@ -16,7 +16,7 @@
DOCUMENTATION = '''
DOCUMENTATION = '''
---
---
module: gcs
module: gc_ storage
short_description: This module help users manage objects/buckets in GCS (Google Cloud Storage).
short_description: This module help users manage objects/buckets in GCS (Google Cloud Storage).
description:
description:
- This module allows users to manage their objects/buckets in GCS in an idempotent way. Users can do operations like PUT, GET and set some pre-canned permissions on those objects.Users can also retrieve the urls to their objects to be used in playbooks. They can also use the module to get the string contents of the objects. Please note that this module is compatible with API version 1 of GCS. so it expects the user to set the default project before using this module, Have a lookt at "https://developers.google.com/storage/docs/reference/v1/apiversion1" to set the default project.
- This module allows users to manage their objects/buckets in GCS in an idempotent way. Users can do operations like PUT, GET and set some pre-canned permissions on those objects.Users can also retrieve the urls to their objects to be used in playbooks. They can also use the module to get the string contents of the objects. Please note that this module is compatible with API version 1 of GCS. so it expects the user to set the default project before using this module, Have a lookt at "https://developers.google.com/storage/docs/reference/v1/apiversion1" to set the default project.
@ -55,6 +55,12 @@ options:
- This option let's the user set the canned permissions on the object/bucket that are created. The permissions that can be set are 'private', 'public-read', 'authenticated-read'.
- This option let's the user set the canned permissions on the object/bucket that are created. The permissions that can be set are 'private', 'public-read', 'authenticated-read'.
required: false
required: false
default: private
default: private
expiry:
description:
- Time limit (in seconds) for the URL generated and returned by GCA when performing a mode=put or mode=geturl operation. This url is only avaialbe when public-read is the acl for the object.
required: false
default: null
aliases: []
mode:
mode:
description:
description:
- Switches the module behaviour between put (upload), get (download), geturl (return download url) , getstr (download object as string), create (bucket) and delete (bucket).
- Switches the module behaviour between put (upload), get (download), geturl (return download url) , getstr (download object as string), create (bucket) and delete (bucket).
@ -64,14 +70,16 @@ options:
gcs_secret_key:
gcs_secret_key:
description:
description:
- GCS secret key. If not set then the value of the GCS_SECRET_KEY environment variable is used.
- GCS secret key. If not set then the value of the GCS_SECRET_KEY environment variable is used.
required: fals e
required: tru e
default: null
default: null
gcs_access_key:
gcs_access_key:
description:
description:
- GCS access key. If not set then the value of the GCS_ACCESS_KEY environment variable is used.
- GCS access key. If not set then the value of the GCS_ACCESS_KEY environment variable is used.
required: fals e
required: tru e
default: null
default: null
requirements: [ "boto" ]
requirements: [ "boto 2.9+" ]
author: benno@ansibleworks.com Note. Most of the code has been taken from the S3 module.
author: benno@ansibleworks.com Note. Most of the code has been taken from the S3 module.
'''
'''
@ -103,7 +111,7 @@ import hashlib
try:
try:
import boto
import boto
except ImportError:
except ImportError:
print "failed=True msg='boto required for this module'"
print "failed=True msg='boto 2.9+ required for this module'"
sys.exit(1)
sys.exit(1)
def grant_check(module, gs, obj):
def grant_check(module, gs, obj):
@ -145,7 +153,6 @@ def keysum(module, gs, bucket, obj):
etag_multipart = md5_remote.find('-')!=-1 #Check for multipart, etag is not md5
etag_multipart = md5_remote.find('-')!=-1 #Check for multipart, etag is not md5
if etag_multipart is True:
if etag_multipart is True:
module.fail_json(msg="Files uploaded with multipart of gs are not supported with checksum, unable to compute checksum.")
module.fail_json(msg="Files uploaded with multipart of gs are not supported with checksum, unable to compute checksum.")
sys.exit(0)
return md5_remote
return md5_remote
def bucket_check(module, gs, bucket):
def bucket_check(module, gs, bucket):
@ -203,7 +210,6 @@ def upload_file_check(src):
file_exists is False
file_exists is False
if os.path.isdir(src):
if os.path.isdir(src):
module.fail_json(msg="Specifying a directory is not a valid source for upload.", failed=True)
module.fail_json(msg="Specifying a directory is not a valid source for upload.", failed=True)
sys.exit(0)
return file_exists
return file_exists
def path_check(path):
def path_check(path):
@ -220,7 +226,6 @@ def upload_gsfile(module, gs, bucket, obj, src, expiry):
key.set_acl(module.params.get('permission'))
key.set_acl(module.params.get('permission'))
url = key.generate_url(expiry)
url = key.generate_url(expiry)
module.exit_json(msg="PUT operation complete", url=url, changed=True)
module.exit_json(msg="PUT operation complete", url=url, changed=True)
sys.exit(0)
except gs.provider.storage_copy_error, e:
except gs.provider.storage_copy_error, e:
module.fail_json(msg= str(e))
module.fail_json(msg= str(e))
@ -230,7 +235,6 @@ def download_gsfile(module, gs, bucket, obj, dest):
key = bucket.lookup(obj)
key = bucket.lookup(obj)
key.get_contents_to_filename(dest)
key.get_contents_to_filename(dest)
module.exit_json(msg="GET operation complete", changed=True)
module.exit_json(msg="GET operation complete", changed=True)
sys.exit(0)
except gs.provider.storage_copy_error, e:
except gs.provider.storage_copy_error, e:
module.fail_json(msg= str(e))
module.fail_json(msg= str(e))
@ -240,7 +244,6 @@ def download_gsstr(module, gs, bucket, obj):
key = bucket.lookup(obj)
key = bucket.lookup(obj)
contents = key.get_contents_as_string()
contents = key.get_contents_as_string()
module.exit_json(msg="GET operation complete", contents=contents, changed=True)
module.exit_json(msg="GET operation complete", contents=contents, changed=True)
sys.exit(0)
except gs.provider.storage_copy_error, e:
except gs.provider.storage_copy_error, e:
module.fail_json(msg= str(e))
module.fail_json(msg= str(e))
@ -250,233 +253,168 @@ def get_download_url(module, gs, bucket, obj, expiry):
key = bucket.lookup(obj)
key = bucket.lookup(obj)
url = key.generate_url(expiry)
url = key.generate_url(expiry)
module.exit_json(msg="Download url:", url=url, expiry=expiry, changed=True)
module.exit_json(msg="Download url:", url=url, expiry=expiry, changed=True)
sys.exit(0)
except gs.provider.storage_response_error, e:
except gs.provider.storage_response_error, e:
module.fail_json(msg= str(e))
module.fail_json(msg= str(e))
def main():
def handle_get(module, gs, bucket, obj, overwrite, dest):
module = AnsibleModule(
argument_spec = dict(
bucket = dict(required=True),
object = dict(default=None),
src = dict(default=None),
dest = dict(default=None),
mode = dict(choices=['get', 'put', 'delete', 'create', 'geturl', 'getstr'], required=True),
permission = dict(choices=['private', 'public-read', 'authenticated-read'], default='private'),
gs_secret_key = dict(no_log=True, required=False),
gs_access_key = dict(required=False),
overwrite = dict(default=False, type='bool'),
),
)
bucket = module.params.get('bucket')
obj = module.params.get('object')
src = module.params.get('src')
dest = module.params.get('dest')
if dest:
dest = os.path.expanduser(dest)
mode = module.params.get('mode')
# expiry is not applicable for GCS just adding for compatibility.
expiry = 600
gs_secret_key = module.params.get('gs_secret_key')
gs_access_key = module.params.get('gs_access_key')
overwrite = module.params.get('overwrite')
if mode == 'put':
if not src or not bucket or not object:
module.fail_json(msg="When using PUT, src, bucket, object are mandatory paramters")
if mode == 'get':
if not dest or not bucket or not object:
module.fail_json(msg="When using GET, dest, bucket, object are mandatory paramters")
if obj:
obj = os.path.expanduser(module.params['object'])
if not gs_secret_key:
if 'GS_SECRET_KEY' in os.environ:
gs_secret_key = os.environ['GS_SECRET_KEY']
if not gs_access_key:
if 'GS_ACCESS_KEY' in os.environ:
gs_access_key = os.environ['GS_ACCESS_KEY']
try:
gs = boto.connect_gs(gs_access_key, gs_secret_key)
except boto.exception.NoAuthHandlerFound, e:
module.fail_json(msg = str(e))
# If our mode is a GET operation (download), go through the procedure as appropriate ...
if mode == 'get':
# First, we check to see if the bucket exists, we get "bucket" returned.
bucketrtn = bucket_check(module, gs, bucket)
if bucketrtn is False:
module.fail_json(msg="Target bucket cannot be found", failed=True)
sys.exit(0)
# Next, we check to see if the key in the bucket exists. If it exists, it also returns key_matches md5sum check.
keyrtn = key_check(module, gs, bucket, obj)
if keyrtn is False:
module.fail_json(msg="Target key cannot be found", failed=True)
sys.exit(0)
# If the destination path doesn't exist, no need to md5um etag check, so just download.
pathrtn = path_check(dest)
if pathrtn is False:
download_gsfile(module, gs, bucket, obj, dest)
# Compare the remote MD5 sum of the object with the local dest md5sum, if it already exists.
if pathrtn is True:
md5_remote = keysum(module, gs, bucket, obj)
md5_remote = keysum(module, gs, bucket, obj)
md5_local = hashlib.md5(open(dest, 'rb').read()).hexdigest()
md5_local = hashlib.md5(open(dest, 'rb').read()).hexdigest()
if md5_local == md5_remote:
if md5_local == md5_remote:
sum_matches = True
module.exit_json(msg="Local and remote object are identical", changed=False)
if overwrite is True:
download_gsfile(module, gs, bucket, obj, dest)
else:
module.exit_json(msg="Local and remote object are identical, ignoring. Use overwrite parameter to force.", changed=False)
else:
else:
sum_matches = False
if overwrite is True:
if overwrite is True:
download_gsfile(module, gs, bucket, obj, dest)
download_gsfile(module, gs, bucket, obj, dest)
else:
else:
module.fail_json(msg="WARNING: Checksums do not match. Use overwrite parameter to force download.", failed=True)
module.fail_json(msg="Destination file exists and is diffrent. Use overwrite parameter to force download.", failed=True)
# If destination file doesn't already exist we can go ahead and download.
if pathrtn is False:
download_gsfile(module, gs, bucket, obj, dest)
# Firstly, if key_matches is TRUE and overwrite is not enabled, we EXIT with a helpful message.
if sum_matches is True and overwrite is False:
module.exit_json(msg="Local and remote object are identical, ignoring. Use overwrite parameter to force.", changed=False)
# At this point explicitly define the overwrite condition.
if sum_matches is True and pathrtn is True and overwrite is True:
download_gsfile(module, gs, bucket, obj, dest)
# If sum does not match but the destination exists, we
# if our mode is a PUT operation (upload), go through the procedure as appropriate ...
if mode == 'put':
# Use this snippet to debug through conditionals:
# module.exit_json(msg="Bucket return %s"%bucketrtn)
# sys.exit(0)
# Lets check the src path.
pathrtn = path_check(src)
if pathrtn is False:
module.fail_json(msg="Local object for PUT does not exist", failed=True)
sys.exit(0)
def handle_put(module, gs, bucket, obj, overwrite, src, expiry):
# Lets check to see if bucket exists to get ground truth.
# Lets check to see if bucket exists to get ground truth.
bucketrtn = bucket_check(module, gs, bucket)
bucket_rc = bucket_check(module, gs, bucket)
keyrtn = key_check(module, gs, bucket, obj)
key_rc = key_check(module, gs, bucket, obj)
# Lets check key state. Does it exist and if it does, compute the etag md5sum.
# Lets check key state. Does it exist and if it does, compute the etag md5sum.
if bucketrtn is True and keyrtn is True :
if bucket_rc and key_rc:
md5_remote = keysum(module, gs, bucket, obj)
md5_remote = keysum(module, gs, bucket, obj)
md5_local = hashlib.md5(open(src, 'rb').read()).hexdigest()
md5_local = hashlib.md5(open(src, 'rb').read()).hexdigest()
if md5_local == md5_remote:
if md5_local == md5_remote:
sum_matches = True
module.exit_json(msg="Local and remote object are identical.", changed=False)
if overwrite is True:
upload_gsfile(module, gs, bucket, obj, src, expiry)
else:
module.exit_json(msg="Local and remote object are identical, ignoring. Use overwrite parameter to force.", changed=False)
else:
else:
sum_matches = False
if overwrite:
if overwrite is True:
upload_gsfile(module, gs, bucket, obj, src, expiry)
upload_gsfile(module, gs, bucket, obj, src, expiry)
else:
else:
module.exit_json(msg="WARNING: Checksums do not match. Use overwrite parameter to force upload.", failed=True)
module.exit_json(msg="WARNING: Checksums do not match. Use overwrite parameter to force upload.", failed=True)
# If neither exist (based on bucket existence), we can create both.
if not bucket_rc:
if bucketrtn is False and pathrtn is True:
create_bucket(module, gs, bucket)
create_bucket(module, gs, bucket)
upload_gsfile(module, gs, bucket, obj, src, expiry)
upload_gsfile(module, gs, bucket, obj, src, expiry)
# If bucket exists but key doesn't, just upload.
# If bucket exists but key doesn't, just upload.
if bucketrtn is True and pathrtn is True and keyrtn is False :
if bucket_rc and not key_rc:
upload_gsfile(module, gs, bucket, obj, src, expiry)
upload_gsfile(module, gs, bucket, obj, src, expiry)
# Support for deleting an object if we have both params.
def handle_delete(module, gs, bucket, obj):
if mode == 'delete':
if bucket and not obj:
if bucket and not obj:
bucketrtn = bucket_check(module, gs, bucket)
if bucket_check(module, gs, bucket):
if bucketrtn is True:
module.exit_json(msg="Bucket %s and all keys have been deleted."%bucket, changed=delete_bucket(module, gs, bucket))
deletertn = delete_bucket(module, gs, bucket)
if deletertn is True:
module.exit_json(msg="Bucket %s and all keys have been deleted."%bucket, changed=True)
else:
else:
module.exit_json(msg="Bucket does not exist.", changed=False)
module.exit_json(msg="Bucket does not exist.", changed=False)
if bucket and obj:
if bucket and obj:
bucketrtn = bucket_check(module, gs, bucket)
if bucket_check(module, gs, bucket):
if bucketrtn is True:
if key_check(module, gs, bucket, obj):
keyrtn = key_check(module, gs, bucket, obj)
module.exit_json(msg="Object has been deleted.", changed=delete_key(module, gs, bucket, obj))
if keyrtn is True:
deletertn = delete_key(module, gs, bucket, obj)
if deletertn is True:
module.exit_json(msg="Object has been deleted.", changed=True)
else:
else:
module.exit_json(msg="Object does not exists.", changed=False)
module.exit_json(msg="Object does not exists.", changed=False)
else:
else:
module.exit_json(msg="Bucket does not exist.", changed=False)
module.exit_json(msg="Bucket does not exist.", changed=False)
else:
else:
module.fail_json(msg="Bucket or Bucket & object parameter is required.", failed=True)
module.fail_json(msg="Bucket or Bucket & object parameter is required.", failed=True)
# Need to research how to create directories without "populating" a key, so this should just do bucket creation for now.
def handle_create(module, gs, bucket, obj):
# WE SHOULD ENABLE SOME WAY OF CREATING AN EMPTY KEY TO CREATE "DIRECTORY" STRUCTURE, AWS CONSOLE DOES THIS.
if mode == 'create':
if bucket and not obj:
if bucket and not obj:
bucketrtn = bucket_check(module, gs, bucket)
if bucket_check(module, gs, bucket):
if bucketrtn is True:
module.exit_json(msg="Bucket already exists.", changed=False)
module.exit_json(msg="Bucket already exists.", changed=False)
else:
else:
module.exit_json(msg="Bucket created succesfully", changed=create_bucket(module, gs, bucket))
module.exit_json(msg="Bucket created succesfully", changed=create_bucket(module, gs, bucket))
if bucket and obj:
if bucket and obj:
bucketrtn = bucket_check(module, gs, bucket)
if bucket_check(module, gs, bucket):
if obj.endswith('/'):
if obj.endswith('/'):
dirobj = obj
dirobj = obj
else:
else:
dirobj = obj + "/"
dirobj = obj + "/"
if bucketrtn is True:
if key_check(module, gs, bucket, dirobj):
keyrtn = key_check(module, gs, bucket, dirobj)
if keyrtn is True:
module.exit_json(msg="Bucket %s and key %s already exists."% (bucket, obj), changed=False)
module.exit_json(msg="Bucket %s and key %s already exists."% (bucket, obj), changed=False)
else:
else:
create_dirkey(module, gs, bucket, dirobj)
create_dirkey(module, gs, bucket, dirobj)
if buck etrtn is Fa lse:
else:
created = create_bucket(module, gs, bucket)
create_bucket(module, gs, bucket)
create_dirkey(module, gs, bucket, dirobj)
create_dirkey(module, gs, bucket, dirobj)
# Support for grabbing the time-expired URL for an object in S3/Walrus.
def main():
module = AnsibleModule(
argument_spec = dict(
bucket = dict(required=True),
object = dict(default=None),
src = dict(default=None),
dest = dict(default=None),
expiry = dict(default=600, aliases=['expiration']),
mode = dict(choices=['get', 'put', 'delete', 'create', 'geturl', 'getstr'], required=True),
permission = dict(choices=['private', 'public-read', 'authenticated-read'], default='private'),
gs_secret_key = dict(no_log=True, required=True),
gs_access_key = dict(required=True),
overwrite = dict(default=False, type='bool'),
),
)
bucket = module.params.get('bucket')
obj = module.params.get('object')
src = module.params.get('src')
dest = module.params.get('dest')
if dest:
dest = os.path.expanduser(dest)
mode = module.params.get('mode')
expiry = module.params.get('expiry')
gs_secret_key = module.params.get('gs_secret_key')
gs_access_key = module.params.get('gs_access_key')
overwrite = module.params.get('overwrite')
if mode == 'put':
if not src or not object:
module.fail_json(msg="When using PUT, src, bucket, object are mandatory paramters")
if mode == 'get':
if not dest or not object:
module.fail_json(msg="When using GET, dest, bucket, object are mandatory paramters")
if obj:
obj = os.path.expanduser(module.params['object'])
# ---------------- Get the Conection object for GCS operations --------------------
try:
gs = boto.connect_gs(gs_access_key, gs_secret_key)
except boto.exception.NoAuthHandlerFound, e:
module.fail_json(msg = str(e))
#-------------- Code for GET Operation -------------------------
if mode == 'get':
if not bucket_check(module, gs, bucket) or not key_check(module, gs, bucket, obj):
module.fail_json(msg="Target bucket/key cannot be found", failed=True)
if not path_check(dest):
download_gsfile(module, gs, bucket, obj, dest)
else:
handle_get(module, gs, bucket, obj, overwrite, dest)
# ----------------------Code for PUT operation ---------------
if mode == 'put':
if not path_check(src):
module.fail_json(msg="Local object for PUT does not exist", failed=True)
handle_put(module, gs, bucket, obj, overwrite, src, expiry)
# Support for deleting an object if we have both params.
if mode == 'delete':
handle_delete(module, gs, bucket, obj)
# ---------- Code for mode is create -------------------------
if mode == 'create':
handle_create(module, gs, bucket, obj)
# ------------- Get the url of an object --------------------------
if mode == 'geturl':
if mode == 'geturl':
if bucket and obj:
if bucket and obj:
bucketrtn = bucket_check(module, gs, bucket)
if bucket_check(module, gs, bucket) and key_check(module, gs, bucket, obj):
if bucketrtn is False:
module.fail_json(msg="Bucket %s does not exist."%bucket, failed=True)
else:
keyrtn = key_check(module, gs, bucket, obj)
if keyrtn is True:
get_download_url(module, gs, bucket, obj, expiry)
get_download_url(module, gs, bucket, obj, expiry)
else:
else:
module.fail_json(msg="Key %s does not exist."%obj, failed=True)
module.fail_json(msg="Key/Bucket doesnt exist", failed=True)
else:
else:
module.fail_json(msg="Bucket and Object parameters must be set", failed=True)
module.fail_json(msg="Bucket and Object parameters must be set", failed=True)
sys.exit(0)
# --------------------------- Get the String contents of an Object -------------------------
if mode == 'getstr':
if mode == 'getstr':
if bucket and obj:
if bucket and obj:
bucketrtn = bucket_check(module, gs, bucket)
if bucket_check(module, gs, bucket) and key_check(module, gs, bucket, obj):
if bucketrtn is False:
module.fail_json(msg="Bucket %s does not exist."%bucket, failed=True)
else:
keyrtn = key_check(module, gs, bucket, obj)
if keyrtn is True:
download_gsstr(module, gs, bucket, obj)
download_gsstr(module, gs, bucket, obj)
else:
else:
module.fail_json(msg="Key %s does not exist."%obj, failed=True)
module.fail_json(msg="Key/Bucket doesnt exists", failed=True)
else:
module.fail_json(msg="Bucket and Object parameters must be set", failed=True)
sys.exit(0)
# this is magic, see lib/ansible/module_common.py
# this is magic, see lib/ansible/module_common.py
#<<INCLUDE_ANSIBLE_MODULE_COMMON>>
#<<INCLUDE_ANSIBLE_MODULE_COMMON>>
Benno Joy
11 years ago
committed by