@ -42,18 +42,26 @@ options:
description :
description :
- " Specifies if a token should be created or revoked. "
- " Specifies if a token should be created or revoked. "
username :
username :
required : Tru e
required : Fals e
description :
description :
- " The name of the user. For example: I(admin@internal). "
- " The name of the user. For example: I(admin@internal)
Default value is set by I ( OVIRT_USERNAME ) environment variable . "
password :
password :
required : True
required : False
description :
- " The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable. "
token :
required : False
description :
description :
- " The password of the user. "
- " SSO token to be used instead of login with username/password.
Default value is set by I ( OVIRT_TOKEN ) environment variable . "
version_added : 2.5
url :
url :
required : True
required : Fals e
description :
description :
- " A string containing the base URL of the server.
- " A string containing the base URL of the server.
For example : I ( https : / / server . example . com / ovirt - engine / api ) . "
For example : I ( https : / / server . example . com / ovirt - engine / api ) .
Default value is set by I ( OVIRT_URL ) environment variable . "
insecure :
insecure :
required : False
required : False
description :
description :
@ -64,7 +72,8 @@ options:
- " A PEM file containing the trusted CA certificates. The
- " A PEM file containing the trusted CA certificates. The
certificate presented by the server will be verified using these CA
certificate presented by the server will be verified using these CA
certificates . If C ( ca_file ) parameter is not set , system wide
certificates . If C ( ca_file ) parameter is not set , system wide
CA certificate store is used . "
CA certificate store is used .
Default value is set by I ( OVIRT_CAFILE ) environment variable . "
timeout :
timeout :
required : False
required : False
description :
description :
@ -132,6 +141,19 @@ tasks:
ovirt_auth :
ovirt_auth :
state : absent
state : absent
ovirt_auth : " {{ ovirt_auth }} "
ovirt_auth : " {{ ovirt_auth }} "
# When user will set following environment variables:
# OVIRT_URL = https://fqdn/ovirt-engine/api
# OVIRT_USERNAME = admin@internal
# OVIRT_PASSWORD = the_password
# He can login the oVirt using environment variable instead of variables
# in yaml file.
# This is mainly usefull when using Ansible Tower or AWX, as it will work
# for Red Hat Virtualization creadentials type.
tasks :
- name : Obtain SSO token
ovirt_auth :
state : present
'''
'''
RETURN = '''
RETURN = '''
@ -181,6 +203,7 @@ ovirt_auth:
type : dict
type : dict
'''
'''
import os
import traceback
import traceback
try :
try :
@ -205,11 +228,11 @@ def main():
kerberos = dict ( required = False , type = ' bool ' , default = False ) ,
kerberos = dict ( required = False , type = ' bool ' , default = False ) ,
headers = dict ( required = False , type = ' dict ' ) ,
headers = dict ( required = False , type = ' dict ' ) ,
state = dict ( default = ' present ' , choices = [ ' present ' , ' absent ' ] ) ,
state = dict ( default = ' present ' , choices = [ ' present ' , ' absent ' ] ) ,
token = dict ( default = None ) ,
ovirt_auth = dict ( required = None , type = ' dict ' ) ,
ovirt_auth = dict ( required = None , type = ' dict ' ) ,
) ,
) ,
required_if = [
required_if = [
( ' state ' , ' absent ' , [ ' ovirt_auth ' ] ) ,
( ' state ' , ' absent ' , [ ' ovirt_auth ' ] ) ,
( ' state ' , ' present ' , [ ' username ' , ' password ' , ' url ' ] ) ,
] ,
] ,
supports_check_mode = True ,
supports_check_mode = True ,
)
)
@ -221,17 +244,23 @@ def main():
elif state == ' absent ' :
elif state == ' absent ' :
params = module . params [ ' ovirt_auth ' ]
params = module . params [ ' ovirt_auth ' ]
url = params . get ( ' url ' ) or os . environ . get ( ' OVIRT_URL ' )
username = params . get ( ' username ' ) or os . environ . get ( ' OVIRT_USERNAME ' )
password = params . get ( ' password ' ) or os . environ . get ( ' OVIRT_PASSWORD ' )
ca_file = params . get ( ' ca_file ' ) or os . environ . get ( ' OVIRT_CAFILE ' )
insecure = params . get ( ' insecure ' ) or ca_file is None
token = params . get ( ' token ' ) or os . environ . get ( ' OVIRT_TOKEN ' )
connection = sdk . Connection (
connection = sdk . Connection (
url = params . get ( ' url ' ) ,
url = url,
username = params . get ( ' username ' ) ,
username = username,
password = params . get ( ' password ' ) ,
password = pa ssword,
ca_file = params . get ( ' ca_file ' ) ,
ca_file = ca_file,
insecure = params . get ( ' insecure ' ) ,
insecure = insecure,
timeout = params . get ( ' timeout ' ) ,
timeout = params . get ( ' timeout ' ) ,
compress = params . get ( ' compress ' ) ,
compress = params . get ( ' compress ' ) ,
kerberos = params . get ( ' kerberos ' ) ,
kerberos = params . get ( ' kerberos ' ) ,
headers = params . get ( ' headers ' ) ,
headers = params . get ( ' headers ' ) ,
token = params. get ( ' token' ) ,
token = token,
)
)
try :
try :
token = connection . authenticate ( )
token = connection . authenticate ( )
@ -240,9 +269,9 @@ def main():
ansible_facts = dict (
ansible_facts = dict (
ovirt_auth = dict (
ovirt_auth = dict (
token = token ,
token = token ,
url = params. get ( ' url' ) ,
url = url,
ca_file = params. get ( ' ca_file' ) ,
ca_file = ca_file,
insecure = params. get ( ' insecure' ) ,
insecure = insecure,
timeout = params . get ( ' timeout ' ) ,
timeout = params . get ( ' timeout ' ) ,
compress = params . get ( ' compress ' ) ,
compress = params . get ( ' compress ' ) ,
kerberos = params . get ( ' kerberos ' ) ,
kerberos = params . get ( ' kerberos ' ) ,