Exemple #1
0
    def test_update_user_password(self):
        user_name = self.user_prefix + '_password'
        user_email = '*****@*****.**'
        user = self._create_user(name=user_name,
                                 email=user_email,
                                 password='******')
        self.assertIsNotNone(user)
        self.assertTrue(user['enabled'])

        # This should work for both v2 and v3
        new_user = self.operator_cloud.update_user(
            user['id'], password='******')
        self.assertIsNotNone(new_user)
        self.assertEqual(user['id'], new_user['id'])
        self.assertEqual(user_name, new_user['name'])
        self.assertEqual(user_email, new_user['email'])
        self.assertTrue(new_user['enabled'])
        self.assertTrue(self.operator_cloud.grant_role(
            'Member', user=user['id'], project='demo', wait=True))
        self.addCleanup(
            self.operator_cloud.revoke_role,
            'Member', user=user['id'], project='demo', wait=True)
        self.assertIsNotNone(operator_cloud(
            cloud=self._demo_name,
            username=user_name, password='******').keystone_client)
Exemple #2
0
def verify_password(username, password):
    global shade_opts
    app.logger.debug('******************** Checking user {} password {}'.format(username, password))

    # No auth aka keystone not configured: service is left unsecured
    if shade_opts.get('auth_type', None) == "None":
        # Authorized access
        return True

    # Keystone authentication required
    if shade_opts.get('auth_type', None) == "password":
        my_auth = _get_shade_auth()
        my_auth['auth']['username'] = username
        my_auth['auth']['password'] = password
        # TODO: see if the following line should be uncommented and add
        # more security but simple HTTP Auth only supports user:passwd
        # my_auth['auth']['project_name'] = os.getenv('OS_PROJECT_NAME', "")
        try:
            cloud = shade.operator_cloud(**my_auth)
            machines = cloud.list_machines()
        except Exception as e:
            app.logger.error('verify_password Got exception: {}'.format(e))
            return False
        # Authorized access
        return True
    # Unauthorized access
    return False
Exemple #3
0
 def setUp(self):
     super(TestDomain, self).setUp()
     self.cloud = shade.operator_cloud(cloud='devstack-admin')
     if self.cloud.cloud_config.get_api_version('identity') in ('2', '2.0'):
         self.skipTest('Identity service does not support domains')
     self.domain_prefix = self.getUniqueString('domain')
     self.addCleanup(self._cleanup_domains)
Exemple #4
0
    def test_update_user_password(self):
        user_name = self.user_prefix + '_password'
        user_email = '*****@*****.**'
        user = self._create_user(name=user_name,
                                 email=user_email,
                                 password='******')
        self.assertIsNotNone(user)
        self.assertTrue(user['enabled'])

        # This should work for both v2 and v3
        new_user = self.operator_cloud.update_user(user['id'],
                                                   password='******')
        self.assertIsNotNone(new_user)
        self.assertEqual(user['id'], new_user['id'])
        self.assertEqual(user_name, new_user['name'])
        self.assertEqual(user_email, new_user['email'])
        self.assertTrue(new_user['enabled'])
        self.assertTrue(
            self.operator_cloud.grant_role('Member',
                                           user=user['id'],
                                           project='demo',
                                           wait=True))
        self.addCleanup(self.operator_cloud.revoke_role,
                        'Member',
                        user=user['id'],
                        project='demo',
                        wait=True)
        self.assertIsNotNone(
            operator_cloud(cloud=self._demo_name,
                           username=user_name,
                           password='******').service_catalog)
Exemple #5
0
def main():

    argument_spec = openstack_full_argument_spec(
        name=dict(required=False, default=None),
        filters=dict(required=False, type='dict', default=None),
    )
    module_kwargs = openstack_module_kwargs(mutually_exclusive=[
        ['name', 'filters'],
    ])
    module = AnsibleModule(argument_spec, **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')

    try:
        name = module.params['name']
        filters = module.params['filters']

        opcloud = shade.operator_cloud(**module.params)

        if name:
            # Let's suppose user is passing domain ID
            try:
                domains = opcloud.get_domain(name)
            except:
                domains = opcloud.search_domains(filters={'name': name})

        else:
            domains = opcloud.search_domains(filters)

        module.exit_json(changed=False,
                         ansible_facts=dict(openstack_domains=domains))

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
Exemple #6
0
 def setUp(self):
     super(TestDomain, self).setUp()
     self.cloud = shade.operator_cloud(cloud='devstack-admin')
     if self.cloud.cloud_config.get_api_version('identity') in ('2', '2.0'):
         self.skipTest('Identity service does not support domains')
     self.domain_prefix = self.getUniqueString('domain')
     self.addCleanup(self._cleanup_domains)
Exemple #7
0
def main():
    argument_spec = openstack_full_argument_spec(
        description=dict(required=True, type='str'),
        service_name=dict(required=True, type='str'),
        service_type=dict(required=True, type='str'),
        url=dict(required=True, type='str'),
        interface=dict(required=True, type='str'),
        endpoint_region=dict(required=True, type='str'))
    module = AnsibleModule(argument_spec)

    try:
        description = module.params.pop('description')
        service_name = module.params.pop('service_name')
        service_type = module.params.pop('service_type')
        url = module.params.pop('url')
        interface = module.params.pop('interface')
        endpoint_region = module.params.pop('endpoint_region')

        changed = False
        service = None
        endpoint = None

        cloud = shade.operator_cloud(**module.params)

        for _service in cloud.keystone_client.services.list():
            if _service.type == service_type:
                service = _service
                if service.name != service_name or \
                        service.description != description:
                    changed = True
                    cloud.keystone_client.services.update(
                        service, name=service_name, description=description)
                break
        else:
            changed = True
            service = cloud.keystone_client.services.create(
                name=service_name,
                service_type=service_type,
                description=description)

        for _endpoint in cloud.keystone_client.endpoints.list():
            if _endpoint.service_id == service.id and \
                    _endpoint.interface == interface:
                endpoint = _endpoint
                if endpoint.url != url:
                    changed = True
                    cloud.keystone_client.endpoints.update(endpoint, url=url)
                break
        else:
            changed = True
            cloud.keystone_client.endpoints.create(service=service.id,
                                                   url=url,
                                                   interface=interface,
                                                   region=endpoint_region)

        module.exit_json(changed=changed)
    except Exception:
        module.exit_json(failed=True,
                         changed=True,
                         msg=repr(traceback.format_exc()))
Exemple #8
0
def main():
    argument_spec = openstack_full_argument_spec(password=dict(required=True,
                                                               type='str'),
                                                 project=dict(required=True,
                                                              type='str'),
                                                 role=dict(required=True,
                                                           type='str'),
                                                 user=dict(required=True,
                                                           type='str'))
    module = AnsibleModule(argument_spec)

    try:
        password = module.params.pop('password')
        project_name = module.params.pop('project')
        role_name = module.params.pop('role')
        user_name = module.params.pop('user')

        changed = False
        project = None
        role = None
        user = None

        cloud = shade.operator_cloud(**module.params)

        for _project in cloud.keystone_client.projects.list():
            if _project.name == project_name:
                project = _project

        for _role in cloud.keystone_client.roles.list():
            if _role.name == role_name:
                role = _role

        for _user in cloud.keystone_client.users.list():
            if _user.name == user_name:
                user = _user

        if not project:
            changed = True
            project = cloud.keystone_client.projects.create(name=project_name,
                                                            domain='default')

        if not role:
            changed = True
            role = cloud.keystone_client.roles.create(name=role_name)

        if not user:
            changed = True
            user = cloud.keystone_client.users.create(name=user_name,
                                                      password=password,
                                                      project=project)
            cloud.keystone_client.roles.grant(role=role,
                                              user=user,
                                              project=project)

        module.exit_json(changed=changed)
    except Exception:
        module.exit_json(failed=True,
                         changed=True,
                         msg=repr(traceback.format_exc()))
    def get_cloud(self):
        """ Get shade openstack and operator cloud objects

        :return: cloud, opcloud are the shade openstack and operator objects
        """
        cloud = shade.openstack_cloud()
        opcloud = shade.operator_cloud()
        return cloud, opcloud
Exemple #10
0
def get_shade_operator_client(**os_cloud_config):
    """Get Shade Operator cloud client

    :return: ``shade.OperatorCloud`` object.
    """
    params = copy.deepcopy(constants.OS_CLOUD_DEFAULT_CONFIG)
    params.update(os_cloud_config)
    return shade.operator_cloud(**params)
Exemple #11
0
def main():
    argument_spec = openstack_full_argument_spec(
        state        = dict(required=False, default='present',
                            choices=['absent', 'present']),
        name         = dict(required=True),
        host         = dict(required=True),
    )

    module_kwargs = openstack_module_kwargs()
    module = AnsibleModule(
        argument_spec,
        supports_check_mode=True, **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')

    state = module.params['state']
    name = module.params['name']
    hostname_or_id = module.params['host']

    try:
        cloud = shade.operator_cloud(**module.params)
        agg = _get_aggregate(cloud, name)
        host = _get_host(cloud, hostname_or_id)

        if module.check_mode:
            module.exit_json(changed=_system_state_change(module, agg, host))

        if state == 'present':
            for resource in ((host, hostname_or_id), (agg, name)):
                if not resource[0]:
                    module.fail_json(msg="No matches found for %s" %
                                     resource[1])
            if not _host_exists(agg, host):
                agg = cloud.nova_client.aggregates.add_host(
                        aggregate=agg,
                        host=host.service['host'])
                changed=True
            else:
                changed=False

            module.exit_json(changed=changed,
                             agg=agg.to_dict(),
                             hosts=agg.hosts)

        elif state == 'absent':
            if not host or not agg:
                module.exit_json(changed=False)
            elif _host_exists(agg, host):
                agg = cloud.nova_client.aggregates.remove_host(
                        aggregate=agg,
                        host=host.service['host'])
                module.exit_json(changed=True)
            else:
                module.exit_json(changed=False)

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
def _build_client(module):
    """Create and return an Ironic inspector client."""
    cloud = shade.operator_cloud(**module.params)
    session = cloud.cloud_config.get_session()
    client = ironic_inspector_client.v1.ClientV1(
        inspector_url=module.params['inspector_url'],
        session=session, region_name=module.params['region_name'],
        api_version=ironic_inspector_client.v1.MAX_API_VERSION)
    return client
Exemple #13
0
    def setUp(self):
        super(TestFlavor, self).setUp()
        self.demo_cloud = shade.openstack_cloud(cloud="devstack")
        self.operator_cloud = shade.operator_cloud(cloud="devstack-admin")

        # Generate a random name for flavors in this test
        self.new_item_name = "flavor_" + "".join(random.choice(string.ascii_lowercase) for _ in range(5))

        self.addCleanup(self._cleanup_flavors)
Exemple #14
0
def main():
    argument_spec = openstack_full_argument_spec(
        name=dict(required=True),
        description=dict(required=False, default=None),
        domain_id=dict(required=False, default=None),
        state=dict(default='present', choices=['absent', 'present']),
    )

    module_kwargs = openstack_module_kwargs()
    module = AnsibleModule(argument_spec,
                           supports_check_mode=True,
                           **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')

    name = module.params.pop('name')
    description = module.params.pop('description')
    domain_id = module.params.pop('domain_id')
    state = module.params.pop('state')

    try:
        cloud = shade.operator_cloud(**module.params)
        if domain_id:
            group = cloud.get_group(name, filters={'domain_id': domain_id})
        else:
            group = cloud.get_group(name)

        if module.check_mode:
            module.exit_json(
                changed=_system_state_change(state, description, group))

        if state == 'present':
            if group is None:
                group = cloud.create_group(name=name,
                                           description=description,
                                           domain=domain_id)
                changed = True
            else:
                if description is not None and group.description != description:
                    group = cloud.update_group(group.id,
                                               description=description)
                    changed = True
                else:
                    changed = False
            module.exit_json(changed=changed, group=group)

        elif state == 'absent':
            if group is None:
                changed = False
            else:
                cloud.delete_group(group.id)
                changed = True
            module.exit_json(changed=changed)

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
def main():

    argument_spec = openstack_full_argument_spec(
        name=dict(required=True),
        description=dict(default=None),
        enabled=dict(default=True, type="bool"),
        state=dict(default="present", choices=["absent", "present"]),
    )

    module_kwargs = openstack_module_kwargs()
    module = AnsibleModule(argument_spec, supports_check_mode=True, **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg="shade is required for this module")

    name = module.params["name"]
    description = module.params["description"]
    enabled = module.params["enabled"]
    state = module.params["state"]

    try:
        cloud = shade.operator_cloud(**module.params)

        domains = cloud.search_domains(filters=dict(name=name))

        if len(domains) > 1:
            module.fail_json(msg="Domain name %s is not unique" % name)
        elif len(domains) == 1:
            domain = domains[0]
        else:
            domain = None

        if module.check_mode:
            module.exit_json(changed=_system_state_change(module, domain))

        if state == "present":
            if domain is None:
                domain = cloud.create_domain(name=name, description=description, enabled=enabled)
                changed = True
            else:
                if _needs_update(module, domain):
                    domain = cloud.update_domain(domain.id, name=name, description=description, enabled=enabled)
                    changed = True
                else:
                    changed = False
            module.exit_json(changed=changed, domain=domain, id=domain.id)

        elif state == "absent":
            if domain is None:
                changed = False
            else:
                cloud.delete_domain(domain.id)
                changed = True
            module.exit_json(changed=changed)

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
Exemple #16
0
def main():
    argument_spec = openstack_full_argument_spec(
        state=dict(required=False,
                   default='present',
                   choices=['absent', 'present']),
        name=dict(required=True),
        host=dict(required=True),
    )

    module_kwargs = openstack_module_kwargs()
    module = AnsibleModule(argument_spec,
                           supports_check_mode=True,
                           **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')

    state = module.params['state']
    name = module.params['name']
    hostname_or_id = module.params['host']

    try:
        cloud = shade.operator_cloud(**module.params)
        agg = _get_aggregate(cloud, name)
        host = _get_host(cloud, hostname_or_id)

        if module.check_mode:
            module.exit_json(changed=_system_state_change(module, agg, host))

        if state == 'present':
            for resource in ((host, hostname_or_id), (agg, name)):
                if not resource[0]:
                    module.fail_json(msg="No matches found for %s" %
                                     resource[1])
            if not _host_exists(agg, host):
                agg = cloud.nova_client.aggregates.add_host(
                    aggregate=agg, host=host.service['host'])
                changed = True
            else:
                changed = False

            module.exit_json(changed=changed,
                             agg=agg.to_dict(),
                             hosts=agg.hosts)

        elif state == 'absent':
            if not host or not agg:
                module.exit_json(changed=False)
            elif _host_exists(agg, host):
                agg = cloud.nova_client.aggregates.remove_host(
                    aggregate=agg, host=host.service['host'])
                module.exit_json(changed=True)
            else:
                module.exit_json(changed=False)

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
Exemple #17
0
    def setUp(self):
        super(TestServices, self).setUp()
        self.operator_cloud = operator_cloud(cloud='devstack-admin')

        # Generate a random name for services in this test
        self.new_service_name = 'test_' + ''.join(
            random.choice(string.ascii_lowercase) for _ in range(5))

        self.addCleanup(self._cleanup_services)
def main():
    argument_spec = openstack_full_argument_spec(
        password=dict(required=True, type='str'),
        project=dict(required=True, type='str'),
        role=dict(required=True, type='str'),
        user=dict(required=True, type='str')
    )
    module = AnsibleModule(argument_spec)

    try:
        password = module.params.pop('password')
        project_name = module.params.pop('project')
        role_name = module.params.pop('role')
        user_name = module.params.pop('user')

        changed = False
        project = None
        role = None
        user = None

        cloud = shade.operator_cloud(**module.params)

        for _project in cloud.keystone_client.projects.list():
            if _project.name == project_name:
                project = _project

        for _role in cloud.keystone_client.roles.list():
            if _role.name == role_name:
                role = _role

        for _user in cloud.keystone_client.users.list():
            if _user.name == user_name:
                user = _user

        if not project:
            changed = True
            project = cloud.keystone_client.projects.create(
                name=project_name, domain='default')

        if not role:
            changed = True
            role = cloud.keystone_client.roles.create(name=role_name)

        if not user:
            changed = True
            user = cloud.keystone_client.users.create(name=user_name,
                                                      password=password,
                                                      project=project)
            cloud.keystone_client.roles.grant(role=role,
                                              user=user,
                                              project=project)

        module.exit_json(changed=changed)
    except Exception:
        module.exit_json(failed=True, changed=True,
                         msg=repr(traceback.format_exc()))
Exemple #19
0
    def setUp(self):
        super(TestServices, self).setUp()
        # Shell should have OS-* envvars from openrc, typically loaded by job
        self.operator_cloud = operator_cloud()

        # Generate a random name for services in this test
        self.new_service_name = 'test_' + ''.join(
            random.choice(string.ascii_lowercase) for _ in range(5))

        self.addCleanup(self._cleanup_services)
Exemple #20
0
    def setUp(self):
        super(TestFlavor, self).setUp()
        # Shell should have OS-* envvars from openrc, typically loaded by job
        self.operator_cloud = shade.operator_cloud()

        # Generate a random name for flavors in this test
        self.new_item_name = 'flavor_' + ''.join(
            random.choice(string.ascii_lowercase) for _ in range(5))

        self.addCleanup(self._cleanup_flavors)
Exemple #21
0
    def setUp(self):
        super(TestFlavor, self).setUp()
        # Shell should have OS-* envvars from openrc, typically loaded by job
        self.operator_cloud = shade.operator_cloud()

        # Generate a random name for flavors in this test
        self.new_item_name = 'flavor_' + ''.join(
            random.choice(string.ascii_lowercase) for _ in range(5))

        self.addCleanup(self._cleanup_flavors)
Exemple #22
0
    def setUp(self):
        super(TestEndpoints, self).setUp()
        self.operator_cloud = operator_cloud(cloud='devstack-admin')

        # Generate a random name for services and regions in this test
        self.new_item_name = 'test_' + ''.join(
            random.choice(string.ascii_lowercase) for _ in range(5))

        self.addCleanup(self._cleanup_services)
        self.addCleanup(self._cleanup_endpoints)
Exemple #23
0
def _build_client(module):
    """Create and return an Ironic inspector client."""
    cloud = shade.operator_cloud(**module.params)
    session = cloud.cloud_config.get_session()
    client = ironic_inspector_client.v1.ClientV1(
        inspector_url=module.params['inspector_url'],
        session=session,
        region_name=module.params['region_name'],
        api_version=ironic_inspector_client.v1.MAX_API_VERSION)
    return client
Exemple #24
0
    def setUp(self):
        super(TestFlavor, self).setUp()
        self.demo_cloud = shade.openstack_cloud(cloud='devstack')
        self.operator_cloud = shade.operator_cloud(cloud='devstack-admin')

        # Generate a random name for flavors in this test
        self.new_item_name = 'flavor_' + ''.join(
            random.choice(string.ascii_lowercase) for _ in range(5))

        self.addCleanup(self._cleanup_flavors)
Exemple #25
0
    def setUp(self):
        super(TestServices, self).setUp()
        # Shell should have OS-* envvars from openrc, typically loaded by job
        self.operator_cloud = operator_cloud()

        # Generate a random name for services in this test
        self.new_service_name = 'test_' + ''.join(
            random.choice(string.ascii_lowercase) for _ in range(5))

        self.addCleanup(self._cleanup_services)
Exemple #26
0
def main():
    argument_spec = openstack_full_argument_spec(
        name=dict(required=True),
        description=dict(required=False, default=None),
        domain_id=dict(required=False, default=None),
        state=dict(default='present', choices=['absent', 'present']),
    )

    module_kwargs = openstack_module_kwargs()
    module = AnsibleModule(argument_spec,
                           supports_check_mode=True,
                           **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')

    name = module.params.pop('name')
    description = module.params.pop('description')
    domain_id = module.params.pop('domain_id')
    state = module.params.pop('state')

    try:
        cloud = shade.operator_cloud(**module.params)
        if domain_id:
            group = cloud.get_group(name, filters={'domain_id': domain_id})
        else:
            group = cloud.get_group(name)

        if module.check_mode:
            module.exit_json(changed=_system_state_change(state, description, group))

        if state == 'present':
            if group is None:
                group = cloud.create_group(
                    name=name, description=description, domain=domain_id)
                changed = True
            else:
                if description is not None and group.description != description:
                    group = cloud.update_group(
                        group.id, description=description)
                    changed = True
                else:
                    changed = False
            module.exit_json(changed=changed, group=group)

        elif state == 'absent':
            if group is None:
                changed=False
            else:
                cloud.delete_group(group.id)
                changed=True
            module.exit_json(changed=changed)

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
Exemple #27
0
def get_operator_cloud(auth=None):
    '''
    Return an operator_cloud
    '''
    if auth is None:
        auth = __salt__['config.option']('neutron', {})
    if 'shade_opcloud' in __context__:
        if __context__['shade_opcloud'].auth == auth:
            return __context__['shade_opcloud']
    __context__['shade_opcloud'] = shade.operator_cloud(**auth)
    return __context__['shade_opcloud']
    def setUp(self):
        """Setup Noauth OperatorCloud tests

        Setup the test to utilize no authentication and an endpoint
        URL in the auth data.  This is permits testing of the basic
        mechanism that enables Ironic noauth mode to be utilized with
        Shade.
        """
        super(TestShadeOperatorNoAuth, self).setUp()
        self.cloud_noauth = shade.operator_cloud(
            auth_type='None', auth=dict(endpoint="http://localhost:6385"))
Exemple #29
0
def get_operator_cloud(auth=None):
    """
    Return an operator_cloud
    """
    if auth is None:
        auth = __salt__["config.option"]("keystone", {})
    if "shade_opcloud" in __context__:
        if __context__["shade_opcloud"].auth == auth:
            return __context__["shade_opcloud"]
    __context__["shade_opcloud"] = shade.operator_cloud(**auth)
    return __context__["shade_opcloud"]
def main():
    argument_spec = openstack_full_argument_spec(
        auth_type=dict(required=False),
        uuid=dict(required=False),
        name=dict(required=False),
        mac=dict(required=False),
        ironic_url=dict(required=False),
        timeout=dict(default=1200, type='int', required=False),
    )
    module_kwargs = openstack_module_kwargs()
    module = AnsibleModule(argument_spec, **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')
    if StrictVersion(shade.__version__) < StrictVersion('1.0.0'):
        module.fail_json(msg="To utilize this module, the installed version of"
                             "the shade library MUST be >=1.0.0")

    if (module.params['auth_type'] in [None, 'None'] and
            module.params['ironic_url'] is None):
        module.fail_json(msg="Authentication appears to be disabled, "
                             "Please define an ironic_url parameter")

    if (module.params['ironic_url'] and
            module.params['auth_type'] in [None, 'None']):
        module.params['auth'] = dict(
            endpoint=module.params['ironic_url']
        )

    try:
        cloud = shade.operator_cloud(**module.params)

        if module.params['name'] or module.params['uuid']:
            server = cloud.get_machine(_choose_id_value(module))
        elif module.params['mac']:
            server = cloud.get_machine_by_mac(module.params['mac'])
        else:
            module.fail_json(msg="The worlds did not align, "
                                 "the host was not found as "
                                 "no name, uuid, or mac was "
                                 "defined.")
        if server:
            cloud.inspect_machine(server['uuid'], module.params['wait'])
            # TODO(TheJulia): diff properties, ?and ports? and determine
            # if a change occurred.  In theory, the node is always changed
            # if introspection is able to update the record.
            module.exit_json(changed=True,
                             ansible_facts=server['properties'])

        else:
            module.fail_json(msg="node not found.")

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
Exemple #31
0
def main():
    argument_spec = openstack_full_argument_spec(
        auth_type=dict(required=False),
        uuid=dict(required=False),
        name=dict(required=False),
        mac=dict(required=False),
        ironic_url=dict(required=False),
        timeout=dict(default=1200, type='int', required=False),
    )
    module_kwargs = openstack_module_kwargs()
    module = AnsibleModule(argument_spec, **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')
    if StrictVersion(shade.__version__) < StrictVersion('1.0.0'):
        module.fail_json(msg="To utilize this module, the installed version of"
                             "the shade library MUST be >=1.0.0")

    if (module.params['auth_type'] in [None, 'None'] and
            module.params['ironic_url'] is None):
        module.fail_json(msg="Authentication appears to be disabled, "
                             "Please define an ironic_url parameter")

    if (module.params['ironic_url'] and
            module.params['auth_type'] in [None, 'None']):
        module.params['auth'] = dict(
            endpoint=module.params['ironic_url']
        )

    try:
        cloud = shade.operator_cloud(**module.params)

        if module.params['name'] or module.params['uuid']:
            server = cloud.get_machine(_choose_id_value(module))
        elif module.params['mac']:
            server = cloud.get_machine_by_mac(module.params['mac'])
        else:
            module.fail_json(msg="The worlds did not align, "
                                 "the host was not found as "
                                 "no name, uuid, or mac was "
                                 "defined.")
        if server:
            cloud.inspect_machine(server['uuid'], module.params['wait'])
            # TODO(TheJulia): diff properties, ?and ports? and determine
            # if a change occurred.  In theory, the node is always changed
            # if introspection is able to update the record.
            module.exit_json(changed=True,
                             ansible_facts=server['properties'])

        else:
            module.fail_json(msg="node not found.")

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
    def test_ironic_noauth_none_auth_type(self):
        """Test noauth selection for Ironic in OperatorCloud

        The new way of doing this is with the keystoneauth none plugin.
        """
        self.cloud_noauth = shade.operator_cloud(
            auth_type='none',
            baremetal_endpoint_override="https://bare-metal.example.com")

        self.cloud_noauth.list_machines()

        self.assert_calls()
Exemple #33
0
def main():
    module = AnsibleModule(argument_spec=openstack_full_argument_spec(
        password=dict(required=True, type='str'),
        project=dict(required=True, type='str'),
        role=dict(required=True, type='str'),
        user=dict(required=True, type='str')))

    try:
        password = module.params.pop('password')
        project_name = module.params.pop('project')
        role_name = module.params.pop('role')
        user_name = module.params.pop('user')

        changed = False
        project = None
        role = None
        user = None

        cloud = shade.operator_cloud(**module.params)

        for _project in cloud.keystone_client.tenants.list():
            if _project.name == project_name:
                project = _project

        for _role in cloud.keystone_client.roles.list():
            if _role.name == role_name:
                role = _role

        for _user in cloud.keystone_client.users.list():
            if _user.name == user_name:
                user = _user

        if not project:
            changed = True
            project = cloud.keystone_client.tenants.create(
                tenant_name=project_name)

        if not role:
            changed = True
            role = cloud.keystone_client.roles.create(name=role_name)

        if not user:
            changed = True
            user = cloud.keystone_client.users.create(name=user_name,
                                                      password=password,
                                                      tenant_id=project.id)
            cloud.keystone_client.roles.add_user_role(role=role.id,
                                                      user=user.id,
                                                      tenant=project.id)

        module.exit_json(changed=changed)
    except Exception as e:
        module.exit_json(failed=True, changed=True, msg=e)
def main():
    argument_spec = openstack_full_argument_spec(
        description=dict(required=True, type='str'),
        service_name=dict(required=True, type='str'),
        service_type=dict(required=True, type='str'),
        admin_url=dict(required=True, type='str'),
        internal_url=dict(required=True, type='str'),
        public_url=dict(required=True, type='str'),
        endpoint_region=dict(required=True, type='str')
    )
    module = AnsibleModule(argument_spec)

    try:
        description = module.params.pop('description')
        service_name = module.params.pop('service_name')
        service_type = module.params.pop('service_type')
        admin_url = module.params.pop('admin_url')
        internal_url = module.params.pop('internal_url')
        public_url = module.params.pop('public_url')
        endpoint_region = module.params.pop('endpoint_region')

        changed = False
        service = None
        endpoint = None

        cloud = shade.operator_cloud(**module.params)

        for _service in cloud.keystone_client.services.list():
            if _service.type == service_type:
                service = _service

        if service is not None:
            for _endpoint in cloud.keystone_client.endpoints.list():
                if _endpoint.service_id == service.id:
                    endpoint = _endpoint
        else:
            service = cloud.keystone_client.services.create(
                name=service_name,
                service_type=service_type,
                description=description)

        if endpoint is None:
            changed = True
            cloud.keystone_client.endpoints.create(
                service_id=service.id,
                adminurl=admin_url,
                internalurl=internal_url,
                publicurl=public_url,
                region=endpoint_region)

        module.exit_json(changed=changed)
    except Exception as e:
        module.exit_json(failed=True, changed=True, msg=e)
Exemple #35
0
def openstack_cloud_from_module(module, min_version=None):
    from distutils.version import StrictVersion
    try:
        import shade
    except ImportError:
        module.fail_json(msg='shade is required for this module')

    if min_version:
        if StrictVersion(shade.__version__) < StrictVersion(min_version):
            module.fail_json(
                msg="To utilize this module, the installed version of"
                "the shade library MUST be >={min_version}".format(
                    min_version=min_version))

    cloud_config = module.params.pop('cloud', None)
    if isinstance(cloud_config, dict):
        fail_message = (
            "A cloud config dict was provided to the cloud parameter"
            " but also a value was provided for {param}. If a cloud"
            " config dict is provided, {param} should be"
            " excluded.")
        for param in ('auth', 'region_name', 'verify', 'cacert', 'key',
                      'api_timeout', 'interface'):
            if module.params[param] is not None:
                module.fail_json(fail_message.format(param=param))
        if module.params['auth_type'] != 'password':
            module.fail_json(fail_message.format(param='auth_type'))
        return shade, shade.operator_cloud(**cloud_config)
    else:
        return shade, shade.operator_cloud(
            cloud=cloud_config,
            auth_type=module.params['auth_type'],
            auth=module.params['auth'],
            region_name=module.params['region_name'],
            verify=module.params['verify'],
            cacert=module.params['cacert'],
            key=module.params['key'],
            api_timeout=module.params['api_timeout'],
            interface=module.params['interface'],
        )
def main():
    argument_spec = openstack_full_argument_spec(
        description=dict(required=True, type='str'),
        service_name=dict(required=True, type='str'),
        service_type=dict(required=True, type='str'),
        url=dict(required=True, type='str'),
        interface=dict(required=True, type='str'),
        endpoint_region=dict(required=True, type='str')
    )
    module = AnsibleModule(argument_spec)

    try:
        description = module.params.pop('description')
        service_name = module.params.pop('service_name')
        service_type = module.params.pop('service_type')
        url = module.params.pop('url')
        interface = module.params.pop('interface')
        endpoint_region = module.params.pop('endpoint_region')

        changed = False
        service = None
        endpoint = None

        cloud = shade.operator_cloud(**module.params)

        for _service in cloud.keystone_client.services.list():
            if _service.type == service_type:
                service = _service

        if service is not None:
            for _endpoint in cloud.keystone_client.endpoints.list():
                if _endpoint.service_id == service.id and \
                   _endpoint.interface == interface:
                    endpoint = _endpoint
        else:
            service = cloud.keystone_client.services.create(
                name=service_name,
                service_type=service_type,
                description=description)

        if endpoint is None:
            changed = True
            cloud.keystone_client.endpoints.create(
                service=service.id,
                url=url,
                interface=interface,
                region=endpoint_region)

        module.exit_json(changed=changed)
    except Exception:
        module.exit_json(failed=True, changed=True,
                         msg=repr(traceback.format_exc()))
Exemple #37
0
    def setUp(self):
        """Setup Noauth OperatorCloud tests

        Setup the test to utilize no authentication and an endpoint
        URL in the auth data.  This is permits testing of the basic
        mechanism that enables Ironic noauth mode to be utilized with
        Shade.
        """
        super(TestShadeOperatorNoAuth, self).setUp()
        self.cloud_noauth = shade.operator_cloud(
            auth_type='None',
            auth=dict(endpoint="http://localhost:6385")
        )
    def test_ironic_noauth_admin_token_auth_type(self):
        """Test noauth selection for Ironic in OperatorCloud

        The old way of doing this was to abuse admin_token.
        """
        self.cloud_noauth = shade.operator_cloud(
            auth_type='admin_token',
            auth=dict(endpoint='https://bare-metal.example.com/v1',
                      token='ignored'))

        self.cloud_noauth.list_machines()

        self.assert_calls()
def main():
    argument_spec = openstack_full_argument_spec(
        description=dict(required=True, type='str'),
        service_name=dict(required=True, type='str'),
        service_type=dict(required=True, type='str'),
        admin_url=dict(required=True, type='str'),
        internal_url=dict(required=True, type='str'),
        public_url=dict(required=True, type='str'),
        endpoint_region=dict(required=True, type='str'))
    module = AnsibleModule(argument_spec)

    try:
        description = module.params.pop('description')
        service_name = module.params.pop('service_name')
        service_type = module.params.pop('service_type')
        admin_url = module.params.pop('admin_url')
        internal_url = module.params.pop('internal_url')
        public_url = module.params.pop('public_url')
        endpoint_region = module.params.pop('endpoint_region')

        changed = False
        service = None
        endpoint = None

        cloud = shade.operator_cloud(**module.params)

        for _service in cloud.keystone_client.services.list():
            if _service.type == service_type:
                service = _service

        if service is not None:
            for _endpoint in cloud.keystone_client.endpoints.list():
                if _endpoint.service_id == service.id:
                    endpoint = _endpoint
        else:
            service = cloud.keystone_client.services.create(
                name=service_name,
                service_type=service_type,
                description=description)

        if endpoint is None:
            changed = True
            cloud.keystone_client.endpoints.create(service_id=service.id,
                                                   adminurl=admin_url,
                                                   internalurl=internal_url,
                                                   publicurl=public_url,
                                                   region=endpoint_region)

        module.exit_json(changed=changed)
    except Exception as e:
        module.exit_json(failed=True, changed=True, msg=e)
Exemple #40
0
def main():
    module = AnsibleModule(
        argument_spec = openstack_full_argument_spec(
            password = dict(required=True, type='str'),
            project = dict(required=True, type='str'),
            role = dict(required=True, type='str'),
            user = dict(required=True, type='str')
        )
    )

    try:
        password = module.params.pop('password')
        project_name = module.params.pop('project')
        role_name = module.params.pop('role')
        user_name = module.params.pop('user')

        changed = False
        project = None
        role = None
        user = None

        cloud = shade.operator_cloud(**module.params)

        for _project in cloud.keystone_client.tenants.list():
            if _project.name == project_name:
                project = _project

        for _role in cloud.keystone_client.roles.list():
            if _role.name == role_name:
                role = _role

        for _user in cloud.keystone_client.users.list():
            if _user.name == user_name:
                user = _user

        if not project:
            changed = True
            project = cloud.keystone_client.tenants.create(tenant_name=project_name)

        if not role:
            changed = True
            role = cloud.keystone_client.roles.create(name=role_name)

        if not user:
            changed = True
            user = cloud.keystone_client.users.create(name=user_name, password=password, tenant_id=project.id)
            cloud.keystone_client.roles.add_user_role(role=role.id, user=user.id, tenant=project.id)

        module.exit_json(changed=changed)
    except Exception as e:
        module.exit_json(failed=True, changed=True, msg=e)
Exemple #41
0
    def setUp(self):
        super(TestIdentity, self).setUp()
        self.cloud = operator_cloud(cloud='devstack-admin')
        self.role_prefix = 'test_role' + ''.join(
            random.choice(string.ascii_lowercase) for _ in range(5))
        self.user_prefix = self.getUniqueString('user')
        self.group_prefix = self.getUniqueString('group')

        self.addCleanup(self._cleanup_users)
        self.identity_version = \
            self.cloud.cloud_config.get_api_version('identity')
        if self.identity_version not in ('2', '2.0'):
            self.addCleanup(self._cleanup_groups)
        self.addCleanup(self._cleanup_roles)
Exemple #42
0
    def setUp(self):
        super(TestIdentity, self).setUp()
        self.cloud = operator_cloud(cloud='devstack-admin')
        self.role_prefix = 'test_role' + ''.join(
            random.choice(string.ascii_lowercase) for _ in range(5))
        self.user_prefix = self.getUniqueString('user')
        self.group_prefix = self.getUniqueString('group')

        self.addCleanup(self._cleanup_users)
        self.identity_version = \
            self.cloud.cloud_config.get_api_version('identity')
        if self.identity_version not in ('2', '2.0'):
            self.addCleanup(self._cleanup_groups)
        self.addCleanup(self._cleanup_roles)
Exemple #43
0
def _build_client(module):
    """Create and return an Ironic inspector client."""
    cloud = shade.operator_cloud(**module.params)
    session = cloud.cloud_config.get_session()
    # Ensure the requested API version is supported.
    # API 1.14 is the latest API version available in Rocky.
    api_version = (1, 14)
    client = ironic_inspector_client.v1.ClientV1(
        inspector_url=module.params['inspector_url'],
        interface=module.params['interface'],
        session=session,
        region_name=module.params['region_name'],
        api_version=api_version)
    return client
def main():

    argument_spec = openstack_full_argument_spec(
        nodes_details=dict(type='list', required=True),
        ironic_url=dict(required=False),
    )
    module_kwargs = openstack_module_kwargs()
    module = AnsibleModule(argument_spec, **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')
    if (module.params['auth_type'] in [None, 'None']
            and module.params['ironic_url'] is None):
        module.fail_json(msg="Authentication appears to be disabled, "
                         "Please define an ironic_url parameter")

    if (module.params['ironic_url']
            and module.params['auth_type'] in [None, 'None']):
        module.params['auth'] = dict(endpoint=module.params['ironic_url'])

    try:
        cloud = shade.operator_cloud(**module.params)

        nodes_details = module.params['nodes_details']
        provision_pending_list = []
        provision_failed_list = []

        for node in nodes_details:
            node_name = node['name']
            node_details = cloud.get_machine(node_name)

            if node_details['provision_state'] in [
                    'deploying', 'wait call-back'
            ]:
                provision_pending_list.append(node_name)

            if node_details['provision_state'] in ['deploy failed']:
                node_provision_state = {}
                node_provision_state['name'] = node_name
                node_provision_state['provision_state'] = node_details[
                    'provision_state']
                provision_failed_list.append(node_provision_state)

        module.exit_json(changed=False,
                         ansible_facts=dict(
                             provision_pending_list=provision_pending_list,
                             provision_failed_list=provision_failed_list))

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
Exemple #45
0
def main():
    argument_spec = openstack_full_argument_spec(
        state        = dict(required=False, default='present',
                            choices=['absent', 'present']),
        name         = dict(required=True),
        az           = dict(required=False),
    )

    module_kwargs = openstack_module_kwargs()
    module = AnsibleModule(
        argument_spec,
        supports_check_mode=True, **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')

    state = module.params['state']
    name = module.params['name']
    az = module.params['az']

    try:
        cloud = shade.operator_cloud(**module.params)
        agg = _get_aggregate(cloud, name)

        if module.check_mode:
            module.exit_json(changed=_system_state_change(module, agg))

        if state == 'present':
            if not agg:
                agg = cloud.nova_client.aggregates.create(
                    name=name,
                    availability_zone=az,
                )
                changed=True
            else:
                changed=False

            module.exit_json(changed=changed,
                             agg=agg.to_dict(),
                             id=agg.id)

        elif state == 'absent':
            if agg:
                cloud.nova_client.aggregates.delete(agg)
                module.exit_json(changed=True)
            module.exit_json(changed=False)

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
Exemple #46
0
def main():

    argument_spec = openstack_full_argument_spec(
        name=dict(required=False, default=None),
        domain=dict(required=False, default=None),
        filters=dict(required=False, type='dict', default=None),
    )

    module = AnsibleModule(argument_spec)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')

    try:
        name = module.params['name']
        domain = module.params['domain']
        filters = module.params['filters']

        opcloud = shade.operator_cloud(**module.params)
        # module.exit_json(changed=False, ansible_facts=dict(
        #     openstack_prjects=opcloud.cloud_config.get_auth_args()))

        if domain:
            try:
                # We assume admin is passing domain id
                dom = opcloud.get_domain(domain)['id']
                domain = dom
            except:
                # If we fail, maybe admin is passing a domain name.
                # Note that domains have unique names, just like id.
                dom = opcloud.search_domains(filters={'name': domain})
                if dom:
                    domain = dom[0]['id']
                else:
                    module.fail_json(msg='Domain name or ID does not exist')

            if not filters:
                filters = {}

            filters['domain_id'] = domain

        # projects = opcloud.search_projects(name, filters)
        projects = opcloud.list_projects(name, filters)
        module.exit_json(changed=False,
                         ansible_facts=dict(openstack_projects=projects))

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
Exemple #47
0
def main():
    argument_spec = openstack_full_argument_spec(
        state=dict(required=False,
                   default='present',
                   choices=['absent', 'present']),
        name=dict(required=True),
        az=dict(required=False),
    )

    module_kwargs = openstack_module_kwargs()
    module = AnsibleModule(argument_spec,
                           supports_check_mode=True,
                           **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')

    state = module.params['state']
    name = module.params['name']
    az = module.params['az']

    try:
        cloud = shade.operator_cloud(**module.params)
        agg = _get_aggregate(cloud, name)

        if module.check_mode:
            module.exit_json(changed=_system_state_change(module, agg))

        if state == 'present':
            if not agg:
                agg = cloud.nova_client.aggregates.create(
                    name=name,
                    availability_zone=az,
                )
                changed = True
            else:
                changed = False

            module.exit_json(changed=changed, agg=agg.to_dict(), id=agg.id)

        elif state == 'absent':
            if agg:
                cloud.nova_client.aggregates.delete(agg)
                module.exit_json(changed=True)
            module.exit_json(changed=False)

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
def main():
    argument_spec = openstack_full_argument_spec(
        auth_type=dict(required=False),
        uuid=dict(required=False),
        name=dict(required=False),
        mac=dict(required=False),
        ironic_url=dict(required=False),
    )
    module_kwargs = openstack_module_kwargs()
    module = AnsibleModule(argument_spec, **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg="shade is required for this module")
    if module.params["auth_type"] in [None, "None"] and module.params["ironic_url"] is None:
        module.fail_json(msg="Authentication appears to be disabled, " "Please define an ironic_url parameter")

    if module.params["ironic_url"] and module.params["auth_type"] in [None, "None"]:
        module.params["auth"] = dict(endpoint=module.params["ironic_url"])

    try:
        cloud = shade.operator_cloud(**module.params)

        if module.params["name"] or module.params["uuid"]:
            server = cloud.get_machine(_choose_id_value(module))
        elif module.params["mac"]:
            server = cloud.get_machine_by_mac(module.params["mac"])
        else:
            module.fail_json(
                msg="The worlds did not align, " "the host was not found as " "no name, uuid, or mac was " "defined."
            )
        if server:
            facts = dict(server)
            new_driver_info = dict()
            # Rebuild driver_info to remove any password
            # fields as they can be masked.
            for key, value in six.iteritems(facts["driver_info"]):
                if "password" not in key:
                    new_driver_info[key] = value
            if new_driver_info:
                facts["driver_info"] = new_driver_info
            module.exit_json(changed=False, ansible_facts=facts)

        else:
            module.fail_json(msg="node not found.")

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=e.message)
Exemple #49
0
def main():

    argument_spec = openstack_full_argument_spec(
        name=dict(required=False, default=None),
        domain=dict(required=False, default=None),
        filters=dict(required=False, type='dict', default=None),
    )

    module = AnsibleModule(argument_spec)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')

    try:
        name = module.params['name']
        domain = module.params['domain']
        filters = module.params['filters']

        opcloud = shade.operator_cloud(**module.params)

        if domain:
            try:
                # We assume admin is passing domain id
                dom = opcloud.get_domain(domain)['id']
                domain = dom
            except:
                # If we fail, maybe admin is passing a domain name.
                # Note that domains have unique names, just like id.
                dom = opcloud.search_domains(filters={'name': domain})
                if dom:
                    domain = dom[0]['id']
                else:
                    module.fail_json(msg='Domain name or ID does not exist')

            if not filters:
                filters = {}

            filters['domain_id'] = domain

        users = opcloud.search_users(name,
                                        filters)
        module.exit_json(changed=False, ansible_facts=dict(
            openstack_users=users))

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
    def test_ironic_noauth_none_auth_type(self):
        """Test noauth selection for Ironic in OperatorCloud

        The new way of doing this is with the keystoneauth none plugin.
        """
        # NOTE(TheJulia): When we are using the python-ironicclient
        # library, the library will automatically prepend the URI path
        # with 'v1'. As such, since we are overriding the endpoint,
        # we must explicitly do the same as we move away from the
        # client library.
        self.cloud_noauth = shade.operator_cloud(
            auth_type='none',
            baremetal_endpoint_override="https://bare-metal.example.com/v1")

        self.cloud_noauth.list_machines()

        self.assert_calls()
Exemple #51
0
def _process_shade(groups, hostvars):
    """Retrieve inventory utilizing Shade"""
    options = _identify_shade_auth()
    cloud = shade.operator_cloud(**options)
    machines = cloud.list_machines()

    node_names = os.environ.get('BIFROST_NODE_NAMES', None)
    if node_names:
        node_names = node_names.split(',')

    for machine in machines:
        if 'properties' not in machine:
            machine = cloud.get_machine(machine['uuid'])
        if machine['name'] is None:
            name = machine['uuid']
        else:
            name = machine['name']

        if node_names and name not in node_names:
            continue

        new_machine = {}
        for key, value in machine.items():
            # NOTE(TheJulia): We don't want to pass infomrational links
            # nor do we want to pass links about the ports since they
            # are API endpoint URLs.
            if key not in ['links', 'ports']:
                new_machine[key] = value

        # NOTE(TheJulia): Collect network information, enumerate through
        # and extract important values, presently MAC address. Once done,
        # return the network information to the inventory.
        nics = cloud.list_nics_for_machine(machine['uuid'])
        new_nics = []
        for nic in nics:
            new_nic = {}
            if 'address' in nic:
                new_nic['mac'] = nic['address']
            new_nics.append(new_nic)
        new_machine['nics'] = new_nics

        new_machine['addressing_mode'] = "dhcp"
        groups['baremetal']['hosts'].append(name)
        hostvars.update({name: new_machine})
    return (groups, hostvars)
Exemple #52
0
def _process_shade(groups, hostvars):
    """Retrieve inventory utilizing Shade"""
    options = _identify_shade_auth()
    cloud = shade.operator_cloud(**options)
    machines = cloud.list_machines()

    node_names = os.environ.get('BIFROST_NODE_NAMES', None)
    if node_names:
        node_names = node_names.split(',')

    for machine in machines:
        if 'properties' not in machine:
            machine = cloud.get_machine(machine['uuid'])
        if machine['name'] is None:
            name = machine['uuid']
        else:
            name = machine['name']

        if node_names and name not in node_names:
            continue

        new_machine = {}
        for key, value in machine.items():
            # NOTE(TheJulia): We don't want to pass infomrational links
            # nor do we want to pass links about the ports since they
            # are API endpoint URLs.
            if key not in ['links', 'ports']:
                new_machine[key] = value

        # NOTE(TheJulia): Collect network information, enumerate through
        # and extract important values, presently MAC address. Once done,
        # return the network information to the inventory.
        nics = cloud.list_nics_for_machine(machine['uuid'])
        new_nics = []
        for nic in nics:
            new_nic = {}
            if 'address' in nic:
                new_nic['mac'] = nic['address']
            new_nics.append(new_nic)
        new_machine['nics'] = new_nics

        new_machine['addressing_mode'] = "dhcp"
        groups['baremetal']['hosts'].append(name)
        hostvars.update({name: new_machine})
    return (groups, hostvars)
Exemple #53
0
    def __init__(self, options: argparse.Namespace) -> None:
        self.options = options

        self.revoke_role_after_purge = False
        self.disable_project_after_purge = False

        self.cloud = None  # type: Optional[shade.OpenStackCloud]
        self.operator_cloud = None  # type: Optional[shade.OperatorCloud]

        if options.purge_own_project:
            self.cloud = shade.openstack_cloud(argparse=options)
            self.user_id = self.cloud.keystone_session.get_user_id()
            self.project_id = self.cloud.keystone_session.get_project_id()
        else:
            self.operator_cloud = shade.operator_cloud(argparse=options)
            self.user_id = self.operator_cloud.keystone_session.get_user_id()

            project = self.operator_cloud.get_project(options.purge_project)
            if not project:
                raise exceptions.OSProjectNotFound(
                    "Unable to find project '{}'".format(options.purge_project)
                )
            self.project_id = project['id']

            # If project is not enabled, we must disable it after purge.
            self.disable_project_after_purge = not project.enabled

            # Reuse the information passed to get the `OperatorCloud` but
            # change the project. This way we bind/re-scope to the project
            # we want to purge, not the project we authenticated to.
            self.cloud = shade.openstack_cloud(
                **utils.replace_project_info(
                    self.operator_cloud.cloud_config.config,
                    self.project_id
                )
            )

        auth_args = self.cloud.cloud_config.get_auth_args()
        logging.warning(
            "Going to list and/or delete resources from project '%s'",
            options.purge_project or auth_args.get('project_name')
            or auth_args.get('project_id')
        )
def main():
    argument_spec = openstack_full_argument_spec(
        name=dict(required=True),
        state=dict(default='present', choices=['absent', 'present']),
    )

    module_kwargs = openstack_module_kwargs()
    module = AnsibleModule(argument_spec,
                           supports_check_mode=True,
                           **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')

    name = module.params.pop('name')
    state = module.params.pop('state')

    try:
        cloud = shade.operator_cloud(**module.params)

        role = cloud.get_role(name)

        if module.check_mode:
            module.exit_json(changed=_system_state_change(state, role))

        if state == 'present':
            if role is None:
                role = cloud.create_role(name)
                changed = True
            else:
                changed = False
            module.exit_json(changed=changed, role=role)
        elif state == 'absent':
            if role is None:
                changed=False
            else:
                cloud.delete_role(name)
                changed=True
            module.exit_json(changed=changed)

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
Exemple #55
0
def main():
    argument_spec = openstack_full_argument_spec(
        user=dict(required=True),
        group=dict(required=True),
        state=dict(default='present', choices=['absent', 'present']),
    )

    module_kwargs = openstack_module_kwargs()
    module = AnsibleModule(argument_spec,
                           supports_check_mode=True,
                           **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')

    user = module.params['user']
    group = module.params['group']
    state = module.params['state']

    try:
        cloud = shade.operator_cloud(**module.params)

        in_group = cloud.is_user_in_group(user, group)

        if module.check_mode:
            module.exit_json(changed=_system_state_change(state, in_group))

        changed = False
        if state == 'present':
            if not in_group:
                cloud.add_user_to_group(user, group)
                changed = True

        elif state == 'absent':
            if in_group:
                cloud.remove_user_from_group(user, group)
                changed=True

        module.exit_json(changed=changed)

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e), extra_data=e.extra_data)
def main():
    module = AnsibleModule(
        argument_spec=openstack_full_argument_spec(
            password=dict(required=True, type="str"),
            project=dict(required=True, type="str"),
            role=dict(required=True, type="str"),
            user=dict(required=True, type="str"),
            service=dict(required=True, type="str"),
        )
    )

    try:
        changed = True
        cloud = shade.operator_cloud(**module.params)

        getattr(SanityChecks, module.params.pop("service"))(cloud)

        module.exit_json(changed=changed)
    except Exception as e:
        module.exit_json(failed=True, changed=True, msg=e)
Exemple #57
0
    def test_update_user_password(self):
        user_name = self.user_prefix + '_password'
        user_email = '*****@*****.**'
        user = self._create_user(name=user_name,
                                 email=user_email,
                                 password='******')
        self.assertIsNotNone(user)
        self.assertTrue(user['enabled'])

        # This should work for both v2 and v3
        new_user = self.cloud.update_user(user['id'],
                                          password='******')
        self.assertIsNotNone(new_user)
        self.assertEqual(user['id'], new_user['id'])
        self.assertEqual(user_name, new_user['name'])
        self.assertEqual(user_email, new_user['email'])
        self.assertTrue(new_user['enabled'])
        self.assertIsNotNone(operator_cloud(
            username=user_name, password='******',
            auth_url=self.cloud.auth['auth_url']).keystone_client)
def main():

    argument_spec = openstack_full_argument_spec(
        name=dict(required=False, default=None),
        filters=dict(required=False, type='dict', default=None),
    )
    module_kwargs = openstack_module_kwargs(
        mutually_exclusive=[
            ['name', 'filters'],
        ]
    )
    module = AnsibleModule(argument_spec, **module_kwargs)

    if not HAS_SHADE:
        module.fail_json(msg='shade is required for this module')

    try:
        name = module.params['name']
        filters = module.params['filters']

        opcloud = shade.operator_cloud(**module.params)

        if name:
            # Let's suppose user is passing domain ID
            try:
                domains = cloud.get_domain(name)
            except:
                domains = opcloud.search_domains(filters={'name': name})

        else:
            domains = opcloud.search_domains(filters)

        module.exit_json(changed=False, ansible_facts=dict(
            openstack_domains=domains))

    except shade.OpenStackCloudException as e:
        module.fail_json(msg=str(e))
Exemple #59
0
 def setUp(self):
     super(TestIdentity, self).setUp()
     self.cloud = operator_cloud(cloud='devstack-admin')
     self.role_prefix = 'test_role' + ''.join(
         random.choice(string.ascii_lowercase) for _ in range(5))
     self.addCleanup(self._cleanup_roles)
Exemple #60
0
 def setUp(self):
     super(TestUsers, self).setUp()
     self.cloud = shade.operator_cloud(validate=False)