* openstacksdk < 0.10.0: fix AttributeError
`openstack.version.__version__` expression raises an `AttributeError`
exception when openstacksdk < 0.10.0 is used. `openstack.version` is
now imported as a module, which works for all openstacksdk versions.
Error was:
The full traceback is:
Traceback (most recent call last):
File "$HOME/.ansible/tmp/ansible-tmp-1545612308.8-46792777824159/AnsiballZ_os_security_group.py", line 113, in <module>
_ansiballz_main()
File "$HOME/.ansible/tmp/ansible-tmp-1545612308.8-46792777824159/AnsiballZ_os_security_group.py", line 105, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "$HOME/.ansible/tmp/ansible-tmp-1545612308.8-46792777824159/AnsiballZ_os_security_group.py", line 48, in invoke_module
imp.load_module('__main__', mod, module, MOD_DESC)
File "/tmp/ansible_os_security_group_payload_keFTIJ/__main__.py", line 163, in <module>
File "/tmp/ansible_os_security_group_payload_keFTIJ/__main__.py", line 115, in main
File "/tmp/ansible_os_security_group_payload_keFTIJ/ansible_os_security_group_payload.zip/ansible/module_utils/openstack.py", line 121, in openstack_cloud_from_module
AttributeError: 'module' object has no attribute 'version'
* Add missing space & dot in error message
* Always require openstacksdk >= 0.12
* openstack: fix parameter handling when cloud provided as dict
If a cloud is provided as dictionary:
* Do not assert that 'interface' parameter is None. Instead,
assert that it is 'public'.
* Assert that 'auth_type' parameter is not set.
Fixes#42858
* os_user: Include domain parameter in user lookup
If a "domain" parameter is provided, use it in looking up
whether the user already exists.
Fixes#42901
* os_user: Include domain parameter in user deletion
If a "domain" parameter is provided, use it in deleting
the user also.
Fixes#42901
* Establish connection through openstacksdk
* Switch from shade to openstacksdk
* fix typo in link to openstacksdk
* remove nova_client usage
* further remove of min_version from openstack modules
Start using this to construct shade OpenStack Cloud objects in a
consistent manner. This will let us centralize things like dealing with
password arguments and whatnot. It also allows us to introduce the
ability to pass a fully formed config dict directly to the module.
Migrate all OpenStack modules to use openstack_cloud_from_module.
Have it return the shade library since it's responsible for
importing shade and shade is needed for the exceptions.
Only pull specific OpenStack arguments for the constructor
Rather than passing **module.params to the shade constructor, pull out
only the values that make sense. This should prevent the issues with
module parameters stepping on shade parameters.
Replace module.params.pop with module.params.get
We don't need to pop these anymore since the shade constructor is now
using opt-in values.
Using real urls is ungood. Use example.com domains. Also, get rid of the
antiquated port numbers.
We're being too strict - there is a third possibility, which is that a
user will have defined the OS_* environment variables and expect them to
pass through.
The rest of ansible uses validate_certs, so make that the main
documented parameter. However, leave verify as an alias since that's the
passthrough value to the underlying libraries.
There is an old PR that shows a great use case for having a different
set of states for the server module. Before the other modules start
being in real use, pull this out so that we don't get ourselves into a
pickle.
It turns out that this can actually already be handled by the existing
auth plugin framework and does not need its own parameter. Remove before
it sees usage and causes confusion.
Incoming cloud config for OpenStack is complex due to plugins and
deployer choices. Rather than having the logic spread all over the
OpenStack modules, centralize it in the module_utils code.
Taking a page out of the ec2 config, make sure that all of the
OpenStack modules handle the inbound auth config in the same way.
The one outlier is keystone wrt auth_url.
The provisioning module knows more about how nova deals with IP
addresses now. Ensure that the inventory module is similarly as smart
by separating out the logic into the openstack/module_utils.
Taking a page out of the ec2 config, make sure that all of the
OpenStack modules handle the inbound auth config in the same way.
The one outlier is keystone wrt auth_url.
Pilou