAMPLES = '''
|
||||
- name: "Delete Gitlab Project"
|
||||
local_action: gitlab_project
|
||||
server_url="http://gitlab.dj-wasabi.local"
|
||||
validate_certs=false
|
||||
login_token="WnUzDsxjy8230-Dy_k"
|
||||
name=my_first_project
|
||||
state=absent
|
||||
|
||||
- name: "Create Gitlab Project in group Ansible"
|
||||
local_action: gitlab_project
|
||||
server_url="https://gitlab.dj-wasabi.local"
|
||||
validate_certs=true
|
||||
login_user=dj-wasabi
|
||||
login_password="MySecretPassword"
|
||||
name=my_first_project
|
||||
group=ansible
|
||||
issues_enabled=false
|
||||
wiki_enabled=true
|
||||
snippets_enabled=true
|
||||
import_url="http://git.example.com/example/lab.git"
|
||||
state=present
|
||||
'''
|
||||
|
||||
RETURN = '''# '''
|
||||
|
||||
try:
|
||||
import gitlab
|
||||
HAS_GITLAB_PACKAGE = True
|
||||
except:
|
||||
HAS_GITLAB_PACKAGE = False
|
||||
|
||||
|
||||
class GitLabProject(object):
|
||||
def __init__(self, module, git):
|
||||
self._module = module
|
||||
self._gitlab = git
|
||||
|
||||
def createOrUpdateProject(self, project_exists, group_name, import_url, arguments):
|
||||
is_user = False
|
||||
group_id = self.getGroupId(group_name)
|
||||
if not group_id:
|
||||
group_id = self.getUserId(group_name)
|
||||
is_user = True
|
||||
|
||||
if project_exists:
|
||||
# Edit project
|
||||
return self.updateProject(group_name, arguments)
|
||||
else:
|
||||
# Create project
|
||||
if self._module.check_mode:
|
||||
self._module.exit_json(changed=True)
|
||||
return self.createProject(is_user, group_id, import_url, arguments)
|
||||
|
||||
def createProject(self, is_user, user_id, import_url, arguments):
|
||||
if is_user:
|
||||
return self._gitlab.createprojectuser(user_id=user_id, import_url=import_url, **arguments)
|
||||
else:
|
||||
group_id = user_id
|
||||
return self._gitlab.createproject(namespace_id=group_id, import_url=import_url, **arguments)
|
||||
|
||||
def deleteProject(self, group_name, project_name):
|
||||
if self.existsGroup(group_name):
|
||||
project_owner = group_name
|
||||
else:
|
||||
project_owner = self._gitlab.currentuser()['username']
|
||||
|
||||
search_results = self._gitlab.searchproject(search=project_name)
|
||||
for result in search_results:
|
||||
owner = result['namespace']['name']
|
||||
if owner == project_owner:
|
||||
return self._gitlab.deleteproject(result['id'])
|
||||
|
||||
def existsProject(self, group_name, project_name):
|
||||
if self.existsGroup(group_name):
|
||||
project_owner = group_name
|
||||
else:
|
||||
project_owner = self._gitlab.currentuser()['username']
|
||||
|
||||
search_results = self._gitlab.searchproject(search=project_name)
|
||||
for result in search_results:
|
||||
owner = result['namespace']['name']
|
||||
if owner == project_owner:
|
||||
return True
|
||||
return False
|
||||
|
||||
def existsGroup(self, group_name):
|
||||
if group_name is not None:
|
||||
# Find the group, if group not exists we try for user
|
||||
for group in self._gitlab.getall(self._gitlab.getgroups):
|
||||
if group['name'] == group_name:
|
||||
return True
|
||||
|
||||
user_name = group_name
|
||||
user_data = self._gitlab.getusers(search=user_name)
|
||||
for data in user_data:
|
||||
if 'id' in user_data:
|
||||
return True
|
||||
return False
|
||||
|
||||
def getGroupId(self, group_name):
|
||||
if group_name is not None:
|
||||
# Find the group, if group not exists we try for user
|
||||
for group in self._gitlab.getall(self._gitlab.getgroups):
|
||||
if group['name'] == group_name:
|
||||
return group['id']
|
||||
|
||||
def getProjectId(self, group_name, project_name):
|
||||
if self.existsGroup(group_name):
|
||||
project_owner = group_name
|
||||
else:
|
||||
project_owner = self._gitlab.currentuser()['username']
|
||||
|
||||
search_results = self._gitlab.searchproject(search=project_name)
|
||||
for result in search_results:
|
||||
owner = result['namespace']['name']
|
||||
if owner == project_owner:
|
||||
return result['id']
|
||||
|
||||
def getUserId(self, user_name):
|
||||
user_data = self._gitlab.getusers(search=user_name)
|
||||
|
||||
for data in user_data:
|
||||
if 'id' in data:
|
||||
return data['id']
|
||||
return self._gitlab.currentuser()['id']
|
||||
|
||||
def to_bool(self, value):
|
||||
if value:
|
||||
return 1
|
||||
else:
|
||||
return 0
|
||||
|
||||
def updateProject(self, group_name, arguments):
|
||||
project_changed = False
|
||||
project_name = arguments['name']
|
||||
project_id = self.getProjectId(group_name, project_name)
|
||||
project_data = self._gitlab.getproject(project_id=project_id)
|
||||
|
||||
for arg_key, arg_value in arguments.items():
|
||||
project_data_value = project_data[arg_key]
|
||||
|
||||
if isinstance(project_data_value, bool) or project_data_value is None:
|
||||
to_bool = self.to_bool(project_data_value)
|
||||
if to_bool != arg_value:
|
||||
project_changed = True
|
||||
continue
|
||||
else:
|
||||
if project_data_value != arg_value:
|
||||
project_changed = True
|
||||
|
||||
if project_changed:
|
||||
if self._module.check_mode:
|
||||
self._module.exit_json(changed=True)
|
||||
return self._gitlab.editproject(project_id=project_id, **arguments)
|
||||
else:
|
||||
return False
|
||||
|
||||
|
||||
def main():
|
||||
module = AnsibleModule(
|
||||
argument_spec=dict(
|
||||
server_url=dict(required=True),
|
||||
validate_certs=dict(required=False, default=True, type=bool, aliases=['verify_ssl']),
|
||||
login_user=dict(required=False, no_log=True),
|
||||
login_password=dict(required=False, no_log=True),
|
||||
login_token=dict(required=False, no_log=True),
|
||||
group=dict(required=False),
|
||||
name=dict(required=True),
|
||||
path=dict(required=False),
|
||||
description=dict(required=False),
|
||||
issues_enabled=dict(default=True, type=bool),
|
||||
merge_requests_enabled=dict(default=True, type=bool),
|
||||
wiki_enabled=dict(default=True, type=bool),
|
||||
snippets_enabled=dict(default=True, type=bool),
|
||||
public=dict(default=False, type=bool),
|
||||
visibility_level=dict(default="0", choices=["0", "10", "20"]),
|
||||
import_url=dict(required=False),
|
||||
state=dict(default="present", choices=["present", 'absent']),
|
||||
),
|
||||
supports_check_mode=True
|
||||
)
|
||||
|
||||
if not HAS_GITLAB_PACKAGE:
|
||||
module.fail_json(msg="Missing required gitlab module (check docs or install with: pip install pyapi-gitlab")
|
||||
|
||||
server_url = module.params['server_url']
|
||||
verify_ssl = module.params['validate_certs']
|
||||
login_user = module.params['login_user']
|
||||
login_password = module.params['login_password']
|
||||
login_token = module.params['login_token']
|
||||
group_name = module.params['group']
|
||||
project_name = module.params['name']
|
||||
project_path = module.params['path']
|
||||
description = module.params['description']
|
||||
issues_enabled = module.params['issues_enabled']
|
||||
merge_requests_enabled = module.params['merge_requests_enabled']
|
||||
wiki_enabled = module.params['wiki_enabled']
|
||||
snippets_enabled = module.params['snippets_enabled']
|
||||
public = module.params['public']
|
||||
visibility_level = module.params['visibility_level']
|
||||
import_url = module.params['import_url']
|
||||
state = module.params['state']
|
||||
|
||||
# We need both login_user and login_password or login_token, otherwise we fail.
|
||||
if login_user is not None and login_password is not None:
|
||||
use_credentials = True
|
||||
elif login_token is not None:
|
||||
use_credentials = False
|
||||
else:
|
||||
module.fail_json(msg="No login credentials are given. Use login_user with login_password, or login_token")
|
||||
|
||||
# Set project_path to project_name if it is empty.
|
||||
if project_path is None:
|
||||
project_path = project_name.replace(" ", "_")
|
||||
|
||||
# Gitlab API makes no difference between upper and lower cases, so we lower them.
|
||||
project_name = project_name.lower()
|
||||
project_path = project_path.lower()
|
||||
if group_name is not None:
|
||||
group_name = group_name.lower()
|
||||
|
||||
# Lets make an connection to the Gitlab server_url, with either login_user and login_password
|
||||
# or with login_token
|
||||
try:
|
||||
if use_credentials:
|
||||
git = gitlab.Gitlab(host=server_url)
|
||||
git.login(user=login_user, password=login_password)
|
||||
else:
|
||||
git = gitlab.Gitlab(server_url, token=login_token, verify_ssl=verify_ssl)
|
||||
except Exception, e:
|
||||
module.fail_json(msg="Failed to connect to Gitlab server: %s " % e)
|
||||
|
||||
# Validate if project exists and take action based on "state"
|
||||
project = GitLabProject(module, git)
|
||||
project_exists = project.existsProject(group_name, project_name)
|
||||
|
||||
# Creating the project dict
|
||||
arguments = {"name": project_name,
|
||||
"path": project_path,
|
||||
"description": description,
|
||||
"issues_enabled": project.to_bool(issues_enabled),
|
||||
"merge_requests_enabled": project.to_bool(merge_requests_enabled),
|
||||
"wiki_enabled": project.to_bool(wiki_enabled),
|
||||
"snippets_enabled": project.to_bool(snippets_enabled),
|
||||
"public": project.to_bool(public),
|
||||
"visibility_level": int(visibility_level)}
|
||||
|
||||
if project_exists and state == "absent":
|
||||
project.deleteProject(group_name, project_name)
|
||||
module.exit_json(changed=True, result="Successfully deleted project %s" % project_name)
|
||||
else:
|
||||
if state == "absent":
|
||||
module.exit_json(changed=False, result="Project deleted or does not exists")
|
||||
else:
|
||||
if project.createOrUpdateProject(project_exists, group_name, import_url, arguments):
|
||||
module.exit_json(changed=True, result="Successfully created or updated the project %s" % project_name)
|
||||
else:
|
||||
module.exit_json(changed=False)
|
||||
|
||||
from ansible.module_utils.basic import *
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
||||
@ -0,0 +1,348 @@
|
||||
#!/usr/bin/python
|
||||
# (c) 2015, Werner Dijkerman (ikben@werner-dijkerman.nl)
|
||||
#
|
||||
# This file is part of Ansible
|
||||
#
|
||||
# Ansible is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# Ansible is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
DOCUMENTATION = '''
|
||||
---
|
||||
module: gitlab_user
|
||||
short_description: Creates/updates/deletes Gitlab Users
|
||||
description:
|
||||
- When the user does not exists in Gitlab, it will be created.
|
||||
- When the user does exists and state=absent, the user will be deleted.
|
||||
- When changes are made to user, the user will be updated.
|
||||
version_added: "2.1"
|
||||
author: "Werner Dijkerman (@dj-wasabi)"
|
||||
requirements:
|
||||
- pyapi-gitlab python module
|
||||
options:
|
||||
server_url:
|
||||
description:
|
||||
- Url of Gitlab server, with protocol (http or https).
|
||||
required: true
|
||||
validate_certs:
|
||||
description:
|
||||
- When using https if SSL certificate needs to be verified.
|
||||
required: false
|
||||
default: true
|
||||
aliases:
|
||||
- verify_ssl
|
||||
login_user:
|
||||
description:
|
||||
- Gitlab user name.
|
||||
required: false
|
||||
default: null
|
||||
login_password:
|
||||
description:
|
||||
- Gitlab password for login_user
|
||||
required: false
|
||||
default: null
|
||||
login_token:
|
||||
description:
|
||||
- Gitlab token for logging in.
|
||||
required: false
|
||||
default: null
|
||||
name:
|
||||
description:
|
||||
- Name of the user you want to create
|
||||
required: true
|
||||
username:
|
||||
description:
|
||||
- The username of the user.
|
||||
required: true
|
||||
password:
|
||||
description:
|
||||
- The password of the user.
|
||||
required: true
|
||||
email:
|
||||
description:
|
||||
- The email that belongs to the user.
|
||||
required: true
|
||||
sshkey_name:
|
||||
description:
|
||||
- The name of the sshkey
|
||||
required: false
|
||||
default: null
|
||||
sshkey_file:
|
||||
description:
|
||||
- The ssh key itself.
|
||||
required: false
|
||||
default: null
|
||||
group:
|
||||
description:
|
||||
- Add user as an member to this group.
|
||||
required: false
|
||||
default: null
|
||||
access_level:
|
||||
description:
|
||||
- The access level to the group. One of the following can be used.
|
||||
- guest
|
||||
- reporter
|
||||
- developer
|
||||
- master
|
||||
- owner
|
||||
required: false
|
||||
default: null
|
||||
state:
|
||||
description:
|
||||
- create or delete group.
|
||||
- Possible values are present and absent.
|
||||
required: false
|
||||
default: present
|
||||
choices: ["present", "absent"]
|
||||
'''
|
||||
|
||||
EXAMPLES = '''
|
||||
- name: "Delete Gitlab User"
|
||||
local_action: gitlab_user
|
||||
server_url="http://gitlab.dj-wasabi.local"
|
||||
validate_certs=false
|
||||
login_token="WnUzDsxjy8230-Dy_k"
|
||||
username=myusername
|
||||
state=absent
|
||||
|
||||
- name: "Create Gitlab User"
|
||||
local_action: gitlab_user
|
||||
server_url="https://gitlab.dj-wasabi.local"
|
||||
validate_certs=true
|
||||
login_user=dj-wasabi
|
||||
login_password="MySecretPassword"
|
||||
name=My Name
|
||||
username=myusername
|
||||
password=mysecretpassword
|
||||
email=me@home.com
|
||||
sshkey_name=MySSH
|
||||
sshkey_file=ssh-rsa AAAAB3NzaC1yc...
|
||||
state=present
|
||||
'''
|
||||
|
||||
RETURN = '''# '''
|
||||
|
||||
try:
|
||||
import gitlab
|
||||
HAS_GITLAB_PACKAGE = True
|
||||
except:
|
||||
HAS_GITLAB_PACKAGE = False
|
||||
|
||||
|
||||
class GitLabUser(object):
|
||||
def __init__(self, module, git):
|
||||
self._module = module
|
||||
self._gitlab = git
|
||||
|
||||
def addToGroup(self, group_id, user_id, access_level):
|
||||
if access_level == "guest":
|
||||
level = 10
|
||||
elif access_level == "reporter":
|
||||
level = 20
|
||||
elif access_level == "developer":
|
||||
level = 30
|
||||
elif access_level == "master":
|
||||
level = 40
|
||||
elif access_level == "owner":
|
||||
level = 50
|
||||
return self._gitlab.addgroupmember(group_id, user_id, level)
|
||||
|
||||
def createOrUpdateUser(self, user_name, user_username, user_password, user_email, user_sshkey_name, user_sshkey_file, group_name, access_level):
|
||||
group_id = ''
|
||||
arguments = {"name": user_name,
|
||||
"username": user_username,
|
||||
"email": user_email}
|
||||
|
||||
if group_name is not None:
|
||||
if self.existsGroup(group_name):
|
||||
group_id = self.getGroupId(group_name)
|
||||
|
||||
if self.existsUser(user_username):
|
||||
self.updateUser(group_id, user_sshkey_name, user_sshkey_file, access_level, arguments)
|
||||
else:
|
||||
if self._module.check_mode:
|
||||
self._module.exit_json(changed=True)
|
||||
self.createUser(group_id, user_password, user_sshkey_name, user_sshkey_file, access_level, arguments)
|
||||
|
||||
def createUser(self, group_id, user_password, user_sshkey_name, user_sshkey_file, access_level, arguments):
|
||||
user_changed = False
|
||||
|
||||
# Create the user
|
||||
user_username = arguments['username']
|
||||
user_name = arguments['name']
|
||||
user_email = arguments['email']
|
||||
if self._gitlab.createuser(password=user_password, **arguments):
|
||||
user_id = self.getUserId(user_username)
|
||||
if self._gitlab.addsshkeyuser(user_id=user_id, title=user_sshkey_name, key=user_sshkey_file):
|
||||
user_changed = True
|
||||
# Add the user to the group if group_id is not empty
|
||||
if group_id != '':
|
||||
if self.addToGroup(group_id, user_id, access_level):
|
||||
user_changed = True
|
||||
user_changed = True
|
||||
|
||||
# Exit with change to true or false
|
||||
if user_changed:
|
||||
self._module.exit_json(changed=True, result="Created the user")
|
||||
else:
|
||||
self._module.exit_json(changed=False)
|
||||
|
||||
def deleteUser(self, user_username):
|
||||
user_id = self.getUserId(user_username)
|
||||
|
||||
if self._gitlab.deleteuser(user_id):
|
||||
self._module.exit_json(changed=True, result="Successfully deleted user %s" % user_username)
|
||||
else:
|
||||
self._module.exit_json(changed=False, result="User %s already deleted or something went wrong" % user_username)
|
||||
|
||||
def existsGroup(self, group_name):
|
||||
for group in self._gitlab.getall(self._gitlab.getgroups):
|
||||
if group['name'] == group_name:
|
||||
return True
|
||||
return False
|
||||
|
||||
def existsUser(self, username):
|
||||
found_user = self._gitlab.getusers(search=username)
|
||||
for user in found_user:
|
||||
if user['id'] != '':
|
||||
return True
|
||||
return False
|
||||
|
||||
def getGroupId(self, group_name):
|
||||
for group in self._gitlab.getall(self._gitlab.getgroups):
|
||||
if group['name'] == group_name:
|
||||
return group['id']
|
||||
|
||||
def getUserId(self, username):
|
||||
found_user = self._gitlab.getusers(search=username)
|
||||
for user in found_user:
|
||||
if user['id'] != '':
|
||||
return user['id']
|
||||
|
||||
def updateUser(self, group_id, user_sshkey_name, user_sshkey_file, access_level, arguments):
|
||||
user_changed = False
|
||||
user_username = arguments['username']
|
||||
user_id = self.getUserId(user_username)
|
||||
user_data = self._gitlab.getuser(user_id=user_id)
|
||||
|
||||
# Lets check if we need to update the user
|
||||
for arg_key, arg_value in arguments.items():
|
||||
if user_data[arg_key] != arg_value:
|
||||
user_changed = True
|
||||
|
||||
if user_changed:
|
||||
if self._module.check_mode:
|
||||
self._module.exit_json(changed=True)
|
||||
self._gitlab.edituser(user_id=user_id, **arguments)
|
||||
user_changed = True
|
||||
if self._module.check_mode or self._gitlab.addsshkeyuser(user_id=user_id, title=user_sshkey_name, key=user_sshkey_file):
|
||||
user_changed = True
|
||||
if group_id != '':
|
||||
if self._module.check_mode or self.addToGroup(group_id, user_id, access_level):
|
||||
user_changed = True
|
||||
if user_changed:
|
||||
self._module.exit_json(changed=True, result="The user %s is updated" % user_username)
|
||||
else:
|
||||
self._module.exit_json(changed=False, result="The user %s is already up2date" % user_username)
|
||||
|
||||
|
||||
def main():
|
||||
global user_id
|
||||
module = AnsibleModule(
|
||||
argument_spec=dict(
|
||||
server_url=dict(required=True),
|
||||
validate_certs=dict(required=False, default=True, type=bool, aliases=['verify_ssl']),
|
||||
login_user=dict(required=False, no_log=True),
|
||||
login_password=dict(required=False, no_log=True),
|
||||
login_token=dict(required=False, no_log=True),
|
||||
name=dict(required=True),
|
||||
username=dict(required=True),
|
||||
password=dict(required=True),
|
||||
email=dict(required=True),
|
||||
sshkey_name=dict(required=False),
|
||||
sshkey_file=dict(required=False),
|
||||
group=dict(required=False),
|
||||
access_level=dict(required=False, choices=["guest", "reporter", "developer", "master", "owner"]),
|
||||
state=dict(default="present", choices=["present", "absent"]),
|
||||
),
|
||||
supports_check_mode=True
|
||||
)
|
||||
|
||||
if not HAS_GITLAB_PACKAGE:
|
||||
module.fail_json(msg="Missing required gitlab module (check docs or install with: pip install pyapi-gitlab")
|
||||
|
||||
server_url = module.params['server_url']
|
||||
verify_ssl = module.params['validate_certs']
|
||||
login_user = module.params['login_user']
|
||||
login_password = module.params['login_password']
|
||||
login_token = module.params['login_token']
|
||||
user_name = module.params['name']
|
||||
user_username = module.params['username']
|
||||
user_password = module.params['password']
|
||||
user_email = module.params['email']
|
||||
user_sshkey_name = module.params['sshkey_name']
|
||||
user_sshkey_file = module.params['sshkey_file']
|
||||
group_name = module.params['group']
|
||||
access_level = module.params['access_level']
|
||||
state = module.params['state']
|
||||
|
||||
# We need both login_user and login_password or login_token, otherwise we fail.
|
||||
if login_user is not None and login_password is not None:
|
||||
use_credentials = True
|
||||
elif login_token is not None:
|
||||
use_credentials = False
|
||||
else:
|
||||
module.fail_json(msg="No login credentials are given. Use login_user with login_password, or login_token")
|
||||
|
||||
# Check if vars are none
|
||||
if user_sshkey_file is not None and user_sshkey_name is not None:
|
||||
use_sshkey = True
|
||||
else:
|
||||
use_sshkey = False
|
||||
|
||||
if group_name is not None and access_level is not None:
|
||||
add_to_group = True
|
||||
group_name = group_name.lower()
|
||||
else:
|
||||
add_to_group = False
|
||||
|
||||
user_username = user_username.lower()
|
||||
|
||||
# Lets make an connection to the Gitlab server_url, with either login_user and login_password
|
||||
# or with login_token
|
||||
try:
|
||||
if use_credentials:
|
||||
git = gitlab.Gitlab(host=server_url)
|
||||
git.login(user=login_user, password=login_password)
|
||||
else:
|
||||
git = gitlab.Gitlab(server_url, token=login_token, verify_ssl=verify_ssl)
|
||||
except Exception, e:
|
||||
module.fail_json(msg="Failed to connect to Gitlab server: %s " % e)
|
||||
|
||||
# Validate if group exists and take action based on "state"
|
||||
user = GitLabUser(module, git)
|
||||
|
||||
# Check if user exists, if not exists and state = absent, we exit nicely.
|
||||
if not user.existsUser(user_username) and state == "absent":
|
||||
module.exit_json(changed=False, result="User already deleted or does not exists")
|
||||
else:
|
||||
# User exists,
|
||||
if state == "absent":
|
||||
user.deleteUser(user_username)
|
||||
else:
|
||||
user.createOrUpdateUser(user_name, user_username, user_password, user_email, user_sshkey_name, user_sshkey_file, group_name, access_level)
|
||||
|
||||
|
||||
from ansible.module_utils.basic import *
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
||||
Loading…
Reference in New Issue