def main():
module = AnsibleModule(
argument_spec=dict(
src=dict(default=None, required=True, type="path"),
dst=dict(default=None, required=True, type="path"),
),
add_file_common_args=True,
supports_check_mode=False
)
src = os.path.abspath(os.path.expanduser(module.params['src']))
dst = os.path.abspath(os.path.expanduser(module.params['dst']))
exists = os.path.lexists(dst)
changed = not (exists and os.path.islink(dst) and os.readlink(dst) == src)
if changed:
try:
if exists:
if os.path.isdir(dst):
shutil.rmtree(dst, ignore_errors=False)
else:
os.unlink(dst)
os.symlink(src, dst)
except Exception as e:
module.fail_json(msg="operation failed: {}".format(str(e)))
module.exit_json(changed=changed)
def main():
module = AnsibleModule(
argument_spec = dict(
recipe = dict(required=True, type='str'),
username = dict(required=True, type='str'),
password = dict(required=True, type='str'),
hostname = dict(default="127.0.0.1", type="str"),
port = dict(default=80, type="int")
)
)
xos_auth=(module.params['username'], module.params['password'])
url = "http://%s:%d/api/utility/tosca/run/" % (module.params['hostname'], module.params['port'])
r = requests.post(url, data={"recipe": module.params['recipe']}, auth=xos_auth)
if (r.status_code != 200):
try:
error_text=r.json()["error_text"]
except:
error_text="error while formatting the error: " + traceback.format_exc()
module.fail_json(msg=error_text, rc=r.status_code)
result = r.json()
if "log_msgs" in result:
module.exit_json(changed=True, msg="\n".join(result["log_msgs"])+"\n")
else:
module.exit_json(changed=True, msg="success")
def main():
argument_spec = vmware_argument_spec()
argument_spec.update(dict(vmk_name=dict(required=True, type='str'),
ip_address=dict(required=True, type='str'),
subnet_mask=dict(required=True, type='str')))
module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=False)
if not HAS_PYVMOMI:
module.fail_json(msg='pyvmomi is required for this module')
vmk_name = module.params['vmk_name']
ip_address = module.params['ip_address']
subnet_mask = module.params['subnet_mask']
try:
content = connect_to_api(module, False)
host = get_all_objs(content, [vim.HostSystem])
if not host:
module.fail_json(msg="Unable to locate Physical Host.")
host_system = host.keys()[0]
changed = configure_vmkernel_ip_address(host_system, vmk_name, ip_address, subnet_mask)
module.exit_json(changed=changed)
except vmodl.RuntimeFault as runtime_fault:
module.fail_json(msg=runtime_fault.msg)
except vmodl.MethodFault as method_fault:
module.fail_json(msg=method_fault.msg)
except Exception as e:
module.fail_json(msg=str(e))
def main():
argument_spec = vmware_argument_spec()
argument_spec.update(
name=dict(type='str'),
name_match=dict(type='str', choices=['first', 'last'], default='first'),
uuid=dict(type='str'),
folder=dict(type='str', default='/vm'),
datacenter=dict(type='str', required=True),
)
module = AnsibleModule(argument_spec=argument_spec,
required_one_of=[['name', 'uuid']])
# FindByInventoryPath() does not require an absolute path
# so we should leave the input folder path unmodified
module.params['folder'] = module.params['folder'].rstrip('/')
pyv = PyVmomiHelper(module)
# Check if the VM exists before continuing
vm = pyv.getvm(name=module.params['name'],
folder=module.params['folder'],
uuid=module.params['uuid'])
# VM already exists
if vm:
try:
module.exit_json(instance=pyv.gather_facts(vm))
except Exception as exc:
module.fail_json(msg="Fact gather failed with exception %s" % to_text(exc))
else:
msg = "Unable to gather facts for non-existing VM "
if module.params['name']:
msg += "%(name)s" % module.params
elif module.params['uuid']:
msg += "%(uuid)s" % module.params
module.fail_json(msg=msg)
def main():
argument_spec = rax_argument_spec()
argument_spec.update(
dict(
name=dict(required=True),
public_key=dict(),
state=dict(default='present', choices=['absent', 'present']),
)
)
module = AnsibleModule(
argument_spec=argument_spec,
required_together=rax_required_together(),
)
if not HAS_PYRAX:
module.fail_json(msg='pyrax is required for this module')
name = module.params.get('name')
public_key = module.params.get('public_key')
state = module.params.get('state')
setup_rax_module(module, pyrax)
rax_keypair(module, name, public_key, state)
def main():
argument_spec = vmware_argument_spec()
argument_spec.update(dict(target_id=dict(required=True, type='int')))
module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=False)
if not HAS_PYVMOMI:
module.fail_json(msg='pyvmomi is required for this module')
content = connect_to_api(module)
host = find_hostsystem(content)
target_lun_uuid = {}
scsilun_canonical = {}
# Associate the scsiLun key with the canonicalName (NAA)
for scsilun in host.config.storageDevice.scsiLun:
scsilun_canonical[scsilun.key] = scsilun.canonicalName
# Associate target number with LUN uuid
for target in host.config.storageDevice.scsiTopology.adapter[0].target:
for lun in target.lun:
target_lun_uuid[target.target] = lun.scsiLun
module.exit_json(changed=False, canonical=scsilun_canonical[target_lun_uuid[module.params['target_id']]])
def main():
module = AnsibleModule(
argument_spec=dict(
state=dict(default='present', choices=['present', 'absent']),
name=dict(required=True),
repo=dict(default='https://cran.rstudio.com/')
)
)
state = module.params['state']
name = module.params['name']
changed = False
version = get_installed_version(module)
if state == 'present' and not version:
stderr = install(module)
version = get_installed_version(module)
if not version:
module.fail_json(
msg='Failed to install {name:}: {err:}'.format(
name=name, err=stderr, version=version))
changed = True
elif state == 'absent' and version:
stderr = uninstall(module)
version = get_installed_version(module)
if version:
module.fail_json(
msg='Failed to install {name:}: {err:}'.format(
name=name, err=stderr))
changed = True
module.exit_json(changed=changed, name=name, version=version)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
name=dict(required=True, type='str'),
adjustment_type=dict(type='str', choices=['ChangeInCapacity', 'ExactCapacity', 'PercentChangeInCapacity']),
asg_name=dict(required=True, type='str'),
scaling_adjustment=dict(type='int'),
min_adjustment_step=dict(type='int'),
cooldown=dict(type='int'),
state=dict(default='present', choices=['present', 'absent']),
)
)
module = AnsibleModule(argument_spec=argument_spec)
if not HAS_BOTO:
module.fail_json(msg='boto required for this module')
region, ec2_url, aws_connect_params = get_aws_connection_info(module)
state = module.params.get('state')
try:
connection = connect_to_aws(boto.ec2.autoscale, region, **aws_connect_params)
except (boto.exception.NoAuthHandlerFound, AnsibleAWSError) as e:
module.fail_json(msg=str(e))
if state == 'present':
create_scaling_policy(connection, module)
elif state == 'absent':
delete_scaling_policy(connection, module)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
load_balancer_arn=dict(type='str'),
target_group_arns=dict(type='list'),
names=dict(type='list')
)
)
module = AnsibleModule(argument_spec=argument_spec,
mutually_exclusive=['load_balancer_arn', 'target_group_arns', 'names'],
supports_check_mode=True
)
if not HAS_BOTO3:
module.fail_json(msg='boto3 required for this module')
region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True)
if region:
connection = boto3_conn(module, conn_type='client', resource='elbv2', region=region, endpoint=ec2_url, **aws_connect_params)
else:
module.fail_json(msg="region must be specified")
list_target_groups(connection, module)
def main():
module = AnsibleModule(
argument_spec={
"gitlab_url": {"required": True, type: "bytes"},
"gitlab_project": {"required": False, "default": None, type: "bytes"},
"gitlab_token": {"required": True, type: "bytes"},
"variables": {"required": True, "type": "dict"},
},
supports_check_mode=True
)
if not HAS_GITLABBUILDVARIABLES:
module.fail_json(msg="gitlabbuildvariables is required for this module")
gitlab_config = GitLabConfig(module.params["gitlab_url"], module.params["gitlab_token"])
gitlab_project = module.params["gitlab_project"]
project_updater_builder = DictBasedProjectVariablesUpdaterBuilder({"variables": module.params["variables"]})
updater = project_updater_builder.build(project=gitlab_project, groups=["variables"],
gitlab_config=gitlab_config)
update_required = updater.update_required()
if module.check_mode:
module.exit_json(changed=update_required)
else:
if not update_required:
module.exit_json(changed=False, message="Gitlab build variables already set")
else:
updater.update()
module.exit_json(changed=True, message="Gitlab build variables updated successfully")
def main():
"""main entry point for module execution
"""
argument_spec = dict(
commands=dict(type='list', required=True),
wait_for=dict(type='list', aliases=['waitfor']),
match=dict(default='all', choices=['all', 'any']),
retries=dict(default=10, type='int'),
interval=dict(default=1, type='int')
)
argument_spec.update(ios_argument_spec)
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
result = {'changed': False}
warnings = list()
check_args(module, warnings)
commands = parse_commands(module, warnings)
result['warnings'] = warnings
wait_for = module.params['wait_for'] or list()
conditionals = [Conditional(c) for c in wait_for]
retries = module.params['retries']
interval = module.params['interval']
match = module.params['match']
while retries > 0:
responses = run_commands(module, commands)
for item in list(conditionals):
if item(responses):
if match == 'any':
conditionals = list()
break
conditionals.remove(item)
if not conditionals:
break
time.sleep(interval)
retries -= 1
if conditionals:
failed_conditions = [item.raw for item in conditionals]
msg = 'One or more conditional statements have not been satisfied'
module.fail_json(msg=msg, failed_conditions=failed_conditions)
result.update({
'changed': False,
'stdout': responses,
'stdout_lines': list(to_lines(responses))
})
module.exit_json(**result)
def main():
module = AnsibleModule(
argument_spec=dict(
name=dict(type='str'),
count=dict(default=1, type='int'),
state=dict(choices=['present', 'absent']),
),
)
try:
d = Dummy()
execute_output = d.execute(module)
json_output = {}
host = execute_output.get('host')
changed = execute_output.get('changed')
if host or changed is not None:
json_output['changed'] = True
json_output.update(execute_output)
else:
json_output['changed'] = False
module.exit_json(**json_output)
except Exception as e:
module.fail_json(msg=str(e))
def main():
argument_spec = rax_argument_spec()
argument_spec.update(
dict(
state=dict(default='present', choices=['present', 'absent']),
label=dict(required=True),
notification_type=dict(required=True, choices=['webhook', 'email', 'pagerduty']),
details=dict(required=True, type='dict')
)
)
module = AnsibleModule(
argument_spec=argument_spec,
required_together=rax_required_together()
)
if not HAS_PYRAX:
module.fail_json(msg='pyrax is required for this module')
state = module.params.get('state')
label = module.params.get('label')
notification_type = module.params.get('notification_type')
details = module.params.get('details')
setup_rax_module(module, pyrax)
notification(module, state, label, notification_type, details)
def main():
module = AnsibleModule(
argument_spec=dict(
state=dict(required=True, choices=['present', 'absent']),
name=dict(required=False),
apikey=dict(required=True),
apiid=dict(required=True),
validate_certs = dict(default='yes', type='bool'),
)
)
state = module.params['state']
name= module.params['name']
apikey = module.params['api_key']
apiid = module.params['api_id']
if state == "present":
(rc, result) = create_meter(module, name, apiid, apikey)
if state == "absent":
(rc, result) = delete_meter(module, name, apiid, apikey)
if rc != 0:
module.fail_json(msg=result)
module.exit_json(status=result,changed=True)
def main():
Module = AnsibleModule(
argument_spec=dict(
env_id=dict(required=False, type='str'),
name=dict(required=True, type='str'),
release=dict(required=False, type='str')
)
)
env_id = Module.params['env_id']
release = Module.params['release']
repo_name = Module.params['name']
try:
if not env_id and not release:
raise BaseException("Either env_id or release must be given")
if env_id and repo_name:
remove_from_env(env_id, repo_name)
if release and repo_name:
remove_from_release(release, repo_name)
except Exception as e:
Module.fail_json(msg="Exception occurred {}".format(e))
Module.exit_json(changed=True, result=0)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
vpc_id=dict(),
name=dict(),
nacl_id=dict(),
subnets=dict(required=False, type='list', default=list()),
tags=dict(required=False, type='dict'),
ingress=dict(required=False, type='list', default=list()),
egress=dict(required=False, type='list', default=list()),
state=dict(default='present', choices=['present', 'absent']),
),
)
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True,
required_one_of=[['name', 'nacl_id']],
required_if=[['state', 'present', ['vpc_id']]])
if not HAS_BOTO3:
module.fail_json(msg='json, botocore and boto3 are required.')
state = module.params.get('state').lower()
try:
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
client = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs)
except botocore.exceptions.NoCredentialsError as e:
module.fail_json(msg="Can't authorize connection - %s" % str(e))
invocations = {
"present": setup_network_acl,
"absent": remove_network_acl
}
(changed, results) = invocations[state](client, module)
module.exit_json(changed=changed, nacl_id=results)
def main():
argument_spec = ovirt_full_argument_spec(
authz_name=dict(required=True, aliases=['domain']),
user_name=dict(rdefault=None),
group_name=dict(default=None),
namespace=dict(default=None),
)
module = AnsibleModule(argument_spec)
check_sdk(module)
try:
connection = create_connection(module.params.pop('auth'))
permissions_service = _permissions_service(connection, module)
permissions = []
for p in permissions_service.list():
newperm = dict()
for key, value in p.__dict__.items():
if value and isinstance(value, sdk.Struct):
newperm[key[1:]] = get_link_name(connection, value)
permissions.append(newperm)
module.exit_json(
changed=False,
ansible_facts=dict(ovirt_permissions=permissions),
)
except Exception as e:
module.fail_json(msg=str(e), exception=traceback.format_exc())
finally:
connection.close(logout=False)
def main():
module = AnsibleModule(
argument_spec=dict(
state=dict(type='str', default='file', choices=['file', 'directory']),
path=dict(type='path'),
prefix=dict(type='str', default='ansible.'),
suffix=dict(type='str', default=''),
),
)
try:
if module.params['state'] == 'file':
handle, path = mkstemp(
prefix=module.params['prefix'],
suffix=module.params['suffix'],
dir=module.params['path'],
)
close(handle)
elif module.params['state'] == 'directory':
path = mkdtemp(
prefix=module.params['prefix'],
suffix=module.params['suffix'],
dir=module.params['path'],
)
module.exit_json(changed=True, path=path)
except Exception as e:
module.fail_json(msg=to_native(e), exception=format_exc())
def main():
''' ansible oc module for secrets '''
module = AnsibleModule(
argument_spec=dict(
state=dict(default='present', type='str',
choices=['present', 'absent', 'list']),
debug=dict(default=False, type='bool'),
src=dict(default=None, type='str'),
content=dict(default=None),
content_type=dict(default='dict', choices=['dict']),
key=dict(default='', type='str'),
value=dict(),
value_type=dict(default='', type='str'),
update=dict(default=False, type='bool'),
append=dict(default=False, type='bool'),
index=dict(default=None, type='int'),
curr_value=dict(default=None, type='str'),
curr_value_format=dict(default='yaml',
choices=['yaml', 'json', 'str'],
type='str'),
backup=dict(default=True, type='bool'),
separator=dict(default='.', type='str'),
),
mutually_exclusive=[["curr_value", "index"], ['update', "append"]],
required_one_of=[["content", "src"]],
)
rval = Yedit.run_ansible(module)
if 'failed' in rval and rval['failed']:
module.fail_json(**rval)
module.exit_json(**rval)
def main():
module = AnsibleModule(
argument_spec=dict(
description=dict(type='str', required=False),
external=dict(type='bool', required=False),
gidnumber=dict(type='str', required=False, aliases=['gid']),
cn=dict(type='str', required=True, aliases=['name']),
nonposix=dict(type='str', required=False),
state=dict(type='str', required=False, default='present', choices=['present', 'absent']),
ipa_prot=dict(type='str', required=False, default='https', choices=['http', 'https']),
ipa_host=dict(type='str', required=False, default='ipa.example.com'),
ipa_port=dict(type='int', required=False, default=443),
ipa_user=dict(type='str', required=False, default='admin'),
ipa_pass=dict(type='str', required=True, no_log=True),
),
supports_check_mode=True,
)
client = IPAClient(module=module,
host=module.params['ipa_host'],
port=module.params['ipa_port'],
username=module.params['ipa_user'],
password=module.params['ipa_pass'],
protocol=module.params['ipa_prot'])
try:
client.login()
changed, group = ensure(module, client)
module.exit_json(changed=changed, group=group)
except Exception as e:
module.fail_json(msg=e.message)
def main():
''' ansible oc module for secrets '''
module = AnsibleModule(
argument_spec=dict(
query=dict(default='offer', choices=['offer', 'operation']),
publisher=dict(default='redhat', type='str'),
debug=dict(default=False, type='bool'),
tenant_id=dict(default=os.environ.get('AZURE_TENANT_ID'), type='str'),
client_id=dict(default=os.environ.get('AZURE_CLIENT_ID'), type='str'),
client_secret=dict(default=os.environ.get('AZURE_CLIENT_SECRET'), type='str'),
offer=dict(default=None, type='str'),
operation=dict(default=None, type='str'),
status=dict(default=None, type='str'),
),
)
# Verify we recieved either a valid key or edits with valid keys when receiving a src file.
# A valid key being not None or not ''.
if (module.params['tenant_id'] is None or module.params['client_id'] is None or
module.params['client_secret'] is None):
return module.fail_json(**{'failed': True,
'msg': 'Please specify tenant_id, client_id, and client_secret'})
rval = AzurePublisher.run_ansible(module.params)
if int(rval['status_code']) == 404:
rval['msg'] = 'Offer does not exist.'
elif int(rval['status_code']) >= 300:
rval['msg'] = 'Error.'
return module.fail_json(**rval)
return module.exit_json(**rval)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(state=dict(default='present', choices=['present', 'absent']),
name=dict(),
amazon_asn=dict(),
virtual_gateway_id=dict(),
direct_connect_gateway_id=dict(),
wait_timeout=dict(type='int', default=320)))
required_if = [('state', 'present', ['name', 'amazon_asn']),
('state', 'absent', ['direct_connect_gateway_id'])]
module = AnsibleModule(argument_spec=argument_spec,
required_if=required_if)
if not HAS_BOTO3:
module.fail_json(msg='boto3 is required for this module')
state = module.params.get('state')
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
client = boto3_conn(module, conn_type='client', resource='directconnect', region=region, endpoint=ec2_url, **aws_connect_kwargs)
if state == 'present':
(changed, results) = ensure_present(client, module)
elif state == 'absent':
changed = ensure_absent(client, module)
results = {}
module.exit_json(changed=changed, **camel_dict_to_snake_dict(results))
def main():
argument_spec = ovirt_full_argument_spec(
pattern=dict(default='', required=False),
)
module = AnsibleModule(argument_spec)
check_sdk(module)
try:
connection = create_connection(module.params.pop('auth'))
vms_service = connection.system_service().vms_service()
vms = vms_service.list(search=module.params['pattern'])
module.exit_json(
changed=False,
ansible_facts=dict(
ovirt_vms=[
get_dict_of_struct(
struct=c,
connection=connection,
fetch_nested=1,
attributes=['name', 'description'],
) for c in vms
],
),
)
except Exception as e:
module.fail_json(msg=str(e), exception=traceback.format_exc())
finally:
connection.close(logout=False)
def _main():
"""
Entrypoint.
"""
module = AnsibleModule(
argument_spec={
'name': {'required': True, 'type': 'str'},
'version': {'default': None, 'required': False, 'type': 'str'},
'state': {
'default': 'present',
'required': False,
'choices': ['present', 'absent', 'latest']
},
'channels': {'default': None, 'required': False},
'executable': {'default': None, 'required': False},
'extra_args': {'default': None, 'required': False, 'type': 'str'}
},
supports_check_mode=True)
conda = find_conda(module.params['executable'])
name = module.params['name']
state = module.params['state']
version = module.params['version']
if state == 'latest' and version is not None:
module.fail_json(msg='`version` must not be set if `state == "latest"` (`latest` upgrades to newest version)')
def command_runner(command):
return _run_conda_command(module, command)
run_package_operation(
conda, name, version, state, module.check_mode, command_runner, module.fail_json, module.exit_json)
def main():
argument_spec = vmware_argument_spec()
argument_spec.update(
name=dict(type='str'),
uuid=dict(type='str'),
folder=dict(type='str'),
datacenter=dict(required=True, type='str'),
)
module = AnsibleModule(argument_spec=argument_spec,
required_together=[['name', 'folder']],
required_one_of=[['name', 'uuid']],
)
if module.params['folder']:
# FindByInventoryPath() does not require an absolute path
# so we should leave the input folder path unmodified
module.params['folder'] = module.params['folder'].rstrip('/')
pyv = PyVmomiHelper(module)
# Check if the VM exists before continuing
vm = pyv.get_vm()
if not vm:
# If UUID is set, getvm select UUID, show error message accordingly.
module.fail_json(msg="Unable to gather facts about snapshots for"
" non-existing VM ['%s']" % (module.params.get('uuid') or
module.params.get('name')))
results = dict(changed=False, guest_snapshots=pyv.gather_guest_snapshot_facts(vm_obj=vm))
module.exit_json(**results)
def main():
argument_spec = vmware_argument_spec()
argument_spec.update(dict(datacenter=dict(required=True, type='str'),
cluster=dict(required=True, type='str'),
resource_pool=dict(required=True, type='str'),
mem_shares=dict(type='str', default="normal", choices=[
'high', 'custom', 'normal', 'low']),
mem_limit=dict(type='int', default=-1),
mem_reservation=dict(type='int', default=0),
mem_expandable_reservations=dict(
type='bool', default="True"),
cpu_shares=dict(type='str', default="normal", choices=[
'high', 'custom', 'normal', 'low']),
cpu_limit=dict(type='int', default=-1),
cpu_reservation=dict(type='int', default=0),
cpu_expandable_reservations=dict(
type='bool', default="True"),
state=dict(default='present', choices=['present', 'absent'], type='str')))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
if not HAS_PYVMOMI:
module.fail_json(msg='pyvmomi is required for this module')
vmware_rp = VMwareResourcePool(module)
vmware_rp.process_state()
def main():
argument_spec = ovirt_facts_full_argument_spec(
pattern=dict(default='', required=False),
)
module = AnsibleModule(argument_spec)
check_sdk(module)
try:
auth = module.params.pop('auth')
connection = create_connection(auth)
users_service = connection.system_service().users_service()
users = users_service.list(search=module.params['pattern'])
module.exit_json(
changed=False,
ansible_facts=dict(
ovirt_users=[
get_dict_of_struct(
struct=c,
connection=connection,
fetch_nested=module.params.get('fetch_nested'),
attributes=module.params.get('nested_attributes'),
) for c in users
],
),
)
except Exception as e:
module.fail_json(msg=str(e), exception=traceback.format_exc())
finally:
connection.close(logout=auth.get('token') is None)
def main():
argument_spec = vmware_argument_spec()
argument_spec.update(
name=dict(type='str'),
datacenter=dict(type='str'),
cluster=dict(type='str')
)
module = AnsibleModule(argument_spec=argument_spec,
required_one_of=[
['cluster', 'datacenter'],
],
)
result = dict(changed=False)
pyv = PyVmomiHelper(module)
if module.params['cluster']:
dxs = pyv.lookup_datastore_by_cluster()
else:
dxs = pyv.lookup_datastore()
datastores = list()
for ds in dxs:
summary = ds.summary
dds = dict()
dds['accessible'] = summary.accessible
dds['capacity'] = summary.capacity
dds['name'] = summary.name
dds['freeSpace'] = summary.freeSpace
dds['maintenanceMode'] = summary.maintenanceMode
dds['multipleHostAccess'] = summary.multipleHostAccess
dds['type'] = summary.type
# vcsim does not return uncommitted
if not summary.uncommitted:
summary.uncommitted = 0
dds['uncommitted'] = summary.uncommitted
dds['url'] = summary.url
# Calculated values
dds['provisioned'] = summary.capacity - summary.freeSpace + summary.uncommitted
dds['datastore_cluster'] = 'N/A'
if isinstance(ds.parent, vim.StoragePod):
dds['datastore_cluster'] = ds.parent.name
if module.params['name']:
if dds['name'] == module.params['name']:
datastores.extend([dds])
else:
datastores.extend([dds])
result['datastores'] = datastores
# found a datastore
if datastores:
module.exit_json(**result)
else:
msg = "Unable to gather datastore facts"
if module.params['name']:
msg += " for %(name)s" % module.params
msg += " in datacenter %(datacenter)s" % module.params
module.fail_json(msg=msg)
def main():
module = AnsibleModule(
argument_spec=dict(
nsc_host=dict(type='str', required=True),
nsc_protocol=dict(type='str', default='https'),
user=dict(type='str', required=True),
password=dict(type='str', required=True, no_log=True),
action=dict(type='str', default='enable', choices=['disable', 'enable']),
name=dict(type='str', default=socket.gethostname()),
type=dict(type='str', default='server', choices=['server', 'service']),
validate_certs=dict(type='bool', default=True),
),
)
rc = 0
try:
rc, result = core(module)
except Exception as e:
module.fail_json(msg=to_native(e), exception=traceback.format_exc())
if rc != 0:
module.fail_json(rc=rc, msg=result)
else:
result['changed'] = True
module.exit_json(**result)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
name=dict(required=True, type='str'),
managed_policy=dict(default=[], type='list'),
state=dict(choices=['present', 'absent'], required=True),
purge_policy=dict(default=False, type='bool')
)
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True
)
if not HAS_BOTO3:
module.fail_json(msg='boto3 required for this module')
region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True)
connection = boto3_conn(module, conn_type='client', resource='iam', region=region, endpoint=ec2_url, **aws_connect_params)
state = module.params.get("state")
if state == 'present':
create_or_update_user(connection, module)
else:
destroy_user(connection, module)
def main():
argument_spec = ansible.module_utils.ec2.ec2_argument_spec()
argument_spec.update(
dict(
stack_name=dict(required=True),
template_parameters=dict(required=False, type='dict', default={}),
state=dict(default='present', choices=['present', 'absent']),
template=dict(default=None, required=False, type='path'),
notification_arns=dict(default=None, required=False),
stack_policy=dict(default=None, required=False),
disable_rollback=dict(default=False, type='bool'),
create_timeout=dict(default=None, type='int'),
template_url=dict(default=None, required=False),
template_body=dict(default=None, require=False),
template_format=dict(default=None,
choices=['json', 'yaml'],
required=False),
create_changeset=dict(default=False, type='bool'),
changeset_name=dict(default=None, required=False),
role_arn=dict(default=None, required=False),
tags=dict(default=None, type='dict'),
termination_protection=dict(default=None, type='bool'),
events_limit=dict(default=200, type='int'),
))
module = AnsibleModule(
argument_spec=argument_spec,
mutually_exclusive=[['template_url', 'template', 'template_body']],
supports_check_mode=True)
if not HAS_BOTO3:
module.fail_json(msg='boto3 and botocore are required for this module')
# collect the parameters that are passed to boto3. Keeps us from having so many scalars floating around.
stack_params = {
'Capabilities': ['CAPABILITY_IAM', 'CAPABILITY_NAMED_IAM'],
'ClientRequestToken': to_native(uuid.uuid4()),
}
state = module.params['state']
stack_params['StackName'] = module.params['stack_name']
if module.params['template'] is not None:
stack_params['TemplateBody'] = open(module.params['template'],
'r').read()
elif module.params['template_body'] is not None:
stack_params['TemplateBody'] = module.params['template_body']
elif module.params['template_url'] is not None:
stack_params['TemplateURL'] = module.params['template_url']
if module.params.get('notification_arns'):
stack_params['NotificationARNs'] = module.params[
'notification_arns'].split(',')
else:
stack_params['NotificationARNs'] = []
# can't check the policy when verifying.
if module.params[
'stack_policy'] is not None and not module.check_mode and not module.params[
'create_changeset']:
stack_params['StackPolicyBody'] = open(module.params['stack_policy'],
'r').read()
template_parameters = module.params['template_parameters']
stack_params['Parameters'] = []
for k, v in template_parameters.items():
if isinstance(v, dict):
# set parameter based on a dict to allow additional CFN Parameter Attributes
param = dict(ParameterKey=k)
if 'value' in v:
param['ParameterValue'] = str(v['value'])
if 'use_previous_value' in v and bool(v['use_previous_value']):
param['UsePreviousValue'] = True
param.pop('ParameterValue', None)
stack_params['Parameters'].append(param)
else:
# allow default k/v configuration to set a template parameter
stack_params['Parameters'].append({
'ParameterKey': k,
'ParameterValue': str(v)
})
if isinstance(module.params.get('tags'), dict):
stack_params[
'Tags'] = ansible.module_utils.ec2.ansible_dict_to_boto3_tag_list(
module.params['tags'])
if module.params.get('role_arn'):
stack_params['RoleARN'] = module.params['role_arn']
result = {}
try:
region, ec2_url, aws_connect_kwargs = ansible.module_utils.ec2.get_aws_connection_info(
module, boto3=True)
cfn = ansible.module_utils.ec2.boto3_conn(module,
conn_type='client',
resource='cloudformation',
region=region,
endpoint=ec2_url,
**aws_connect_kwargs)
except botocore.exceptions.NoCredentialsError as e:
module.fail_json(msg=boto_exception(e))
# Wrap the cloudformation client methods that this module uses with
# automatic backoff / retry for throttling error codes
backoff_wrapper = AWSRetry.jittered_backoff(retries=10,
delay=3,
max_delay=30)
cfn.describe_stack_events = backoff_wrapper(cfn.describe_stack_events)
cfn.create_stack = backoff_wrapper(cfn.create_stack)
cfn.list_change_sets = backoff_wrapper(cfn.list_change_sets)
cfn.create_change_set = backoff_wrapper(cfn.create_change_set)
cfn.update_stack = backoff_wrapper(cfn.update_stack)
cfn.describe_stacks = backoff_wrapper(cfn.describe_stacks)
cfn.list_stack_resources = backoff_wrapper(cfn.list_stack_resources)
cfn.delete_stack = backoff_wrapper(cfn.delete_stack)
if boto_supports_termination_protection(cfn):
cfn.update_termination_protection = backoff_wrapper(
cfn.update_termination_protection)
stack_info = get_stack_facts(cfn, stack_params['StackName'])
if module.check_mode:
if state == 'absent' and stack_info:
module.exit_json(changed=True,
msg='Stack would be deleted',
meta=[])
elif state == 'absent' and not stack_info:
module.exit_json(changed=False,
msg='Stack doesn\'t exist',
meta=[])
elif state == 'present' and not stack_info:
module.exit_json(changed=True,
msg='New stack would be created',
meta=[])
else:
module.exit_json(**check_mode_changeset(module, stack_params, cfn))
if state == 'present':
if not stack_info:
result = create_stack(module, stack_params, cfn,
module.params.get('events_limit'))
elif module.params.get('create_changeset'):
result = create_changeset(module, stack_params, cfn,
module.params.get('events_limit'))
else:
if module.params.get('termination_protection') is not None:
update_termination_protection(
module, cfn, stack_params['StackName'],
bool(module.params.get('termination_protection')))
result = update_stack(module, stack_params, cfn,
module.params.get('events_limit'))
# format the stack output
stack = get_stack_facts(cfn, stack_params['StackName'])
if result.get('stack_outputs') is None:
# always define stack_outputs, but it may be empty
result['stack_outputs'] = {}
for output in stack.get('Outputs', []):
result['stack_outputs'][
output['OutputKey']] = output['OutputValue']
stack_resources = []
reslist = cfn.list_stack_resources(StackName=stack_params['StackName'])
for res in reslist.get('StackResourceSummaries', []):
stack_resources.append({
"logical_resource_id":
res['LogicalResourceId'],
"physical_resource_id":
res.get('PhysicalResourceId', ''),
"resource_type":
res['ResourceType'],
"last_updated_time":
res['LastUpdatedTimestamp'],
"status":
res['ResourceStatus'],
"status_reason":
res.get('ResourceStatusReason') # can be blank, apparently
})
result['stack_resources'] = stack_resources
elif state == 'absent':
# absent state is different because of the way delete_stack works.
# problem is it it doesn't give an error if stack isn't found
# so must describe the stack first
try:
stack = get_stack_facts(cfn, stack_params['StackName'])
if not stack:
result = {'changed': False, 'output': 'Stack not found.'}
else:
if stack_params.get('RoleARN') is None:
cfn.delete_stack(StackName=stack_params['StackName'])
else:
cfn.delete_stack(StackName=stack_params['StackName'],
RoleARN=stack_params['RoleARN'])
result = stack_operation(
cfn, stack_params['StackName'], 'DELETE',
module.params.get('events_limit'),
stack_params.get('ClientRequestToken', None))
except Exception as err:
module.fail_json(msg=boto_exception(err),
exception=traceback.format_exc())
if module.params['template_format'] is not None:
result['warnings'] = [
('Argument `template_format` is deprecated '
'since Ansible 2.3, JSON and YAML templates are now passed '
'directly to the CloudFormation API.')
]
module.exit_json(**result)
def main():
argument_spec = dict(group=dict(required=True, type='str'),
interface=dict(required=True),
version=dict(choices=['1', '2'],
default='2',
required=False),
priority=dict(type='str', required=False),
preempt=dict(type='str',
choices=['disabled', 'enabled'],
required=False),
vip=dict(type='str', required=False),
auth_type=dict(choices=['text', 'md5'],
required=False),
auth_string=dict(type='str', required=False),
state=dict(choices=['absent', 'present'],
required=False,
default='present'),
include_defaults=dict(default=True),
config=dict(),
save=dict(type='bool', default=False))
argument_spec.update(nxos_argument_spec)
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
warnings = list()
check_args(module, warnings)
interface = module.params['interface'].lower()
group = module.params['group']
version = module.params['version']
state = module.params['state']
priority = module.params['priority']
preempt = module.params['preempt']
vip = module.params['vip']
auth_type = module.params['auth_type']
auth_string = module.params['auth_string']
transport = module.params['transport']
if state == 'present' and not vip:
module.fail_json(msg='the "vip" param is required when state=present')
for param in ['group', 'priority']:
if module.params[param] is not None:
validate_params(param, module)
intf_type = get_interface_type(interface)
if (intf_type != 'ethernet' and transport == 'cli'):
if is_default(interface, module) == 'DNE':
module.fail_json(msg='That interface does not exist yet. Create '
'it first.',
interface=interface)
if intf_type == 'loopback':
module.fail_json(msg="Loopback interfaces don't support HSRP.",
interface=interface)
mode = get_interface_mode(interface, intf_type, module)
if mode == 'layer2':
module.fail_json(msg='That interface is a layer2 port.\nMake it '
'a layer 3 port first.',
interface=interface)
if auth_type or auth_string:
if not (auth_type and auth_string):
module.fail_json(msg='When using auth parameters, you need BOTH '
'auth_type AND auth_string.')
args = dict(group=group,
version=version,
priority=priority,
preempt=preempt,
vip=vip,
auth_type=auth_type,
auth_string=auth_string)
proposed = dict((k, v) for k, v in args.items() if v is not None)
existing = get_hsrp_group(group, interface, module)
# This will enforce better practice with md5 and hsrp version.
if proposed.get('auth_type', None) == 'md5':
if proposed['version'] == '1':
module.fail_json(msg="It's recommended to use HSRP v2 "
"when auth_type=md5")
elif not proposed.get('auth_type', None) and existing:
if (proposed['version'] == '1' and existing['auth_type'] == 'md5'):
module.fail_json(msg="Existing auth_type is md5. It's recommended "
"to use HSRP v2 when using md5")
changed = False
end_state = existing
commands = []
if state == 'present':
delta = dict(set(proposed.items()).difference(existing.items()))
if delta:
command = get_commands_config_hsrp(delta, interface, args)
commands.extend(command)
elif state == 'absent':
if existing:
command = get_commands_remove_hsrp(group, interface)
commands.extend(command)
if commands:
if module.check_mode:
module.exit_json(changed=True, commands=commands)
else:
load_config(module, commands)
if transport == 'cli':
validate_config(body, vip, module)
changed = True
end_state = get_hsrp_group(group, interface, module)
if 'configure' in commands:
commands.pop(0)
results = {}
results['proposed'] = proposed
results['existing'] = existing
results['end_state'] = end_state
results['updates'] = commands
results['changed'] = changed
results['warnings'] = warnings
module.exit_json(**results)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"vpn_ipsec_manualkey_interface": {
"required": False, "type": "dict", "default": None,
"options": {
"addr_type": {"required": False, "type": "str",
"choices": ["4", "6"]},
"auth_alg": {"required": False, "type": "str",
"choices": ["null", "md5", "sha1",
"sha256", "sha384", "sha512"]},
"auth_key": {"required": False, "type": "str"},
"enc_alg": {"required": False, "type": "str",
"choices": ["null", "des"]},
"enc_key": {"required": False, "type": "str"},
"interface": {"required": False, "type": "str"},
"ip_version": {"required": False, "type": "str",
"choices": ["4", "6"]},
"local_gw": {"required": False, "type": "str"},
"local_gw6": {"required": False, "type": "str"},
"local_spi": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"remote_gw": {"required": False, "type": "str"},
"remote_gw6": {"required": False, "type": "str"},
"remote_spi": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_vpn_ipsec(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_vpn_ipsec(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
argument_spec = dict(
local_file=dict(type='str'),
remote_file=dict(type='str'),
file_system=dict(required=False, default='bootflash:'),
connect_ssh_port=dict(required=False, type='int', default=22),
file_pull=dict(type='bool', default=False),
file_pull_timeout=dict(type='int', default=300),
local_file_directory=dict(required=False, type='str'),
remote_scp_server=dict(type='str'),
remote_scp_server_user=dict(type='str'),
remote_scp_server_password=dict(no_log=True),
)
argument_spec.update(nxos_argument_spec)
required_if = [("file_pull", True, ["remote_file", "remote_scp_server"]),
("file_pull", False, ["local_file"])]
required_together = [['remote_scp_server',
'remote_scp_server_user',
'remote_scp_server_password']]
module = AnsibleModule(argument_spec=argument_spec,
required_if=required_if,
required_together=required_together,
supports_check_mode=True)
file_pull = module.params['file_pull']
if file_pull:
if not HAS_PEXPECT:
module.fail_json(
msg='library pexpect is required when file_pull is True but does not appear to be '
'installed. It can be installed using `pip install pexpect`'
)
else:
if not HAS_PARAMIKO:
module.fail_json(
msg='library paramiko is required when file_pull is False but does not appear to be '
'installed. It can be installed using `pip install paramiko`'
)
if not HAS_SCP:
module.fail_json(
msg='library scp is required when file_pull is False but does not appear to be '
'installed. It can be installed using `pip install scp`'
)
warnings = list()
check_args(module, warnings)
results = dict(changed=False, warnings=warnings)
local_file = module.params['local_file']
remote_file = module.params['remote_file']
file_system = module.params['file_system']
local_file_directory = module.params['local_file_directory']
results['transfer_status'] = 'No Transfer'
results['file_system'] = file_system
if file_pull:
src = remote_file.split('/')[-1]
local = local_file or src
if not module.check_mode:
copy_file_from_remote(module, local, local_file_directory, file_system=file_system)
results['transfer_status'] = 'Received'
results['changed'] = True
results['remote_file'] = src
results['local_file'] = local
else:
if not local_file_exists(module):
module.fail_json(msg="Local file {0} not found".format(local_file))
dest = remote_file or os.path.basename(local_file)
remote_exists = remote_file_exists(module, dest, file_system=file_system)
if not remote_exists:
results['changed'] = True
file_exists = False
else:
file_exists = True
if not module.check_mode and not file_exists:
transfer_file_to_device(module, dest)
results['transfer_status'] = 'Sent'
results['local_file'] = local_file
if remote_file is None:
remote_file = os.path.basename(local_file)
results['remote_file'] = remote_file
module.exit_json(**results)
def main():
module = AnsibleModule(
argument_spec=dict(
name=dict(type='str', required=True, aliases=['pkg']),
question=dict(type='str', aliases=['selection', 'setting']),
vtype=dict(type='str',
choices=[
'boolean', 'error', 'multiselect', 'note',
'password', 'seen', 'select', 'string', 'text',
'title'
]),
value=dict(type='str', aliases=['answer']),
unseen=dict(type='bool'),
),
required_together=(['question', 'vtype', 'value'], ),
supports_check_mode=True,
)
# TODO: enable passing array of options and/or debconf file from get-selections dump
pkg = module.params["name"]
question = module.params["question"]
vtype = module.params["vtype"]
value = module.params["value"]
unseen = module.params["unseen"]
prev = get_selections(module, pkg)
changed = False
msg = ""
if question is not None:
if vtype is None or value is None:
module.fail_json(
msg=
"when supplying a question you must supply a valid vtype and value"
)
if question not in prev or prev[question] != value:
changed = True
if changed:
if not module.check_mode:
rc, msg, e = set_selection(module, pkg, question, vtype, value,
unseen)
if rc:
module.fail_json(msg=e)
curr = {question: value}
if question in prev:
prev = {question: prev[question]}
else:
prev[question] = ''
if module._diff:
after = prev.copy()
after.update(curr)
diff_dict = {'before': prev, 'after': after}
else:
diff_dict = {}
module.exit_json(changed=changed,
msg=msg,
current=curr,
previous=prev,
diff=diff_dict)
module.exit_json(changed=changed, msg=msg, current=prev)
class AnsibleDockerClient(Client):
def __init__(self,
argument_spec=None,
supports_check_mode=False,
mutually_exclusive=None,
required_together=None,
required_if=None):
merged_arg_spec = dict()
merged_arg_spec.update(DOCKER_COMMON_ARGS)
if argument_spec:
merged_arg_spec.update(argument_spec)
self.arg_spec = merged_arg_spec
mutually_exclusive_params = []
mutually_exclusive_params += DOCKER_MUTUALLY_EXCLUSIVE
if mutually_exclusive:
mutually_exclusive_params += mutually_exclusive
required_together_params = []
required_together_params += DOCKER_REQUIRED_TOGETHER
if required_together:
required_together_params += required_together
self.module = AnsibleModule(
argument_spec=merged_arg_spec,
supports_check_mode=supports_check_mode,
mutually_exclusive=mutually_exclusive_params,
required_together=required_together_params,
required_if=required_if)
if not HAS_DOCKER_PY:
self.fail(
"Failed to import docker-py - %s. Try `pip install docker-py`"
% HAS_DOCKER_ERROR)
if LooseVersion(docker_version) < LooseVersion(MIN_DOCKER_VERSION):
self.fail(
"Error: docker-py version is %s. Minimum version required is %s."
% (docker_version, MIN_DOCKER_VERSION))
self.debug = self.module.params.get('debug')
self.check_mode = self.module.check_mode
self._connect_params = self._get_connect_params()
try:
super(AnsibleDockerClient, self).__init__(**self._connect_params)
except APIError as exc:
self.fail("Docker API error: %s" % exc)
except Exception as exc:
self.fail("Error connecting: %s" % exc)
def log(self, msg, pretty_print=False):
pass
# if self.debug:
# log_file = open('docker.log', 'a')
# if pretty_print:
# log_file.write(json.dumps(msg, sort_keys=True, indent=4, separators=(',', ': ')))
# log_file.write(u'\n')
# else:
# log_file.write(msg + u'\n')
def fail(self, msg):
self.module.fail_json(msg=msg)
@staticmethod
def _get_value(param_name, param_value, env_variable, default_value):
if param_value is not None:
# take module parameter value
if param_value in BOOLEANS_TRUE:
return True
if param_value in BOOLEANS_FALSE:
return False
return param_value
if env_variable is not None:
env_value = os.environ.get(env_variable)
if env_value is not None:
# take the env variable value
if param_name == 'cert_path':
return os.path.join(env_value, 'cert.pem')
if param_name == 'cacert_path':
return os.path.join(env_value, 'ca.pem')
if param_name == 'key_path':
return os.path.join(env_value, 'key.pem')
if env_value in BOOLEANS_TRUE:
return True
if env_value in BOOLEANS_FALSE:
return False
return env_value
# take the default
return default_value
@property
def auth_params(self):
# Get authentication credentials.
# Precedence: module parameters-> environment variables-> defaults.
self.log('Getting credentials')
params = dict()
for key in DOCKER_COMMON_ARGS:
params[key] = self.module.params.get(key)
if self.module.params.get('use_tls'):
# support use_tls option in docker_image.py. This will be deprecated.
use_tls = self.module.params.get('use_tls')
if use_tls == 'encrypt':
params['tls'] = True
if use_tls == 'verify':
params['tls_verify'] = True
result = dict(
docker_host=self._get_value('docker_host', params['docker_host'],
'DOCKER_HOST', DEFAULT_DOCKER_HOST),
tls_hostname=self._get_value('tls_hostname',
params['tls_hostname'],
'DOCKER_TLS_HOSTNAME', 'localhost'),
api_version=self._get_value('api_version', params['api_version'],
'DOCKER_API_VERSION', 'auto'),
cacert_path=self._get_value('cacert_path', params['cacert_path'],
'DOCKER_CERT_PATH', None),
cert_path=self._get_value('cert_path', params['cert_path'],
'DOCKER_CERT_PATH', None),
key_path=self._get_value('key_path', params['key_path'],
'DOCKER_CERT_PATH', None),
ssl_version=self._get_value('ssl_version', params['ssl_version'],
'DOCKER_SSL_VERSION', None),
tls=self._get_value('tls', params['tls'], 'DOCKER_TLS',
DEFAULT_TLS),
tls_verify=self._get_value('tls_verfy', params['tls_verify'],
'DOCKER_TLS_VERIFY',
DEFAULT_TLS_VERIFY),
timeout=self._get_value('timeout', params['timeout'],
'DOCKER_TIMEOUT', DEFAULT_TIMEOUT_SECONDS),
)
if result['tls_hostname'] is None:
# get default machine name from the url
parsed_url = urlparse(result['docker_host'])
if ':' in parsed_url.netloc:
result['tls_hostname'] = parsed_url.netloc[:parsed_url.netloc.
rindex(':')]
else:
result['tls_hostname'] = parsed_url
return result
def _get_tls_config(self, **kwargs):
self.log("get_tls_config:")
for key in kwargs:
self.log(" %s: %s" % (key, kwargs[key]))
try:
tls_config = TLSConfig(**kwargs)
return tls_config
except TLSParameterError as exc:
self.fail("TLS config error: %s" % exc)
def _get_connect_params(self):
auth = self.auth_params
self.log("connection params:")
for key in auth:
self.log(" %s: %s" % (key, auth[key]))
if auth['tls'] or auth['tls_verify']:
auth['docker_host'] = auth['docker_host'].replace(
'tcp://', 'https://')
if auth['tls'] and auth['cert_path'] and auth['key_path']:
# TLS with certs and no host verification
tls_config = self._get_tls_config(client_cert=(auth['cert_path'],
auth['key_path']),
verify=False,
ssl_version=auth['ssl_version'])
return dict(base_url=auth['docker_host'],
tls=tls_config,
version=auth['api_version'],
timeout=auth['timeout'])
if auth['tls']:
# TLS with no certs and not host verification
tls_config = self._get_tls_config(verify=False,
ssl_version=auth['ssl_version'])
return dict(base_url=auth['docker_host'],
tls=tls_config,
version=auth['api_version'],
timeout=auth['timeout'])
if auth['tls_verify'] and auth['cert_path'] and auth['key_path']:
# TLS with certs and host verification
if auth['cacert_path']:
tls_config = self._get_tls_config(
client_cert=(auth['cert_path'], auth['key_path']),
ca_cert=auth['cacert_path'],
verify=True,
assert_hostname=auth['tls_hostname'],
ssl_version=auth['ssl_version'])
else:
tls_config = self._get_tls_config(
client_cert=(auth['cert_path'], auth['key_path']),
verify=True,
assert_hostname=auth['tls_hostname'],
ssl_version=auth['ssl_version'])
return dict(base_url=auth['docker_host'],
tls=tls_config,
version=auth['api_version'],
timeout=auth['timeout'])
if auth['tls_verify'] and auth['cacert_path']:
# TLS with cacert only
tls_config = self._get_tls_config(
ca_cert=auth['cacert_path'],
assert_hostname=auth['tls_hostname'],
verify=True,
ssl_version=auth['ssl_version'])
return dict(base_url=auth['docker_host'],
tls=tls_config,
version=auth['api_version'],
timeout=auth['timeout'])
if auth['tls_verify']:
# TLS with verify and no certs
tls_config = self._get_tls_config(
verify=True,
assert_hostname=auth['tls_hostname'],
ssl_version=auth['ssl_version'])
return dict(base_url=auth['docker_host'],
tls=tls_config,
version=auth['api_version'],
timeout=auth['timeout'])
# No TLS
return dict(base_url=auth['docker_host'],
version=auth['api_version'],
timeout=auth['timeout'])
def _handle_ssl_error(self, error):
match = re.match(r"hostname.*doesn\'t match (\'.*\')", str(error))
if match:
msg = "You asked for verification that Docker host name matches %s. The actual hostname is %s. " \
"Most likely you need to set DOCKER_TLS_HOSTNAME or pass tls_hostname with a value of %s. " \
"You may also use TLS without verification by setting the tls parameter to true." \
% (self.auth_params['tls_hostname'], match.group(1), match.group(1))
self.fail(msg)
self.fail("SSL Exception: %s" % (error))
def get_container(self, name=None):
'''
Lookup a container and return the inspection results.
'''
if name is None:
return None
search_name = name
if not name.startswith('/'):
search_name = '/' + name
result = None
try:
for container in self.containers(all=True):
self.log("testing container: %s" % (container['Names']))
if isinstance(container['Names'],
list) and search_name in container['Names']:
result = container
break
if container['Id'].startswith(name):
result = container
break
if container['Id'] == name:
result = container
break
except SSLError as exc:
self._handle_ssl_error(exc)
except Exception as exc:
self.fail("Error retrieving container list: %s" % exc)
if result is not None:
try:
self.log("Inspecting container Id %s" % result['Id'])
result = self.inspect_container(container=result['Id'])
self.log("Completed container inspection")
except Exception as exc:
self.fail("Error inspecting container: %s" % exc)
return result
def find_image(self, name, tag):
'''
Lookup an image and return the inspection results.
'''
if not name:
return None
self.log("Find image %s:%s" % (name, tag))
images = self._image_lookup(name, tag)
if len(images) == 0:
# In API <= 1.20 seeing 'docker.io/<name>' as the name of images pulled from docker hub
registry, repo_name = auth.resolve_repository_name(name)
if registry == 'docker.io':
# the name does not contain a registry, so let's see if docker.io works
lookup = "docker.io/%s" % name
self.log("Check for docker.io image: %s" % lookup)
images = self._image_lookup(lookup, tag)
if len(images) > 1:
self.fail("Registry returned more than one result for %s:%s" %
(name, tag))
if len(images) == 1:
try:
inspection = self.inspect_image(images[0]['Id'])
except Exception as exc:
self.fail("Error inspecting image %s:%s - %s" %
(name, tag, str(exc)))
return inspection
self.log("Image %s:%s not found." % (name, tag))
return None
def _image_lookup(self, name, tag):
'''
Including a tag in the name parameter sent to the docker-py images method does not
work consistently. Instead, get the result set for name and manually check if the tag
exists.
'''
try:
response = self.images(name=name)
except Exception as exc:
self.fail("Error searching for image %s - %s" % (name, str(exc)))
images = response
if tag:
lookup = "%s:%s" % (name, tag)
images = []
for image in response:
tags = image.get('RepoTags')
if tags and lookup in tags:
images = [image]
break
return images
def pull_image(self, name, tag="latest"):
'''
Pull an image
'''
self.log("Pulling image %s:%s" % (name, tag))
alreadyToLatest = False
try:
for line in self.pull(name, tag=tag, stream=True, decode=True):
self.log(line, pretty_print=True)
if line.get('status'):
if line.get('status').startswith(
'Status: Image is up to date for'):
alreadyToLatest = True
if line.get('error'):
if line.get('errorDetail'):
error_detail = line.get('errorDetail')
self.fail("Error pulling %s - code: %s message: %s" %
(name, error_detail.get('code'),
error_detail.get('message')))
else:
self.fail("Error pulling %s - %s" %
(name, line.get('error')))
except Exception as exc:
self.fail("Error pulling image %s:%s - %s" % (name, tag, str(exc)))
return self.find_image(name, tag), alreadyToLatest
class NtpAuth(object):
"""Manage ntp authentication"""
def __init__(self, argument_spec):
self.spec = argument_spec
self.module = None
self.init_module()
# ntp_auth configration info
self.key_id = self.module.params['key_id']
self.password = self.module.params['auth_pwd'] or None
self.auth_mode = self.module.params['auth_mode'] or None
self.auth_type = self.module.params['auth_type']
self.trusted_key = self.module.params['trusted_key']
self.authentication = self.module.params['authentication'] or None
self.state = self.module.params['state']
self.check_params()
self.ntp_auth_conf = dict()
self.key_id_exist = False
self.cur_trusted_key = 'disable'
# state
self.changed = False
self.updates_cmd = list()
self.results = dict()
self.proposed = dict()
self.existing = list()
self.end_state = list()
self.get_ntp_auth_exist_config()
def check_params(self):
"""Check all input params"""
if not self.key_id.isdigit():
self.module.fail_json(
msg='Error: key_id is not digit.')
if (int(self.key_id) < 1) or (int(self.key_id) > 4294967295):
self.module.fail_json(
msg='Error: The length of key_id is between 1 and 4294967295.')
if self.state == "present":
if (self.auth_type == 'encrypt') and\
((len(self.password) < 20) or (len(self.password) > 392)):
self.module.fail_json(
msg='Error: The length of encrypted password is between 20 and 392.')
elif (self.auth_type == 'text') and\
((len(self.password) < 1) or (len(self.password) > 255)):
self.module.fail_json(
msg='Error: The length of text password is between 1 and 255.')
def init_module(self):
"""Init module object"""
required_if = [("state", "present", ("password", "auth_mode"))]
self.module = AnsibleModule(
argument_spec=self.spec,
required_if=required_if,
supports_check_mode=True
)
def check_response(self, xml_str, xml_name):
"""Check if response message is already sucjctanner.network_cloudengine.ceed."""
if "<ok/>" not in xml_str:
self.module.fail_json(msg='Error: %s failed.' % xml_name)
def get_ntp_auth_enable(self):
"""Get ntp authentication enable state"""
xml_str = CE_NC_GET_NTP_AUTH_ENABLE
con_obj = get_nc_config(self.module, xml_str)
if "<data/>" in con_obj:
return
# get ntp authentication enable
auth_en = re.findall(
r'.*<isAuthEnable>(.*)</isAuthEnable>.*', con_obj)
if auth_en:
if auth_en[0] == 'true':
self.ntp_auth_conf['authentication'] = 'enable'
else:
self.ntp_auth_conf['authentication'] = 'disable'
def get_ntp_all_auth_keyid(self):
"""Get all authentication keyid info"""
ntp_auth_conf = list()
xml_str = CE_NC_GET_ALL_NTP_AUTH_CONFIG
con_obj = get_nc_config(self.module, xml_str)
if "<data/>" in con_obj:
self.ntp_auth_conf["authentication-keyid"] = "None"
return ntp_auth_conf
# get ntp authentication config
ntp_auth = re.findall(
r'.*<keyId>(.*)</keyId>.*\s*<mode>(.*)</mode>.*\s*'
r'<keyVal>(.*)</keyVal>.*\s*<isReliable>(.*)</isReliable>.*', con_obj)
for ntp_auth_num in ntp_auth:
if ntp_auth_num[0] == self.key_id:
self.key_id_exist = True
if ntp_auth_num[3] == 'true':
self.cur_trusted_key = 'enable'
else:
self.cur_trusted_key = 'disable'
if ntp_auth_num[3] == 'true':
trusted_key = 'enable'
else:
trusted_key = 'disable'
ntp_auth_conf.append(dict(key_id=ntp_auth_num[0],
auth_mode=ntp_auth_num[1].lower(),
trusted_key=trusted_key))
self.ntp_auth_conf["authentication-keyid"] = ntp_auth_conf
return ntp_auth_conf
def get_ntp_auth_exist_config(self):
"""Get ntp authentication existed configure"""
self.get_ntp_auth_enable()
self.get_ntp_all_auth_keyid()
def config_ntp_auth_keyid(self):
"""Config ntp authentication keyid"""
if self.trusted_key == 'enable':
trusted_key = 'true'
else:
trusted_key = 'false'
xml_str = CE_NC_MERGE_NTP_AUTH_CONFIG % (
self.key_id, self.auth_mode.upper(), self.password, trusted_key)
ret_xml = set_nc_config(self.module, xml_str)
self.check_response(ret_xml, "NTP_AUTH_KEYID_CONFIG")
def config_ntp_auth_enable(self):
"""Config ntp authentication enable"""
if self.ntp_auth_conf['authentication'] != self.authentication:
if self.authentication == 'enable':
state = 'true'
else:
state = 'false'
xml_str = CE_NC_MERGE_NTP_AUTH_ENABLE % state
ret_xml = set_nc_config(self.module, xml_str)
self.check_response(ret_xml, "NTP_AUTH_ENABLE")
def undo_config_ntp_auth_keyid(self):
"""Undo ntp authentication key-id"""
xml_str = CE_NC_DELETE_NTP_AUTH_CONFIG % self.key_id
ret_xml = set_nc_config(self.module, xml_str)
self.check_response(ret_xml, "UNDO_NTP_AUTH_KEYID_CONFIG")
def cli_load_config(self, commands):
"""Load config by cli"""
if not self.module.check_mode:
load_config(self.module, commands)
def config_ntp_auth_keyid_by_cli(self):
"""Config ntp authentication keyid bye the way of CLI"""
commands = list()
config_cli = "ntp authentication-keyid %s authentication-mode %s %s" % (
self.key_id, self.auth_mode, self.password)
commands.append(config_cli)
self.cli_load_config(commands)
def config_ntp_auth(self):
"""Config ntp authentication"""
if self.state == "present":
if self.auth_type == 'encrypt':
self.config_ntp_auth_keyid()
else:
self.config_ntp_auth_keyid_by_cli()
else:
if not self.key_id_exist:
self.module.fail_json(
msg='Error: The Authentication-keyid does not exist.')
self.undo_config_ntp_auth_keyid()
if self.authentication:
self.config_ntp_auth_enable()
self.changed = True
def get_existing(self):
"""Get existing info"""
self.existing = copy.deepcopy(self.ntp_auth_conf)
def get_proposed(self):
"""Get proposed result"""
auth_type = self.auth_type
trusted_key = self.trusted_key
if self.state == 'absent':
auth_type = None
trusted_key = None
self.proposed = dict(key_id=self.key_id, auth_pwd=self.password,
auth_mode=self.auth_mode, auth_type=auth_type,
trusted_key=trusted_key, authentication=self.authentication,
state=self.state)
def get_update_cmd(self):
"""Get updated commands"""
cli_str = ""
if self.state == "present":
cli_str = "ntp authentication-keyid %s authentication-mode %s " % (
self.key_id, self.auth_mode)
if self.auth_type == 'encrypt':
cli_str = "%s cipher %s" % (cli_str, self.password)
else:
cli_str = "%s %s" % (cli_str, self.password)
else:
cli_str = "undo ntp authentication-keyid %s" % self.key_id
self.updates_cmd.append(cli_str)
if self.authentication:
cli_str = ""
if self.ntp_auth_conf['authentication'] != self.authentication:
if self.authentication == 'enable':
cli_str = "ntp authentication enable"
else:
cli_str = "undo ntp authentication enable"
if cli_str != "":
self.updates_cmd.append(cli_str)
cli_str = ""
if self.state == "present":
if self.trusted_key != self.cur_trusted_key:
if self.trusted_key == 'enable':
cli_str = "ntp trusted authentication-keyid %s" % self.key_id
else:
cli_str = "undo ntp trusted authentication-keyid %s" % self.key_id
else:
cli_str = "undo ntp trusted authentication-keyid %s" % self.key_id
if cli_str != "":
self.updates_cmd.append(cli_str)
def get_end_state(self):
"""Get end state info"""
self.ntp_auth_conf = dict()
self.get_ntp_auth_exist_config()
self.end_state = copy.deepcopy(self.ntp_auth_conf)
def show_result(self):
"""Show result"""
self.results['changed'] = self.changed
self.results['proposed'] = self.proposed
self.results['existing'] = self.existing
self.results['end_state'] = self.end_state
if self.changed:
self.results['updates'] = self.updates_cmd
else:
self.results['updates'] = list()
self.module.exit_json(**self.results)
def work(self):
"""Excute task"""
self.get_existing()
self.get_proposed()
self.get_update_cmd()
self.config_ntp_auth()
self.get_end_state()
self.show_result()
def main():
argument_spec = aci_argument_spec
argument_spec.update(
allow_useg=dict(type='str', choices=['encap', 'useg']),
ap=dict(type='str', aliases=['app_profile', 'app_profile_name']),
deploy_immediacy=dict(type='str', choices=['immediate', 'on-demand']),
domain=dict(type='str', aliases=['domain_name', 'domain_profile']),
domain_type=dict(type='str', choices=['phys', 'vmm'], aliases=['type']),
encap=dict(type='int'),
encap_mode=dict(type='str', choices=['auto', 'vlan', 'vxlan']),
epg=dict(type='str', aliases=['name', 'epg_name']),
netflow=dict(type='str', choices=['disabled', 'enabled']),
primary_encap=dict(type='int'),
resolution_immediacy=dict(type='str', choices=['immediate', 'lazy', 'pre-provision']),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
tenant=dict(type='str', aliases=['tenant_name']),
vm_provider=dict(type='str', choices=['microsoft', 'openstack', 'vmware']),
method=dict(type='str', choices=['delete', 'get', 'post'], aliases=['action'], removed_in_version='2.6'), # Deprecated starting from v2.6
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['domain_type', 'vmm', ['vm_provider']],
['state', 'absent', ['ap', 'domain', 'domain_type', 'epg', 'tenant']],
['state', 'present', ['ap', 'domain', 'domain_type', 'epg', 'tenant']],
],
)
allow_useg = module.params['allow_useg']
ap = module.params['ap']
deploy_immediacy = module.params['deploy_immediacy']
domain = module.params['domain']
domain_type = module.params['domain_type']
vm_provider = module.params['vm_provider']
encap = module.params['encap']
if encap is not None:
if encap in range(1, 4097):
encap = 'vlan-{0}'.format(encap)
else:
module.fail_json(msg='Valid VLAN assigments are from 1 to 4096')
encap_mode = module.params['encap_mode']
epg = module.params['epg']
netflow = module.params['netflow']
primary_encap = module.params['primary_encap']
if primary_encap is not None:
if primary_encap in range(1, 4097):
primary_encap = 'vlan-{0}'.format(primary_encap)
else:
module.fail_json(msg='Valid VLAN assigments are from 1 to 4096')
resolution_immediacy = module.params['resolution_immediacy']
state = module.params['state']
tenant = module.params['tenant']
if domain_type == 'phys' and vm_provider is not None:
module.fail_json(msg="Domain type 'phys' cannot have a 'vm_provider'")
# Compile the full domain for URL building
if domain_type == 'vmm':
epg_domain = '{0}{1}'.format(VM_PROVIDER_MAPPING[vm_provider], domain)
elif domain_type is not None:
epg_domain = 'uni/phys-{0}'.format(domain)
else:
epg_domain = None
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
filter_target='eq(fvTenant.name, "{0}")'.format(tenant),
module_object=tenant,
),
subclass_1=dict(
aci_class='fvAp',
aci_rn='ap-{0}'.format(ap),
filter_target='eq(fvAp.name, "{0}")'.format(ap),
module_object=ap,
),
subclass_2=dict(
aci_class='fvAEPg',
aci_rn='epg-{0}'.format(epg),
filter_target='eq(fvTenant.name, "{0}")'.format(epg),
module_object=epg,
),
subclass_3=dict(
aci_class='fvRsDomAtt',
aci_rn='rsdomAtt-[{0}]'.format(epg_domain),
filter_target='eq(fvRsDomAtt.tDn, "{0}")'.format(epg_domain),
module_object=epg_domain,
),
)
aci.get_existing()
if state == 'present':
# Filter out module parameters with null values
aci.payload(
aci_class='fvRsDomAtt',
class_config=dict(
classPref=allow_useg,
encap=encap,
encapMode=encap_mode,
instrImedcy=deploy_immediacy,
netflowPref=netflow,
primaryEncap=primary_encap,
resImedcy=resolution_immediacy,
),
)
# Generate config diff which will be used as POST request body
aci.get_diff(aci_class='fvRsDomAtt')
# Submit changes if module not in check_mode and the proposed is different than existing
aci.post_config()
elif state == 'absent':
aci.delete_config()
module.exit_json(**aci.result)
def main():
argument_spec = openstack_full_argument_spec(
name=dict(required=True),
zone_type=dict(required=False, choice=['primary', 'secondary']),
email=dict(required=False, default=None),
description=dict(required=False, default=None),
ttl=dict(required=False, default=None, type='int'),
masters=dict(required=False, default=None, type='list'),
state=dict(default='present', choices=['absent', 'present']),
)
module_kwargs = openstack_module_kwargs()
module = AnsibleModule(argument_spec,
supports_check_mode=True,
**module_kwargs)
name = module.params.get('name')
state = module.params.get('state')
wait = module.params.get('wait')
timeout = module.params.get('timeout')
sdk, cloud = openstack_cloud_from_module(module)
try:
zone = cloud.get_zone(name)
if state == 'present':
zone_type = module.params.get('zone_type')
email = module.params.get('email')
description = module.params.get('description')
ttl = module.params.get('ttl')
masters = module.params.get('masters')
if module.check_mode:
module.exit_json(changed=_system_state_change(
state, email, description, ttl, masters, zone))
if zone is None:
zone = cloud.create_zone(name=name,
zone_type=zone_type,
email=email,
description=description,
ttl=ttl,
masters=masters)
changed = True
else:
if masters is None:
masters = []
pre_update_zone = zone
changed = _system_state_change(state, email, description, ttl,
masters, pre_update_zone)
if changed:
zone = cloud.update_zone(name,
email=email,
description=description,
ttl=ttl,
masters=masters)
if wait:
_wait(timeout, cloud, zone, state, module, sdk)
module.exit_json(changed=changed, zone=zone)
elif state == 'absent':
if module.check_mode:
module.exit_json(changed=_system_state_change(
state, None, None, None, None, zone))
if zone is None:
changed = False
else:
cloud.delete_zone(name)
changed = True
if wait:
_wait(timeout, cloud, zone, state, module, sdk)
module.exit_json(changed=changed)
except sdk.exceptions.OpenStackCloudException as e:
module.fail_json(msg=str(e))
class NetAppCDOTUserRole(object):
def __init__(self):
self.argument_spec = netapp_utils.ontap_sf_host_argument_spec()
self.argument_spec.update(
dict(
state=dict(required=True, choices=['present', 'absent']),
name=dict(required=True, type='str'),
command_directory_name=dict(required=True, type='str'),
access_level=dict(required=False,
type='str',
default='all',
choices=['none', 'readonly', 'all']),
vserver=dict(required=True, type='str'),
))
self.module = AnsibleModule(argument_spec=self.argument_spec,
supports_check_mode=True)
p = self.module.params
# set up state variables
self.state = p['state']
self.name = p['name']
self.command_directory_name = p['command_directory_name']
self.access_level = p['access_level']
self.vserver = p['vserver']
if HAS_NETAPP_LIB is False:
self.module.fail_json(
msg="the python NetApp-Lib module is required")
else:
self.server = netapp_utils.setup_ontap_zapi(module=self.module)
def get_role(self):
"""
Checks if the role exists for specific command-directory-name.
:return:
True if role found
False if role is not found
:rtype: bool
"""
security_login_role_get_iter = netapp_utils.zapi.NaElement(
'security-login-role-get-iter')
query_details = netapp_utils.zapi.NaElement.create_node_with_children(
'security-login-role-info', **{
'vserver': self.vserver,
'role-name': self.name,
'command-directory-name': self.command_directory_name
})
query = netapp_utils.zapi.NaElement('query')
query.add_child_elem(query_details)
security_login_role_get_iter.add_child_elem(query)
try:
result = self.server.invoke_successfully(
security_login_role_get_iter, enable_tunneling=False)
except netapp_utils.zapi.NaApiError as e:
# Error 16031 denotes a role not being found.
if to_native(e.code) == "16031":
return False
else:
self.module.fail_json(msg='Error getting role %s: %s' %
(self.name, to_native(e)),
exception=traceback.format_exc())
if (result.get_child_by_name('num-records')
and int(result.get_child_content('num-records')) >= 1):
return True
else:
return False
def create_role(self):
role_create = netapp_utils.zapi.NaElement.create_node_with_children(
'security-login-role-create', **{
'vserver': self.vserver,
'role-name': self.name,
'command-directory-name': self.command_directory_name,
'access-level': self.access_level
})
try:
self.server.invoke_successfully(role_create,
enable_tunneling=False)
except netapp_utils.zapi.NaApiError as e:
self.module.fail_json(msg='Error creating role %s: %s' %
(self.name, to_native(e)),
exception=traceback.format_exc())
def delete_role(self):
role_delete = netapp_utils.zapi.NaElement.create_node_with_children(
'security-login-role-delete', **{
'vserver': self.vserver,
'role-name': self.name,
'command-directory-name': self.command_directory_name
})
try:
self.server.invoke_successfully(role_delete,
enable_tunneling=False)
except netapp_utils.zapi.NaApiError as e:
self.module.fail_json(msg='Error removing role %s: %s' %
(self.name, to_native(e)),
exception=traceback.format_exc())
def apply(self):
changed = False
role_exists = self.get_role()
if role_exists:
if self.state == 'absent':
changed = True
# Check if properties need to be updated
else:
if self.state == 'present':
changed = True
if changed:
if self.module.check_mode:
pass
else:
if self.state == 'present':
if not role_exists:
self.create_role()
# Update properties
elif self.state == 'absent':
self.delete_role()
self.module.exit_json(changed=changed)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": "False"
},
"system_dscp_based_priority": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"ds": {
"required": False,
"type": "int"
},
"id": {
"required": True,
"type": "int"
},
"priority": {
"required": False,
"type": "str",
"choices": ["low", "medium", "high"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
global fos
fos = FortiOSAPI()
is_error, has_changed, result = fortios_system(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
argument_spec = postgres_common_argument_spec()
argument_spec.update(
schema=dict(type="str", required=True, aliases=['name']),
owner=dict(type="str", default=""),
database=dict(type="str", default="postgres", aliases=["db", "login_db"]),
cascade_drop=dict(type="bool", default=False),
state=dict(type="str", default="present", choices=["absent", "present"]),
session_role=dict(type="str"),
trust_input=dict(type="bool", default=True),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
)
schema = module.params["schema"]
owner = module.params["owner"]
state = module.params["state"]
cascade_drop = module.params["cascade_drop"]
session_role = module.params["session_role"]
trust_input = module.params["trust_input"]
if not trust_input:
# Check input for potentially dangerous elements:
check_input(module, schema, owner, session_role)
changed = False
conn_params = get_conn_params(module, module.params)
db_connection = connect_to_db(module, conn_params, autocommit=True)
cursor = db_connection.cursor(cursor_factory=DictCursor)
try:
if module.check_mode:
if state == "absent":
changed = not schema_exists(cursor, schema)
elif state == "present":
changed = not schema_matches(cursor, schema, owner)
module.exit_json(changed=changed, schema=schema)
if state == "absent":
try:
changed = schema_delete(cursor, schema, cascade_drop)
except SQLParseError as e:
module.fail_json(msg=to_native(e), exception=traceback.format_exc())
elif state == "present":
try:
changed = schema_create(cursor, schema, owner)
except SQLParseError as e:
module.fail_json(msg=to_native(e), exception=traceback.format_exc())
except NotSupportedError as e:
module.fail_json(msg=to_native(e), exception=traceback.format_exc())
except SystemExit:
# Avoid catching this on Python 2.4
raise
except Exception as e:
module.fail_json(msg="Database query failed: %s" % to_native(e), exception=traceback.format_exc())
db_connection.close()
module.exit_json(changed=changed, schema=schema, queries=executed_queries)
def main():
module = AnsibleModule(
argument_spec=dict(
instance_name=dict(type='str'),
instance_pattern=dict(type='str'),
tags=dict(type='list', required=True),
state=dict(type='str',
default='present',
choices=['absent', 'present']),
zone=dict(type='str', default='us-central1-a'),
service_account_email=dict(type='str'),
pem_file=dict(type='path'),
project_id=dict(type='str'),
),
mutually_exclusive=[['instance_name', 'instance_pattern']],
required_one_of=[['instance_name', 'instance_pattern']],
)
instance_name = module.params.get('instance_name')
instance_pattern = module.params.get('instance_pattern')
state = module.params.get('state')
tags = module.params.get('tags')
zone = module.params.get('zone')
changed = False
if not HAS_LIBCLOUD:
module.fail_json(
msg='libcloud with GCE support (0.17.0+) required for this module')
gce = gce_connect(module)
# Create list of nodes to operate on
matching_nodes = []
try:
if instance_pattern:
instances = gce.list_nodes(ex_zone=zone)
# no instances in zone
if not instances:
module.exit_json(changed=False,
tags=tags,
zone=zone,
instances_updated=[])
try:
# Python regex fully supported: https://docs.python.org/2/library/re.html
p = re.compile(instance_pattern)
matching_nodes = [
i for i in instances if p.search(i.name) is not None
]
except re.error as e:
module.fail_json(msg='Regex error for pattern %s: %s' %
(instance_pattern, e),
changed=False)
else:
matching_nodes = [gce.ex_get_node(instance_name, zone=zone)]
except ResourceNotFoundError:
module.fail_json(msg='Instance %s not found in zone %s' %
(instance_name, zone),
changed=False)
except GoogleBaseError as e:
module.fail_json(msg=str(e),
changed=False,
exception=traceback.format_exc())
# Tag nodes
instance_pattern_matches = []
tags_changed = []
for node in matching_nodes:
changed, tags_changed = modify_tags(gce, module, node, tags, state)
if changed:
instance_pattern_matches.append({
'instance_name': node.name,
'tags_changed': tags_changed
})
if instance_pattern:
module.exit_json(changed=changed,
instance_pattern=instance_pattern,
tags=tags_changed,
zone=zone,
instances_updated=instance_pattern_matches)
else:
module.exit_json(changed=changed,
instance_name=instance_name,
tags=tags_changed,
zone=zone)
def main():
os_choices = [
'eos', 'junos', 'iosxr', 'fortios', 'ios', 'mock', 'nxos', 'panos',
'vyos', 'ros'
]
module = AnsibleModule(argument_spec=dict(
hostname=dict(type='str', required=False, aliases=['host']),
username=dict(type='str', required=False),
password=dict(type='str', required=False, no_log=True),
provider=dict(type='dict', required=False),
timeout=dict(type='int', required=False, default=60),
dev_os=dict(type='str', required=False, choices=os_choices),
optional_args=dict(required=False, type='dict', default=None),
args=dict(required=True, type='dict', default=None),
),
supports_check_mode=False)
if not napalm_found:
module.fail_json(msg="the python module napalm is required")
provider = module.params['provider'] or {}
no_log = ['password', 'secret']
for param in no_log:
if provider.get(param):
module.no_log_values.update(return_values(provider[param]))
if provider.get('optional_args') and provider['optional_args'].get(
param):
module.no_log_values.update(
return_values(provider['optional_args'].get(param)))
if module.params.get(
'optional_args') and module.params['optional_args'].get(param):
module.no_log_values.update(
return_values(module.params['optional_args'].get(param)))
# allow host or hostname
provider['hostname'] = provider.get('hostname', None) or provider.get(
'host', None)
# allow local params to override provider
for param, pvalue in provider.items():
if module.params.get(param) is not False:
module.params[param] = module.params.get(param) or pvalue
hostname = module.params['hostname']
username = module.params['username']
dev_os = module.params['dev_os']
password = module.params['password']
timeout = module.params['timeout']
args = module.params['args']
argument_check = {
'hostname': hostname,
'username': username,
'dev_os': dev_os,
'password': password
}
for key, val in argument_check.items():
if val is None:
module.fail_json(msg=str(key) + " is required")
# use checks outside of ansible defined checks, since params come can come from provider
if dev_os not in os_choices:
module.fail_json(msg="dev_os is not set to " + str(os_choices))
if module.params['optional_args'] is None:
optional_args = {}
else:
optional_args = module.params['optional_args']
try:
network_driver = get_network_driver(dev_os)
device = network_driver(hostname=hostname,
username=username,
password=password,
timeout=timeout,
optional_args=optional_args)
device.open()
except Exception, e:
module.fail_json(msg="cannot connect to device: " + str(e))
def main():
module = AnsibleModule(
argument_spec=dict(
repo=dict(required=True),
user=dict(required=True),
password=dict(no_log=True),
token=dict(no_log=True),
action=dict(required=True,
choices=['latest_release', 'create_release']),
tag=dict(type='str'),
target=dict(type='str'),
name=dict(type='str'),
body=dict(type='str'),
draft=dict(type='bool', default=False),
prerelease=dict(type='bool', default=False),
),
supports_check_mode=True,
required_one_of=(('password', 'token'), ),
mutually_exclusive=(('password', 'token'), ),
required_if=[('action', 'create_release', ['tag'])],
)
if not HAS_GITHUB_API:
module.fail_json(msg='Missing required github3 module (check docs or '
'install with: pip install github3.py==1.0.0a4)')
repo = module.params['repo']
user = module.params['user']
password = module.params['password']
login_token = module.params['token']
action = module.params['action']
tag = module.params.get('tag')
target = module.params.get('target')
name = module.params.get('name')
body = module.params.get('body')
draft = module.params.get('draft')
prerelease = module.params.get('prerelease')
# login to github
try:
if user and password:
gh_obj = github3.login(user, password=password)
elif login_token:
gh_obj = github3.login(token=login_token)
# test if we're actually logged in
gh_obj.me()
except github3.AuthenticationFailed:
e = get_exception()
module.fail_json(msg='Failed to connect to GitHub: %s' % e,
details="Please check username and password or token "
"for repository %s" % repo)
repository = get_repository(gh_obj, user, repo)
if not repository:
module.fail_json(msg="Repository %s/%s doesn't exist" % (user, repo))
if action == 'latest_release':
release = repository.latest_release()
if release:
module.exit_json(tag=release.tag_name)
else:
module.exit_json(tag=None)
if action == 'create_release':
release_exists = repository.release_from_tag(tag)
if release_exists:
module.exit_json(skipped=True,
msg="Release for tag %s already exists." % tag)
if tag in RELEASE_SHORTCUTS:
latest_release = repository.latest_release()
validate_release_format(latest_release)
tag = bump_version(latest_release, tag)
release = repository.create_release(tag, target, name, body, draft,
prerelease)
if release:
module.exit_json(tag=release.tag_name)
else:
module.exit_json(tag=None)
class NetAppOntapVolumeClone(object):
"""
Creates a volume clone
"""
def __init__(self):
"""
Initialize the NetAppOntapVolumeClone class
"""
self.argument_spec = netapp_utils.na_ontap_host_argument_spec()
self.argument_spec.update(
dict(
state=dict(required=False,
choices=['present'],
default='present'),
parent_volume=dict(required=True, type='str'),
volume=dict(required=True, type='str'),
vserver=dict(required=True, type='str'),
parent_snapshot=dict(required=False, type='str', default=None),
parent_vserver=dict(required=False, type='str', default=None),
qos_policy_group_name=dict(required=False,
type='str',
default=None),
space_reserve=dict(required=False,
choices=['volume', 'none'],
default=None),
volume_type=dict(required=False, choices=['rw', 'dp']),
))
self.module = AnsibleModule(argument_spec=self.argument_spec,
supports_check_mode=True)
parameters = self.module.params
# set up state variables
self.state = parameters['state']
self.parent_snapshot = parameters['parent_snapshot']
self.parent_volume = parameters['parent_volume']
self.parent_vserver = parameters['parent_vserver']
self.qos_policy_group_name = parameters['qos_policy_group_name']
self.space_reserve = parameters['space_reserve']
self.volume = parameters['volume']
self.volume_type = parameters['volume_type']
self.vserver = parameters['vserver']
if HAS_NETAPP_LIB is False:
self.module.fail_json(
msg="the python NetApp-Lib module is required")
else:
self.server = netapp_utils.setup_na_ontap_zapi(
module=self.module, vserver=self.vserver)
return
def create_volume_clone(self):
"""
Creates a new volume clone
"""
clone_obj = netapp_utils.zapi.NaElement('volume-clone-create')
clone_obj.add_new_child("parent-volume", self.parent_volume)
clone_obj.add_new_child("volume", self.volume)
if self.qos_policy_group_name:
clone_obj.add_new_child("qos-policy-group-name",
self.qos_policy_group_name)
if self.space_reserve:
clone_obj.add_new_child("space-reserve", self.space_reserve)
if self.parent_snapshot:
clone_obj.add_new_child("parent-snapshot", self.parent_snapshot)
if self.parent_vserver:
clone_obj.add_new_child("parent-vserver", self.parent_vserver)
if self.volume_type:
clone_obj.add_new_child("volume-type", self.volume_type)
self.server.invoke_successfully(clone_obj, True)
def does_volume_clone_exists(self):
clone_obj = netapp_utils.zapi.NaElement('volume-clone-get')
clone_obj.add_new_child("volume", self.volume)
try:
results = self.server.invoke_successfully(clone_obj, True)
except Exception:
return False
attributes = results.get_child_by_name('attributes')
info = attributes.get_child_by_name('volume-clone-info')
parent_volume = info.get_child_content('parent-volume')
if parent_volume == self.parent_volume:
return True
self.module.fail_json(
msg="Error clone %s already exists for parent %s" %
(self.volume, parent_volume))
def apply(self):
"""
Run Module based on play book
"""
changed = False
netapp_utils.ems_log_event("na_ontap_volume_clone", self.server)
existing_volume_clone = self.does_volume_clone_exists()
if existing_volume_clone is False: # create clone
changed = True
if changed:
if self.module.check_mode:
pass
else:
self.create_volume_clone()
self.module.exit_json(changed=changed)
class NSXTBaseRealizableResource(ABC):
INCORRECT_ARGUMENT_NAME_VALUE = "error_invalid_parameter"
def realize(self, supports_check_mode=True,
successful_resource_exec_logs=[],
baseline_arg_names=[], resource_params=None):
# must call this method to realize the creation, update, or deletion of
# resource
self.resource_class = self.__class__
if not hasattr(self, "_arg_spec"):
# Base resource
self._make_ansible_arg_spec(
supports_check_mode=supports_check_mode)
if not hasattr(self, 'module'):
self.module = AnsibleModule(
argument_spec=self._arg_spec,
supports_check_mode=supports_check_mode)
self.set_baseline_args(baseline_arg_names)
# Infer manager credentials
mgr_hostname = self.module.params['hostname']
mgr_username = self.module.params['username']
mgr_password = self.module.params['password']
nsx_cert_path = self.module.params['nsx_cert_path']
nsx_key_path = self.module.params['nsx_key_path']
request_headers = self.module.params['request_headers']
ca_path = self.module.params['ca_path']
validate_certs = self.module.params['validate_certs']
# Each manager has an associated PolicyCommunicator
self.policy_communicator = PolicyCommunicator.get_instance(
mgr_hostname, mgr_username, mgr_password, nsx_cert_path,
nsx_key_path, request_headers, ca_path, validate_certs)
if resource_params is None:
resource_params = self.module.params
self.resource_params = resource_params
self._state = self.get_attribute('state', resource_params)
if not (hasattr(self, 'id') and self.id):
if self.get_resource_name() in BASE_RESOURCES:
self.id = self._get_id_using_attr_name(
None, resource_params,
self.get_resource_base_url(self.baseline_args),
self.get_spec_identifier())
else:
self.id = self._get_id_using_attr_name(
None, resource_params,
self.get_resource_base_url(self._parent_info),
self.get_spec_identifier())
if self.id is None:
return
# Extract the resource params from module
self.nsx_resource_params = self._extract_nsx_resource_params(
resource_params)
# parent_info is passed to subresources of a resource automatically
if not hasattr(self, "_parent_info"):
self._parent_info = {}
self.update_parent_info(self._parent_info)
try:
# get existing resource schema
_, self.existing_resource = self._send_request_to_API(
"/" + self.id, ignore_error=False,
accepted_error_codes=set([404]))
# As Policy API's PATCH requires all attributes to be filled,
# we fill the missing resource params (the params not specified)
# by user using the existing params
self._fill_missing_resource_params(
self.existing_resource, self.nsx_resource_params)
except Exception as err:
# the resource does not exist currently on the manager
self.existing_resource = None
self._achieve_state(resource_params, successful_resource_exec_logs)
@classmethod
def get_spec_identifier(cls):
# Can be overriden in the subclass to provide different
# unique_arg_identifier. It is used to infer which args belong to which
# subresource.
# By default, class name is used for subresources.
return cls.get_resource_name()
def get_state(self):
return self._state
def get_parent_info(self):
return self._parent_info
@staticmethod
@abstractmethod
def get_resource_base_url(parent_info):
# Must be overridden by the subclass
raise NotImplementedError
@staticmethod
@abstractmethod
def get_resource_spec():
# Must be overridden by the subclass
raise NotImplementedError
@classmethod
def get_resource_name(cls):
return cls.__name__
def create_or_update_subresource_first(self):
# return True if subresource should be created/updated before parent
# resource
return self.resource_params.get(
"create_or_update_subresource_first", False)
def delete_subresource_first(self):
# return True if subresource should be deleted before parent resource
return self.resource_params.get("delete_subresource_first", True)
def achieve_subresource_state_if_del_parent(self):
# return True if this resource is to be realized with its own specified
# state irrespective of the state of its parent resource.
return self.resource_params.get(
"achieve_subresource_state_if_del_parent", False)
def do_wait_till_create(self):
# By default, we do not wait for the parent resource to be created or
# updated before its subresource is to be realized.
return self.resource_params.get("do_wait_till_create", False)
@staticmethod
def get_resource_update_priority():
# this priority can be used to create/delete subresources
# at the same level in a particular order.
# by default, it returns 1 so the resources are created/updated/
# deleted in a fixed but random order.
# should be overloaded in subclass to specify its priority.
# for creation or update, we iterate in descending order.
# for deletion, we iterate in ascending order.
return 1
def set_arg_spec(self, arg_spec):
self._arg_spec = arg_spec
def set_ansible_module(self, ansible_module):
self.module = ansible_module
def set_parent_info(self, parent_info):
self._parent_info = parent_info
def achieve_subresource_state(
self, resource_params, successful_resource_exec_logs):
"""
Achieve the state of each sub-resource.
"""
for sub_resource_class in self._get_sub_resources_class_of(
self.resource_class):
if sub_resource_class.allows_multiple_resource_spec():
children_resource_spec = (resource_params.get(
sub_resource_class.get_spec_identifier()) or [])
else:
children_resource_spec = ([resource_params.get(
sub_resource_class.get_spec_identifier())] or [])
# Update the parent pointer
my_parent = self._parent_info.get('_parent', '')
self._update_parent_info()
for resource_param_spec in children_resource_spec:
if resource_param_spec is not None:
sub_resource = sub_resource_class()
sub_resource.set_arg_spec(self._arg_spec)
sub_resource.set_ansible_module(self.module)
sub_resource.set_parent_info(self._parent_info)
sub_resource.realize(
successful_resource_exec_logs=(
successful_resource_exec_logs),
resource_params=resource_param_spec)
# Restore the parent pointer
self._parent_info['_parent'] = my_parent
def update_resource_params(self, nsx_resource_params):
# Can be used to updates the params of resource before making
# the API call.
# Should be overridden in the subclass if needed
pass
def check_for_update(self, existing_params, resource_params):
"""
resource_params: dict
existing_params: dict
Compares the existing_params with resource_params and returns
True if they are different. At a base level, it traverses the
params and matches one-to-one. If the value to be matched is a
- dict, it traverses that also.
- list, it merely compares the order.
Can be overriden in the subclass for specific custom checking.
Returns true if the params differ
"""
if not existing_params:
return False
for k, v in resource_params.items():
if k not in existing_params:
return True
elif type(v).__name__ == 'dict':
if self.check_for_update(existing_params[k], v):
return True
elif v != existing_params[k]:
def compare_lists(list1, list2):
# Returns True if list1 and list2 differ
try:
# If the lists can be converted into sets, do so and
# compare lists as sets.
set1 = set(list1)
set2 = set(list2)
return set1 != set2
except Exception:
return True
if type(v).__name__ == 'list':
if compare_lists(v, existing_params[k]):
return True
continue
return True
return False
def update_parent_info(self, parent_info):
# Override this and fill in self._parent_info if that is to be passed
# to the sub-resource
# By default, parent's id is passed
parent_info[self.get_spec_identifier() + "_id"] = self.id
def get_attribute(self, attribute, resource_params):
"""
attribute: String
resource_params: Parameters of the resource
"""
if (attribute == "state" and
self.get_resource_name() not in BASE_RESOURCES):
# if parent has absent state, subresources should have absent
# state if . So, irrespective of what user specifies, if parent
# is to be deleted, the child resources will be deleted.
# override achieve_subresource_state_if_del_parent
# in resource class to change this behavior
if (self._parent_info["_parent"].get_state() == "absent" and
not self.achieve_subresource_state_if_del_parent()):
return "absent"
return resource_params.get(
attribute, self.INCORRECT_ARGUMENT_NAME_VALUE)
def set_baseline_args(self, baseline_arg_names):
# Can be overriden in subclass
self.baseline_args = {}
for baseline_arg_name in baseline_arg_names:
self.baseline_args[baseline_arg_name] = self.module.params[
baseline_arg_name]
def do_resource_params_have_attr_with_id_or_display_name(self, attr):
if (attr + "_id" in self.nsx_resource_params or
attr + "_display_name" in self.nsx_resource_params):
return True
return False
def get_id_using_attr_name_else_fail(self, attr_name, params,
resource_base_url, resource_type,
ignore_not_found_error=True):
resource_id = self._get_id_using_attr_name(
attr_name, params, resource_base_url, resource_type,
ignore_not_found_error)
if resource_id is not None:
return resource_id
# Incorrect usage of Ansible Module
self.module.fail_json(msg="Please specify either {} id or display_name"
" for the resource {}".format(
attr_name, str(resource_type)))
def exit_with_failure(self, msg, **kwargs):
self.module.fail_json(msg=msg, **kwargs)
def skip_delete(self):
"""
Override in subclass if this resource is skipped to be deleted.
Note that the children of this resource will still be deleted unless
they override this method as well.
"""
return False
@classmethod
def is_required_in_spec(cls):
"""
Override in subclass if this resource is optional to be specified
in the ansible playbook.
"""
return False
@classmethod
def allows_multiple_resource_spec(cls):
"""
Override in the resource class definition with False if only one
resource can be associated with the parent. By default, we accept
multiple
"""
return True
def _get_id_using_attr_name(self, attr_name, params,
resource_base_url, resource_type,
ignore_not_found_error=True):
# Pass attr_name '' or None to infer base resource's ID
id_identifier = 'id'
display_name_identifier = 'display_name'
if attr_name:
id_identifier = attr_name + "_id"
display_name_identifier = attr_name + "_display_name"
if id_identifier in params and params[id_identifier]:
return params.pop(id_identifier)
if (display_name_identifier in params and
params[display_name_identifier]):
resource_display_name = params.pop(display_name_identifier)
# Use display_name as ID if ID is not specified.
return (self.get_id_from_display_name(
resource_base_url, resource_display_name, resource_type,
ignore_not_found_error) or resource_display_name)
def get_id_from_display_name(self, resource_base_url,
resource_display_name,
resource_type, ignore_not_found_error=True):
try:
# Get the id from the Manager
(_, resp) = self._send_request_to_API(
resource_base_url=resource_base_url)
matched_resource = None
for resource in resp['results']:
if (resource.__contains__('display_name') and
resource['display_name'] == resource_display_name):
if matched_resource is None:
matched_resource = resource
else:
# Multiple resources with same display_name!
# Ask the user to specify ID instead.
self.module.fail_json(
msg="Multiple {} found with display_name {}. "
"Please specify the resource using id in "
"the playbook.".format(resource_type,
resource_display_name))
if matched_resource is not None:
return matched_resource['id']
else:
if ignore_not_found_error:
return None
else:
# No resource found with this display_name
self.module.fail_json(
msg="No {} found with display_name {} for the "
"specified configuration.".format(
resource_type, resource_display_name))
except Exception as e:
# Manager replied with invalid URL. It means that the resource
# does not exist on the Manager. So, return the display_name
return resource_display_name
def _update_parent_info(self):
# This update is always performed and should not be overriden by the
# subresource's class
self._parent_info["_parent"] = self
def _make_ansible_arg_spec(self, supports_check_mode=True):
"""
We read the arg_spec of all the resources associated that
are associated with this resource and create one complete
arg_spec.
"""
if self.get_resource_name() in BASE_RESOURCES:
self._arg_spec = {}
# Update it with VMware arg spec
self._arg_spec.update(
PolicyCommunicator.get_vmware_argument_spec())
# ... then update it with top most resource spec ...
self._update_arg_spec_with_resource(
self.resource_class, self._arg_spec)
# Update with all sub-resources arg spec
for sub_resources_class in self._get_sub_resources_class_of(
self.resource_class):
self._update_arg_spec_with_all_resources(
sub_resources_class, self._arg_spec)
def _update_arg_spec_with_resource(self, resource_class, arg_spec):
# updates _arg_spec with resource_class's arg_spec
resource_arg_spec = self._get_base_arg_spec_of_resource()
resource_arg_spec.update(self._get_base_arg_spec_of_nsx_resource())
resource_arg_spec.update(resource_class.get_resource_spec())
if resource_class.__name__ not in BASE_RESOURCES:
arg_spec.update(
{
resource_class.get_spec_identifier(): dict(
options=resource_arg_spec,
required=resource_class.is_required_in_spec(),
type='dict',
)
})
if resource_class.allows_multiple_resource_spec():
arg_spec[resource_class.get_spec_identifier()]['type'] = 'list'
arg_spec[resource_class.get_spec_identifier()]['elements'] = (
'dict')
else:
arg_spec.update(resource_arg_spec)
return resource_arg_spec
def _update_arg_spec_with_all_resources(self, resource_class, arg_spec):
# updates _arg_spec with resource_class's arg_spec and all it's
# sub-resources
resource_arg_spec = self._update_arg_spec_with_resource(
resource_class, arg_spec)
# go to each child of resource_class and update it
for sub_resources_class in self._get_sub_resources_class_of(
resource_class):
self._update_arg_spec_with_all_resources(
sub_resources_class, resource_arg_spec)
def _get_base_arg_spec_of_nsx_resource(self):
resource_base_arg_spec = {}
resource_base_arg_spec.update(
# these are the base args for any NSXT Resource
display_name=dict(
required=False,
type='str'
),
description=dict(
required=False,
type='str'
),
tags=dict(
required=False,
type='list',
elements='dict',
options=dict(
scope=dict(
required=True,
type='str'
),
tag=dict(
required=True,
type='str'
)
)
)
)
return resource_base_arg_spec
def _get_base_arg_spec_of_resource(self):
resource_base_arg_spec = {}
resource_base_arg_spec.update(
id=dict(
type='str'
),
state=dict(
required=True,
type='str',
choices=['present', 'absent']
),
create_or_update_subresource_first=dict(
default=False,
type='bool'
),
delete_subresource_first=dict(
default=True,
type='bool'
),
achieve_subresource_state_if_del_parent=dict(
default=False,
type='bool'
),
do_wait_till_create=dict(
default=False,
type='bool'
)
)
return resource_base_arg_spec
def _extract_nsx_resource_params(self, resource_params):
# extract the params belonging to this resource only.
filtered_params = {}
def filter_with_spec(spec):
for key in spec.keys():
if (key in resource_params and
resource_params[key] is not None):
filtered_params[key] = resource_params[key]
filter_with_spec(self.get_resource_spec())
filter_with_spec(self._get_base_arg_spec_of_nsx_resource())
return filtered_params
def _achieve_present_state(self, successful_resource_exec_logs):
self.update_resource_params(self.nsx_resource_params)
is_resource_updated = self.check_for_update(
self.existing_resource, self.nsx_resource_params)
if not is_resource_updated:
# Either the resource does not exist or it exists but was not
# updated in the YAML.
if self.module.check_mode:
successful_resource_exec_logs.append({
"changed": True,
"debug_out": self.resource_params,
"id": '12345',
"resource_type": self.get_resource_name()
})
return
try:
if self.existing_resource:
# Resource already exists
successful_resource_exec_logs.append({
"changed": False,
"id": self.id,
"message": "%s with id %s already exists." %
(self.get_resource_name(), self.id),
"resource_type": self.get_resource_name()
})
return
# Create a new resource
_, resp = self._send_request_to_API(
suffix="/" + self.id, method='PATCH',
data=self.nsx_resource_params)
if self.do_wait_till_create() and not self._wait_till_create():
raise Exception
successful_resource_exec_logs.append({
"changed": True,
"id": self.id,
"body": str(resp),
"message": "%s with id %s created." %
(self.get_resource_name(), self.id),
"resource_type": self.get_resource_name()
})
except Exception as err:
srel = successful_resource_exec_logs
self.module.fail_json(msg="Failed to add %s with id %s."
"Request body [%s]. Error[%s]."
% (self.get_resource_name(),
self.id, self.nsx_resource_params,
to_native(err)
),
successfully_updated_resources=srel)
else:
# The resource exists and was updated in the YAML.
if self.module.check_mode:
successful_resource_exec_logs.append({
"changed": True,
"debug_out": self.resource_params,
"id": self.id,
"resource_type": self.get_resource_name()
})
return
self.nsx_resource_params['_revision'] = \
self.existing_resource['_revision']
try:
_, resp = self._send_request_to_API(
suffix="/"+self.id, method="PATCH",
data=self.nsx_resource_params)
successful_resource_exec_logs.append({
"changed": True,
"id": self.id,
"body": str(resp),
"message": "%s with id %s updated." %
(self.get_resource_name(), self.id),
"resource_type": self.get_resource_name()
})
except Exception as err:
srel = successful_resource_exec_logs
self.module.fail_json(msg="Failed to update %s with id %s."
"Request body [%s]. Error[%s]." %
(self.get_resource_name(), self.id,
self.nsx_resource_params, to_native(
err)
),
successfully_updated_resources=srel)
def _achieve_absent_state(self, successful_resource_exec_logs):
if self.skip_delete():
return
if self.existing_resource is None:
successful_resource_exec_logs.append({
"changed": False,
"msg": 'No %s exist with id %s' %
(self.get_resource_name(), self.id),
"resource_type": self.get_resource_name()
})
return
if self.module.check_mode:
successful_resource_exec_logs.append({
"changed": True,
"debug_out": self.resource_params,
"id": self.id,
"resource_type": self.get_resource_name()
})
return
try:
self._send_request_to_API("/" + self.id, method='DELETE')
self._wait_till_delete()
successful_resource_exec_logs.append({
"changed": True,
"id": self.id,
"message": "%s with id %s deleted." %
(self.get_resource_name(), self.id)
})
except Exception as err:
srel = successful_resource_exec_logs
self.module.fail_json(msg="Failed to delete %s with id %s. "
"Error[%s]." % (self.get_resource_name(),
self.id, to_native(err)),
successfully_updated_resources=srel)
def _send_request_to_API(self, suffix="", ignore_error=False,
method='GET', data=None,
resource_base_url=None,
accepted_error_codes=set()):
try:
if not resource_base_url:
if self.get_resource_name() not in BASE_RESOURCES:
resource_base_url = (self.resource_class.
get_resource_base_url(
parent_info=self._parent_info))
else:
resource_base_url = (self.resource_class.
get_resource_base_url(
baseline_args=self.baseline_args))
(rc, resp) = self.policy_communicator.request(
resource_base_url + suffix,
ignore_errors=ignore_error, method=method, data=data)
return (rc, resp)
except DuplicateRequestError:
self.module.fail_json(msg='Duplicate request')
except Exception as e:
if (e.args[0] not in accepted_error_codes and
self.get_resource_name() in BASE_RESOURCES):
msg = ('Received {} from NSX Manager. Please try '
'again. '.format(e.args[0]))
if len(e.args) == 2 and e.args[1] and (
'error_message' in e.args[1]):
msg += e.args[1]['error_message']
self.module.fail_json(msg=msg)
raise e
def _achieve_state(self, resource_params,
successful_resource_exec_logs=[]):
"""
Achieves `present` or `absent` state as specified in the YAML.
"""
if self.id == self.INCORRECT_ARGUMENT_NAME_VALUE:
# The resource was not specified in the YAML.
# So, no need to realize it.
return
if (self._state == "present" and
self.create_or_update_subresource_first()):
self.achieve_subresource_state(
resource_params, successful_resource_exec_logs)
if self._state == "absent" and self.delete_subresource_first():
self.achieve_subresource_state(
resource_params, successful_resource_exec_logs)
if self._state == 'present':
self._achieve_present_state(
successful_resource_exec_logs)
else:
self._achieve_absent_state(successful_resource_exec_logs)
if self._state == "present" and not (
self.create_or_update_subresource_first()):
self.achieve_subresource_state(
resource_params,
successful_resource_exec_logs=successful_resource_exec_logs)
if self._state == "absent" and not self.delete_subresource_first():
self.achieve_subresource_state(
resource_params, successful_resource_exec_logs)
if self.get_resource_name() in BASE_RESOURCES:
changed = False
for successful_resource_exec_log in successful_resource_exec_logs:
if successful_resource_exec_log["changed"]:
changed = True
break
srel = successful_resource_exec_logs
self.module.exit_json(changed=changed,
successfully_updated_resources=srel)
def _get_sub_resources_class_of(self, resource_class):
subresources = []
for attr in resource_class.__dict__.values():
if (inspect.isclass(attr) and
issubclass(attr, NSXTBaseRealizableResource)):
subresources.append(attr)
if hasattr(self, "_state") and self._state == "present":
subresources.sort(key=lambda subresource:
subresource().get_resource_update_priority(),
reverse=True)
else:
subresources.sort(key=lambda subresource:
subresource().get_resource_update_priority(),
reverse=False)
for subresource in subresources:
yield subresource
def _wait_till_delete(self):
"""
Periodically checks if the resource still exists on the API server
every 10 seconds. Returns after it has been deleted.
"""
while True:
try:
self._send_request_to_API(
"/" + self.id, accepted_error_codes=set([404]))
time.sleep(10)
except DuplicateRequestError:
self.module.fail_json(msg='Duplicate request')
except Exception:
return
def _wait_till_create(self):
FAILED_STATES = ["failed"]
IN_PROGRESS_STATES = ["pending", "in_progress"]
SUCCESS_STATES = ["partial_success", "success"]
try:
count = 0
while True:
rc, resp = self._send_request_to_API(
"/" + self.id, accepted_error_codes=set([404]))
if 'state' in resp:
if any(resp['state'] in progress_status for progress_status
in IN_PROGRESS_STATES):
time.sleep(10)
count = count + 1
if count == 90:
# Wait for max 15 minutes for host to realize
return False
elif any(resp['state'] in progress_status for
progress_status in SUCCESS_STATES):
return True
else:
# Failed State
return False
else:
if rc != 200:
time.sleep(1)
count = count + 1
if count == 90:
# Wait for max 15 minutes for host to realize
return False
else:
return True
except Exception as err:
return False
def _fill_missing_resource_params(self, existing_params, resource_params):
"""
resource_params: dict
existing_params: dict
Fills resource_params with the key:value from existing_params if
missing in the former.
"""
if not existing_params:
return
for k, v in existing_params.items():
if k not in resource_params:
resource_params[k] = v
elif type(v).__name__ == 'dict':
self._fill_missing_resource_params(v, resource_params[k])
def main():
""" Main entry point for Ansible module execution.
"""
results = {}
argument_spec = rubrik_argument_spec
# Start Parameters
argument_spec.update(
dict(url=dict(required=True),
wait_for_completion=dict(required=False,
type='bool',
default=True),
timeout=dict(required=False, type='int', default=15)))
# End Parameters
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=False)
if sdk_present is False:
module.fail_json(
msg=
"The Rubrik Python SDK is required for this module (pip install rubrik_cdm)."
)
load_provider_variables(module)
ansible = module.params
try:
rubrik = rubrik_cdm.Connect()
except SystemExit as error:
if "has not been provided" in str(error):
try:
ansible["node_ip"]
ansible["username"]
ansible["password"]
except KeyError:
module.fail_json(
msg=
"Error: The Rubrik login credentials are missing. Verify the correct env vars are present or provide them through the provider param."
)
else:
module.fail_json(msg=str(error))
try:
rubrik = rubrik_cdm.Connect(ansible['node_ip'],
ansible['username'],
ansible['password'])
except SystemExit as error:
module.fail_json(msg=str(error))
try:
api_request = rubrik.job_status(ansible["url"],
ansible["wait_for_completion"],
ansible["timeout"])
except SystemExit as error:
module.fail_json(msg=str(error))
results["changed"] = False
results["response"] = api_request
module.exit_json(**results)
def main():
argument_spec = dict(
gather_subset=dict(default=['!config'], type='list')
)
argument_spec.update(vyos_argument_spec)
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
warnings = list()
check_args(module, warnings)
gather_subset = module.params['gather_subset']
runable_subsets = set()
exclude_subsets = set()
for subset in gather_subset:
if subset == 'all':
runable_subsets.update(VALID_SUBSETS)
continue
if subset.startswith('!'):
subset = subset[1:]
if subset == 'all':
exclude_subsets.update(VALID_SUBSETS)
continue
exclude = True
else:
exclude = False
if subset not in VALID_SUBSETS:
module.fail_json(msg='Subset must be one of [%s], got %s' %
(', '.join(VALID_SUBSETS), subset))
if exclude:
exclude_subsets.add(subset)
else:
runable_subsets.add(subset)
if not runable_subsets:
runable_subsets.update(VALID_SUBSETS)
runable_subsets.difference_update(exclude_subsets)
runable_subsets.add('default')
facts = dict()
facts['gather_subset'] = list(runable_subsets)
instances = list()
for key in runable_subsets:
instances.append(FACT_SUBSETS[key](module))
for inst in instances:
inst.populate()
facts.update(inst.facts)
ansible_facts = dict()
for key, value in iteritems(facts):
key = 'ansible_net_%s' % key
ansible_facts[key] = value
module.exit_json(ansible_facts=ansible_facts, warnings=warnings)
def main():
argument_spec = ovirt_full_argument_spec(
state=dict(
choices=['present', 'absent'],
default='present',
),
name=dict(aliases=['host'], required=True),
bond=dict(default=None, type='dict'),
interface=dict(default=None),
networks=dict(default=None, type='list'),
labels=dict(default=None, type='list'),
check=dict(default=None, type='bool'),
save=dict(default=True, type='bool'),
sync_networks=dict(default=False, type='bool'),
)
module = AnsibleModule(argument_spec=argument_spec)
check_sdk(module)
try:
auth = module.params.pop('auth')
connection = create_connection(auth)
hosts_service = connection.system_service().hosts_service()
host_networks_module = HostNetworksModule(
connection=connection,
module=module,
service=hosts_service,
)
host = host_networks_module.search_entity()
if host is None:
raise Exception("Host '%s' was not found." % module.params['name'])
bond = module.params['bond']
interface = module.params['interface']
networks = module.params['networks']
labels = module.params['labels']
nic_name = bond.get('name') if bond else module.params['interface']
host_service = hosts_service.host_service(host.id)
nics_service = host_service.nics_service()
nic = search_by_name(nics_service, nic_name)
if module.params["sync_networks"]:
if needs_sync(nics_service):
if not module.check_mode:
host_service.sync_all_networks()
host_networks_module.changed = True
network_names = [network['name'] for network in networks or []]
state = module.params['state']
if (
state == 'present' and
(nic is None or host_networks_module.has_update(nics_service.service(nic.id)))
):
# Remove networks which are attached to different interface then user want:
attachments_service = host_service.network_attachments_service()
# Append attachment ID to network if needs update:
for a in attachments_service.list():
current_network_name = get_link_name(connection, a.network)
if current_network_name in network_names:
for n in networks:
if n['name'] == current_network_name:
n['id'] = a.id
# Check if we have to break some bonds:
removed_bonds = []
if nic is not None:
for host_nic in nics_service.list():
if host_nic.bonding and nic.id in [slave.id for slave in host_nic.bonding.slaves]:
removed_bonds.append(otypes.HostNic(id=host_nic.id))
# Assign the networks:
setup_params = dict(
entity=host,
action='setup_networks',
check_connectivity=module.params['check'],
removed_bonds=removed_bonds if removed_bonds else None,
modified_bonds=[
otypes.HostNic(
name=bond.get('name'),
bonding=otypes.Bonding(
options=get_bond_options(bond.get('mode'), bond.get('options')),
slaves=[
otypes.HostNic(name=i) for i in bond.get('interfaces', [])
],
),
),
] if bond else None,
modified_labels=[
otypes.NetworkLabel(
id=str(name),
host_nic=otypes.HostNic(
name=bond.get('name') if bond else interface
),
) for name in labels
] if labels else None,
modified_network_attachments=[
otypes.NetworkAttachment(
id=network.get('id'),
network=otypes.Network(
name=network['name']
) if network['name'] else None,
host_nic=otypes.HostNic(
name=bond.get('name') if bond else interface
),
ip_address_assignments=[
otypes.IpAddressAssignment(
assignment_method=otypes.BootProtocol(
network.get('boot_protocol', 'none')
),
ip=otypes.Ip(
address=network.get('address'),
gateway=network.get('gateway'),
netmask=network.get('netmask'),
version=otypes.IpVersion(
network.get('version')
) if network.get('version') else None,
),
),
],
properties=[
otypes.Property(
name=prop.get('name'),
value=prop.get('value')
) for prop in network.get('custom_properties')
]
) for network in networks
] if networks else None,
)
if engine_supported(connection, '4.3'):
setup_params['commit_on_success'] = module.params['save']
elif module.params['save']:
setup_params['post_action'] = host_networks_module._action_save_configuration
host_networks_module.action(**setup_params)
elif state == 'absent' and nic:
attachments = []
nic_service = nics_service.nic_service(nic.id)
attached_labels = set([str(lbl.id) for lbl in nic_service.network_labels_service().list()])
if networks:
attachments_service = nic_service.network_attachments_service()
attachments = attachments_service.list()
attachments = [
attachment for attachment in attachments
if get_link_name(connection, attachment.network) in network_names
]
# Remove unmanaged networks:
unmanaged_networks_service = host_service.unmanaged_networks_service()
unmanaged_networks = [(u.id, u.name) for u in unmanaged_networks_service.list()]
for net_id, net_name in unmanaged_networks:
if net_name in network_names:
if not module.check_mode:
unmanaged_networks_service.unmanaged_network_service(net_id).remove()
host_networks_module.changed = True
# Need to check if there are any labels to be removed, as backend fail
# if we try to send remove non existing label, for bond and attachments it's OK:
if (labels and set(labels).intersection(attached_labels)) or bond or attachments:
setup_params = dict(
entity=host,
action='setup_networks',
check_connectivity=module.params['check'],
removed_bonds=[
otypes.HostNic(
name=bond.get('name'),
),
] if bond else None,
removed_labels=[
otypes.NetworkLabel(id=str(name)) for name in labels
] if labels else None,
removed_network_attachments=attachments if attachments else None,
)
if engine_supported(connection, '4.3'):
setup_params['commit_on_success'] = module.params['save']
elif module.params['save']:
setup_params['post_action'] = host_networks_module._action_save_configuration
host_networks_module.action(**setup_params)
nic = search_by_name(nics_service, nic_name)
module.exit_json(**{
'changed': host_networks_module.changed,
'id': nic.id if nic else None,
'host_nic': get_dict_of_struct(nic),
})
except Exception as e:
module.fail_json(msg=str(e), exception=traceback.format_exc())
finally:
connection.close(logout=auth.get('token') is None)
class ElementSWVlan(object):
""" class to handle VLAN operations """
def __init__(self):
"""
Setup Ansible parameters and ElementSW connection
"""
self.argument_spec = netapp_utils.ontap_sf_host_argument_spec()
self.argument_spec.update(dict(
state=dict(required=False, choices=['present', 'absent'],
default='present'),
name=dict(required=False, type='str'),
vlan_tag=dict(required=True, type='str'),
svip=dict(required=False, type='str'),
netmask=dict(required=False, type='str'),
gateway=dict(required=False, type='str'),
namespace=dict(required=False, type='bool'),
attributes=dict(required=False, type='dict'),
address_blocks=dict(required=False, type='list')
))
self.module = AnsibleModule(
argument_spec=self.argument_spec,
supports_check_mode=True
)
if HAS_SF_SDK is False:
self.module.fail_json(msg="Unable to import the SolidFire Python SDK")
else:
self.elem = netapp_utils.create_sf_connection(module=self.module)
self.na_helper = NetAppModule()
self.parameters = self.na_helper.set_parameters(self.module.params)
self.elementsw_helper = NaElementSWModule(self.sfe)
# add telemetry attributes
if self.parameters['attributes'] is not None:
self.parameters['attributes'].update(self.elementsw_helper.set_element_attributes(source='na_elementsw_vlan'))
else:
self.parameters['attributes'] = self.elementsw_helper.set_element_attributes(source='na_elementsw_vlan')
def validate_keys(self):
"""
Validate if all required keys are present before creating
"""
required_keys = ['address_blocks', 'svip', 'netmask', 'name']
if all(item in self.parameters.keys() for item in required_keys) is False:
self.module.fail_json(msg="One or more required fields %s for creating VLAN is missing"
% required_keys)
addr_blk_fields = ['start', 'size']
for address in self.parameters['address_blocks']:
if 'start' not in address or 'size' not in address:
self.module.fail_json(msg="One or more required fields %s for address blocks is missing"
% addr_blk_fields)
def create_network(self):
"""
Add VLAN
"""
try:
self.validate_keys()
create_params = self.parameters.copy()
for key in ['username', 'hostname', 'password', 'state', 'vlan_tag']:
del create_params[key]
self.elem.add_virtual_network(virtual_network_tag=self.parameters['vlan_tag'], **create_params)
except solidfire.common.ApiServerError as err:
self.module.fail_json(msg="Error creating VLAN %s"
% self.parameters['vlan_name'],
exception=to_native(err))
def delete_network(self):
"""
Remove VLAN
"""
try:
self.elem.remove_virtual_network(virtual_network_tag=self.parameters['vlan_tag'])
except solidfire.common.ApiServerError as err:
self.module.fail_json(msg="Error deleting VLAN %s"
% self.parameters['vlan_tag'],
exception=to_native(err))
def modify_network(self, modify):
"""
Modify the VLAN
"""
try:
self.elem.modify_virtual_network(virtual_network_tag=self.parameters['vlan_tag'], **modify)
except solidfire.common.ApiServerError as err:
self.module.fail_json(msg="Error modifying VLAN %s"
% self.parameters['vlan_tag'],
exception=to_native(err))
def get_network_details(self):
"""
Check existing VLANs
:return: vlan details if found, None otherwise
:type: dict
"""
vlans = self.elem.list_virtual_networks(virtual_network_tag=self.parameters['vlan_tag'])
vlan_details = dict()
for vlan in vlans.virtual_networks:
if vlan is not None:
vlan_details['name'] = vlan.name
vlan_details['address_blocks'] = list()
for address in vlan.address_blocks:
vlan_details['address_blocks'].append({
'start': address.start,
'size': address.size
})
vlan_details['svip'] = vlan.svip
vlan_details['gateway'] = vlan.gateway
vlan_details['netmask'] = vlan.netmask
vlan_details['namespace'] = vlan.namespace
vlan_details['attributes'] = vlan.attributes
return vlan_details
return None
def apply(self):
"""
Call create / delete / modify vlan methods
"""
network = self.get_network_details()
# calling helper to determine action
cd_action = self.na_helper.get_cd_action(network, self.parameters)
modify = self.na_helper.get_modified_attributes(network, self.parameters)
if cd_action == "create":
self.create_network()
elif cd_action == "delete":
self.delete_network()
elif modify:
self.modify_network(modify)
self.module.exit_json(changed=self.na_helper.changed)
def main():
module_args = oci_common_utils.get_common_arg_spec(
supports_create=True, supports_wait=True
)
module_args.update(
dict(
availability_domain=dict(type="str"),
backup_policy_id=dict(type="str"),
compartment_id=dict(type="str"),
defined_tags=dict(type="dict"),
display_name=dict(aliases=["name"], type="str"),
freeform_tags=dict(type="dict"),
kms_key_id=dict(type="str"),
size_in_gbs=dict(type="int"),
vpus_per_gb=dict(type="int"),
source_details=dict(
type="dict",
options=dict(
type=dict(
type="str",
required=True,
choices=["bootVolumeBackup", "bootVolume", "bootVolumeReplica"],
),
id=dict(type="str", required=True),
),
),
is_auto_tune_enabled=dict(type="bool"),
boot_volume_replicas=dict(
type="list",
elements="dict",
options=dict(
display_name=dict(aliases=["name"], type="str"),
availability_domain=dict(type="str", required=True),
),
),
boot_volume_id=dict(aliases=["id"], type="str"),
state=dict(type="str", default="present", choices=["present", "absent"]),
)
)
module = AnsibleModule(argument_spec=module_args, supports_check_mode=True)
if not HAS_OCI_PY_SDK:
module.fail_json(msg="oci python sdk required for this module.")
resource_helper = ResourceHelper(
module=module,
resource_type="boot_volume",
service_client_class=BlockstorageClient,
namespace="core",
)
result = dict(changed=False)
if resource_helper.is_delete_using_name():
result = resource_helper.delete_using_name()
elif resource_helper.is_delete():
result = resource_helper.delete()
elif resource_helper.is_update_using_name():
result = resource_helper.update_using_name()
elif resource_helper.is_update():
result = resource_helper.update()
elif resource_helper.is_create():
result = resource_helper.create()
module.exit_json(**result)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(distribution_id=dict(required=False, type='str'),
invalidation_id=dict(required=False, type='str'),
origin_access_identity_id=dict(required=False, type='str'),
domain_name_alias=dict(required=False, type='str'),
all_lists=dict(required=False, default=False, type='bool'),
distribution=dict(required=False, default=False, type='bool'),
distribution_config=dict(required=False,
default=False,
type='bool'),
origin_access_identity=dict(required=False,
default=False,
type='bool'),
origin_access_identity_config=dict(required=False,
default=False,
type='bool'),
invalidation=dict(required=False, default=False, type='bool'),
streaming_distribution=dict(required=False,
default=False,
type='bool'),
streaming_distribution_config=dict(required=False,
default=False,
type='bool'),
list_origin_access_identities=dict(required=False,
default=False,
type='bool'),
list_distributions=dict(required=False,
default=False,
type='bool'),
list_distributions_by_web_acl_id=dict(required=False,
default=False,
type='bool'),
list_invalidations=dict(required=False,
default=False,
type='bool'),
list_streaming_distributions=dict(required=False,
default=False,
type='bool'),
summary=dict(required=False, default=False, type='bool')))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=False)
is_old_facts = module._name == 'cloudfront_facts'
if is_old_facts:
module.deprecate(
"The 'cloudfront_facts' module has been renamed to 'cloudfront_info', "
"and the renamed one no longer returns ansible_facts",
version='2.13')
if not HAS_BOTO3:
module.fail_json(msg='boto3 is required.')
service_mgr = CloudFrontServiceManager(module)
distribution_id = module.params.get('distribution_id')
invalidation_id = module.params.get('invalidation_id')
origin_access_identity_id = module.params.get('origin_access_identity_id')
web_acl_id = module.params.get('web_acl_id')
domain_name_alias = module.params.get('domain_name_alias')
all_lists = module.params.get('all_lists')
distribution = module.params.get('distribution')
distribution_config = module.params.get('distribution_config')
origin_access_identity = module.params.get('origin_access_identity')
origin_access_identity_config = module.params.get(
'origin_access_identity_config')
invalidation = module.params.get('invalidation')
streaming_distribution = module.params.get('streaming_distribution')
streaming_distribution_config = module.params.get(
'streaming_distribution_config')
list_origin_access_identities = module.params.get(
'list_origin_access_identities')
list_distributions = module.params.get('list_distributions')
list_distributions_by_web_acl_id = module.params.get(
'list_distributions_by_web_acl_id')
list_invalidations = module.params.get('list_invalidations')
list_streaming_distributions = module.params.get(
'list_streaming_distributions')
summary = module.params.get('summary')
aliases = []
result = {'cloudfront': {}}
facts = {}
require_distribution_id = (distribution or distribution_config
or invalidation or streaming_distribution
or streaming_distribution_config
or list_invalidations)
# set default to summary if no option specified
summary = summary or not (
distribution or distribution_config or origin_access_identity or
origin_access_identity_config or invalidation or streaming_distribution
or streaming_distribution_config or list_origin_access_identities
or list_distributions_by_web_acl_id or list_invalidations
or list_streaming_distributions or list_distributions)
# validations
if require_distribution_id and distribution_id is None and domain_name_alias is None:
module.fail_json(
msg=
'Error distribution_id or domain_name_alias have not been specified.'
)
if (invalidation and invalidation_id is None):
module.fail_json(msg='Error invalidation_id has not been specified.')
if (origin_access_identity or origin_access_identity_config
) and origin_access_identity_id is None:
module.fail_json(
msg='Error origin_access_identity_id has not been specified.')
if list_distributions_by_web_acl_id and web_acl_id is None:
module.fail_json(msg='Error web_acl_id has not been specified.')
# get distribution id from domain name alias
if require_distribution_id and distribution_id is None:
distribution_id = service_mgr.get_distribution_id_from_domain_name(
domain_name_alias)
if not distribution_id:
module.fail_json(
msg=
'Error unable to source a distribution id from domain_name_alias'
)
# set appropriate cloudfront id
if distribution_id and not list_invalidations:
facts = {distribution_id: {}}
aliases = service_mgr.get_aliases_from_distribution_id(distribution_id)
for alias in aliases:
facts.update({alias: {}})
if invalidation_id:
facts.update({invalidation_id: {}})
elif distribution_id and list_invalidations:
facts = {distribution_id: {}}
aliases = service_mgr.get_aliases_from_distribution_id(distribution_id)
for alias in aliases:
facts.update({alias: {}})
elif origin_access_identity_id:
facts = {origin_access_identity_id: {}}
elif web_acl_id:
facts = {web_acl_id: {}}
# get details based on options
if distribution:
facts_to_set = service_mgr.get_distribution(distribution_id)
if distribution_config:
facts_to_set = service_mgr.get_distribution_config(distribution_id)
if origin_access_identity:
facts[origin_access_identity_id].update(
service_mgr.get_origin_access_identity(origin_access_identity_id))
if origin_access_identity_config:
facts[origin_access_identity_id].update(
service_mgr.get_origin_access_identity_config(
origin_access_identity_id))
if invalidation:
facts_to_set = service_mgr.get_invalidation(distribution_id,
invalidation_id)
facts[invalidation_id].update(facts_to_set)
if streaming_distribution:
facts_to_set = service_mgr.get_streaming_distribution(distribution_id)
if streaming_distribution_config:
facts_to_set = service_mgr.get_streaming_distribution_config(
distribution_id)
if list_invalidations:
facts_to_set = {
'invalidations': service_mgr.list_invalidations(distribution_id)
}
if 'facts_to_set' in vars():
facts = set_facts_for_distribution_id_and_alias(
facts_to_set, facts, distribution_id, aliases)
# get list based on options
if all_lists or list_origin_access_identities:
facts[
'origin_access_identities'] = service_mgr.list_origin_access_identities(
)
if all_lists or list_distributions:
facts['distributions'] = service_mgr.list_distributions()
if all_lists or list_streaming_distributions:
facts[
'streaming_distributions'] = service_mgr.list_streaming_distributions(
)
if list_distributions_by_web_acl_id:
facts[
'distributions_by_web_acl_id'] = service_mgr.list_distributions_by_web_acl_id(
web_acl_id)
if list_invalidations:
facts['invalidations'] = service_mgr.list_invalidations(
distribution_id)
# default summary option
if summary:
facts['summary'] = service_mgr.summary()
result['changed'] = False
result['cloudfront'].update(facts)
if is_old_facts:
module.exit_json(msg="Retrieved CloudFront facts.",
ansible_facts=result)
else:
module.exit_json(msg="Retrieved CloudFront info.", **result)
if _private_true:
if _private_true:
try:
import ansible.module_utils.stillbogus as nope2
except ImportError:
raise
except ImportError:
nope2 = None
try:
# optional import from a valid collection with an invalid package
from ansible_collections.testns.testcoll.plugins.module_utils.bogus import collnope1
except ImportError:
collnope1 = None
try:
# optional import from a bogus collection
from ansible_collections.bogusns.boguscoll.plugins.module_utils.bogus import collnope2
except ImportError:
collnope2 = None
module = AnsibleModule(argument_spec={})
if not all([yep1, yep2, yep3]):
module.fail_json(msg='one or more existing optional imports did not resolve')
if any([fromnope1, fromnope2, nope1, nope2, collnope1, collnope2]):
module.fail_json(msg='one or more missing optional imports resolved unexpectedly')
module.exit_json(msg='all missing optional imports behaved as expected')
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"system_fortiguard": {
"required": False, "type": "dict", "default": None,
"options": {
"antispam_cache": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"antispam_cache_mpercent": {"required": False, "type": "int"},
"antispam_cache_ttl": {"required": False, "type": "int"},
"antispam_expiration": {"required": False, "type": "int"},
"antispam_force_off": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"antispam_license": {"required": False, "type": "int"},
"antispam_timeout": {"required": False, "type": "int"},
"auto_join_forticloud": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"ddns_server_ip": {"required": False, "type": "str"},
"ddns_server_port": {"required": False, "type": "int"},
"load_balance_servers": {"required": False, "type": "int"},
"outbreak_prevention_cache": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"outbreak_prevention_cache_mpercent": {"required": False, "type": "int"},
"outbreak_prevention_cache_ttl": {"required": False, "type": "int"},
"outbreak_prevention_expiration": {"required": False, "type": "int"},
"outbreak_prevention_force_off": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"outbreak_prevention_license": {"required": False, "type": "int"},
"outbreak_prevention_timeout": {"required": False, "type": "int"},
"port": {"required": False, "type": "str",
"choices": ["53", "8888", "80"]},
"sdns_server_ip": {"required": False, "type": "str"},
"sdns_server_port": {"required": False, "type": "int"},
"service_account_id": {"required": False, "type": "str"},
"source_ip": {"required": False, "type": "str"},
"source_ip6": {"required": False, "type": "str"},
"update_server_location": {"required": False, "type": "str",
"choices": ["usa", "any"]},
"webfilter_cache": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"webfilter_cache_ttl": {"required": False, "type": "int"},
"webfilter_expiration": {"required": False, "type": "int"},
"webfilter_force_off": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"webfilter_license": {"required": False, "type": "int"},
"webfilter_timeout": {"required": False, "type": "int"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
class NetstreamExport(object):
"""Manage NetStream export"""
def __init__(self, argument_spec):
self.spec = argument_spec
self.module = None
self.__init_module__()
# NetStream export configuration parameters
self.type = self.module.params['type']
self.source_ip = self.module.params['source_ip']
self.host_ip = self.module.params['host_ip']
self.host_port = self.module.params['host_port']
self.host_vpn = self.module.params['host_vpn']
self.version = self.module.params['version']
self.as_option = self.module.params['as_option']
self.bgp_netxhop = self.module.params['bgp_nexthop']
self.state = self.module.params['state']
self.commands = list()
self.config = None
self.exist_conf = dict()
# state
self.changed = False
self.updates_cmd = list()
self.results = dict()
self.proposed = dict()
self.existing = dict()
self.end_state = dict()
def __init_module__(self):
"""init module"""
self.module = AnsibleModule(argument_spec=self.spec,
supports_check_mode=True)
def cli_load_config(self, commands):
"""load config by cli"""
if not self.module.check_mode:
load_config(self.module, commands)
def get_netstream_config(self):
"""get current netstream configuration"""
cmd = "display current-configuration | include ^netstream export"
rc, out, err = exec_command(self.module, cmd)
if rc != 0:
self.module.fail_json(msg=err)
config = str(out).strip()
return config
def get_existing(self):
"""get existing config"""
self.existing = dict(type=self.type,
source_ip=self.exist_conf['source_ip'],
host_ip=self.exist_conf['host_ip'],
host_port=self.exist_conf['host_port'],
host_vpn=self.exist_conf['host_vpn'],
version=self.exist_conf['version'],
as_option=self.exist_conf['as_option'],
bgp_nexthop=self.exist_conf['bgp_netxhop'])
def get_proposed(self):
"""get proposed config"""
self.proposed = dict(type=self.type,
source_ip=self.source_ip,
host_ip=self.host_ip,
host_port=self.host_port,
host_vpn=self.host_vpn,
version=self.version,
as_option=self.as_option,
bgp_nexthop=self.bgp_netxhop,
state=self.state)
def get_end_state(self):
"""get end config"""
self.get_config_data()
self.end_state = dict(type=self.type,
source_ip=self.exist_conf['source_ip'],
host_ip=self.exist_conf['host_ip'],
host_port=self.exist_conf['host_port'],
host_vpn=self.exist_conf['host_vpn'],
version=self.exist_conf['version'],
as_option=self.exist_conf['as_option'],
bgp_nexthop=self.exist_conf['bgp_netxhop'])
def show_result(self):
"""show result"""
self.results['changed'] = self.changed
self.results['proposed'] = self.proposed
self.results['existing'] = self.existing
self.results['end_state'] = self.end_state
if self.changed:
self.results['updates'] = self.updates_cmd
else:
self.results['updates'] = list()
self.module.exit_json(**self.results)
def cli_add_command(self, command, undo=False):
"""add command to self.update_cmd and self.commands"""
if undo and command.lower() not in ["quit", "return"]:
cmd = "undo " + command
else:
cmd = command
self.commands.append(cmd) # set to device
if command.lower() not in ["quit", "return"]:
if cmd not in self.updates_cmd:
self.updates_cmd.append(cmd) # show updates result
def config_nets_export_src_addr(self):
"""Configures the source address for the exported packets"""
if is_ipv4_addr(self.source_ip):
if self.type == 'ip':
cmd = "netstream export ip source %s" % self.source_ip
else:
cmd = "netstream export vxlan inner-ip source %s" % self.source_ip
else:
if self.type == 'ip':
cmd = "netstream export ip source ipv6 %s" % self.source_ip
else:
cmd = "netstream export vxlan inner-ip source ipv6 %s" % self.source_ip
if is_config_exist(self.config, cmd):
self.exist_conf['source_ip'] = self.source_ip
if self.state == 'present':
return
else:
undo = True
else:
if self.state == 'absent':
return
else:
undo = False
self.cli_add_command(cmd, undo)
def config_nets_export_host_addr(self):
"""Configures the destination IP address and destination UDP port number"""
if is_ipv4_addr(self.host_ip):
if self.type == 'ip':
cmd = 'netstream export ip host %s %s' % (self.host_ip,
self.host_port)
else:
cmd = 'netstream export vxlan inner-ip host %s %s' % (
self.host_ip, self.host_port)
else:
if self.type == 'ip':
cmd = 'netstream export ip host ipv6 %s %s' % (self.host_ip,
self.host_port)
else:
cmd = 'netstream export vxlan inner-ip host ipv6 %s %s' % (
self.host_ip, self.host_port)
if self.host_vpn:
cmd += " vpn-instance %s" % self.host_vpn
if is_config_exist(self.config, cmd):
self.exist_conf['host_ip'] = self.host_ip
self.exist_conf['host_port'] = self.host_port
if self.host_vpn:
self.exist_conf['host_vpn'] = self.host_vpn
if self.state == 'present':
return
else:
undo = True
else:
if self.state == 'absent':
return
else:
undo = False
self.cli_add_command(cmd, undo)
def config_nets_export_vxlan_ver(self):
"""Configures the version for the exported packets carrying VXLAN flexible flow statistics"""
cmd = 'netstream export vxlan inner-ip version 9'
if is_config_exist(self.config, cmd):
self.exist_conf['version'] = self.version
if self.state == 'present':
return
else:
undo = True
else:
if self.state == 'absent':
return
else:
undo = False
self.cli_add_command(cmd, undo)
def config_nets_export_ip_ver(self):
"""Configures the version number of the exported packets carrying IPv4 flow statistics"""
cmd = 'netstream export ip version %s' % self.version
if self.version == '5':
if self.as_option == 'origin':
cmd += ' origin-as'
elif self.as_option == 'peer':
cmd += ' peer-as'
else:
if self.as_option == 'origin':
cmd += ' origin-as'
elif self.as_option == 'peer':
cmd += ' peer-as'
if self.bgp_netxhop == 'enable':
cmd += ' bgp-nexthop'
if cmd == 'netstream export ip version 5':
cmd_tmp = "netstream export ip version"
if cmd_tmp in self.config:
if self.state == 'present':
self.cli_add_command(cmd, False)
else:
self.exist_conf['version'] = self.version
return
if is_config_exist(self.config, cmd):
self.exist_conf['version'] = self.version
self.exist_conf['as_option'] = self.as_option
self.exist_conf['bgp_netxhop'] = self.bgp_netxhop
if self.state == 'present':
return
else:
undo = True
else:
if self.state == 'absent':
return
else:
undo = False
self.cli_add_command(cmd, undo)
def config_netstream_export(self):
"""configure netstream export"""
if self.commands:
self.cli_load_config(self.commands)
self.changed = True
def check_params(self):
"""Check all input params"""
if not self.type:
self.module.fail_json(
msg='Error: The value of type cannot be empty.')
if self.host_port:
if not self.host_port.isdigit():
self.module.fail_json(msg='Error: Host port is invalid.')
if int(self.host_port) < 1 or int(self.host_port) > 65535:
self.module.fail_json(
msg='Error: Host port is not in the range from 1 to 65535.'
)
if self.host_vpn:
if self.host_vpn == '_public_':
self.module.fail_json(
msg='Error: The host vpn name _public_ is reserved.')
if len(self.host_vpn) < 1 or len(self.host_vpn) > 31:
self.module.fail_json(
msg=
'Error: The host vpn name length is not in the range from 1 to 31.'
)
if self.type == 'vxlan' and self.version == '5':
self.module.fail_json(
msg="Error: When type is vxlan, version must be 9.")
if self.type == 'ip' and self.version == '5' and self.bgp_netxhop == 'enable':
self.module.fail_json(
msg=
"Error: When type=ip and version=5, bgp_netxhop is not supported."
)
if (self.host_ip and not self.host_port) or (self.host_port
and not self.host_ip):
self.module.fail_json(
msg="Error: host_ip and host_port must both exist or not exist."
)
def get_config_data(self):
"""get configuration commands and current configuration"""
self.exist_conf['type'] = self.type
self.exist_conf['source_ip'] = None
self.exist_conf['host_ip'] = None
self.exist_conf['host_port'] = None
self.exist_conf['host_vpn'] = None
self.exist_conf['version'] = None
self.exist_conf['as_option'] = None
self.exist_conf['bgp_netxhop'] = 'disable'
self.config = self.get_netstream_config()
if self.type and self.source_ip:
self.config_nets_export_src_addr()
if self.type and self.host_ip and self.host_port:
self.config_nets_export_host_addr()
if self.type == 'vxlan' and self.version == '9':
self.config_nets_export_vxlan_ver()
if self.type == 'ip' and self.version:
self.config_nets_export_ip_ver()
def work(self):
"""execute task"""
self.check_params()
self.get_proposed()
self.get_config_data()
self.get_existing()
self.config_netstream_export()
self.get_end_state()
self.show_result()
def main():
"""entry point for module execution
"""
argument_spec = dict(
# { command: <str>, output: <str>, prompt: <str>, response: <str> }
commands=dict(type="list", required=True, elements="raw"),
wait_for=dict(type="list", aliases=["waitfor"], elements="str"),
match=dict(default="all", choices=["any", "all"]),
retries=dict(default=10, type="int"),
interval=dict(default=1, type="int"),
)
argument_spec.update(nxos_argument_spec)
module = AnsibleModule(
argument_spec=argument_spec, supports_check_mode=True
)
warnings = list()
result = {"changed": False, "warnings": warnings}
commands = parse_commands(module, warnings)
wait_for = module.params["wait_for"] or list()
try:
conditionals = [Conditional(c) for c in wait_for]
except AttributeError as exc:
module.fail_json(msg=to_text(exc))
retries = module.params["retries"]
interval = module.params["interval"]
match = module.params["match"]
while retries > 0:
responses = run_commands(module, commands)
for item in list(conditionals):
try:
if item(responses):
if match == "any":
conditionals = list()
break
conditionals.remove(item)
except FailedConditionalError as exc:
module.fail_json(msg=to_text(exc))
if not conditionals:
break
time.sleep(interval)
retries -= 1
if conditionals:
failed_conditions = [item.raw for item in conditionals]
msg = "One or more conditional statements have not been satisfied"
module.fail_json(msg=msg, failed_conditions=failed_conditions)
result.update(
{"stdout": responses, "stdout_lines": list(to_lines(responses))}
)
module.exit_json(**result)
def main():
argument_spec = openstack_full_argument_spec(
state=dict(default='present', choices=['absent', 'present']),
name=dict(required=True),
admin_state_up=dict(type='bool', default=True),
enable_snat=dict(type='bool'),
network=dict(default=None),
interfaces=dict(type='list', default=None),
external_fixed_ips=dict(type='list', default=None),
project=dict(default=None)
)
module_kwargs = openstack_module_kwargs()
module = AnsibleModule(argument_spec,
supports_check_mode=True,
**module_kwargs)
state = module.params['state']
name = module.params['name']
network = module.params['network']
project = module.params['project']
if module.params['external_fixed_ips'] and not network:
module.fail_json(msg='network is required when supplying external_fixed_ips')
sdk, cloud = openstack_cloud_from_module(module)
try:
if project is not None:
proj = cloud.get_project(project)
if proj is None:
module.fail_json(msg='Project %s could not be found' % project)
project_id = proj['id']
filters = {'tenant_id': project_id}
else:
project_id = None
filters = None
router = cloud.get_router(name, filters=filters)
net = None
if network:
net = cloud.get_network(network)
if not net:
module.fail_json(msg='network %s not found' % network)
# Validate and cache the subnet IDs so we can avoid duplicate checks
# and expensive API calls.
external_ids, subnet_internal_ids, internal_portids = _validate_subnets(module, cloud)
if module.check_mode:
module.exit_json(
changed=_system_state_change(cloud, module, router, net, subnet_internal_ids, internal_portids)
)
if state == 'present':
changed = False
if not router:
kwargs = _build_kwargs(cloud, module, router, net)
if project_id:
kwargs['project_id'] = project_id
router = cloud.create_router(**kwargs)
for int_s_id in subnet_internal_ids:
cloud.add_router_interface(router, subnet_id=int_s_id)
changed = True
# add interface by port id as well
for int_p_id in internal_portids:
cloud.add_router_interface(router, port_id=int_p_id)
changed = True
else:
if _needs_update(cloud, module, router, net, subnet_internal_ids, internal_portids):
kwargs = _build_kwargs(cloud, module, router, net)
updated_router = cloud.update_router(**kwargs)
# Protect against update_router() not actually
# updating the router.
if not updated_router:
changed = False
# On a router update, if any internal interfaces were supplied,
# just detach all existing internal interfaces and attach the new.
if internal_portids or subnet_internal_ids:
router = updated_router
ports = _router_internal_interfaces(cloud, router)
for port in ports:
cloud.remove_router_interface(router, port_id=port['id'])
if internal_portids:
external_ids, subnet_internal_ids, internal_portids = _validate_subnets(module, cloud)
for int_p_id in internal_portids:
cloud.add_router_interface(router, port_id=int_p_id)
changed = True
if subnet_internal_ids:
for s_id in subnet_internal_ids:
cloud.add_router_interface(router, subnet_id=s_id)
changed = True
module.exit_json(changed=changed,
router=router,
id=router['id'])
elif state == 'absent':
if not router:
module.exit_json(changed=False)
else:
# We need to detach all internal interfaces on a router before
# we will be allowed to delete it.
ports = _router_internal_interfaces(cloud, router)
router_id = router['id']
for port in ports:
cloud.remove_router_interface(router, port_id=port['id'])
cloud.delete_router(router_id)
module.exit_json(changed=True)
except sdk.exceptions.OpenStackCloudException as e:
module.fail_json(msg=str(e))
def main():
module = AnsibleModule(
argument_spec=dict(
binary_path=dict(type='path'),
state=dict(type='str',
default='present',
choices=['present', 'absent']),
plugin_path=dict(type='str', ),
plugin_name=dict(type='str', ),
# Helm options
context=dict(type='str',
aliases=['kube_context'],
fallback=(env_fallback, ['K8S_AUTH_CONTEXT'])),
kubeconfig=dict(type='path',
aliases=['kubeconfig_path'],
fallback=(env_fallback, ['K8S_AUTH_KUBECONFIG'])),
# Generic auth key
host=dict(type='str', fallback=(env_fallback, ['K8S_AUTH_HOST'])),
ca_cert=dict(type='path',
aliases=['ssl_ca_cert'],
fallback=(env_fallback, ['K8S_AUTH_SSL_CA_CERT'])),
validate_certs=dict(type='bool',
default=True,
aliases=['verify_ssl'],
fallback=(env_fallback,
['K8S_AUTH_VERIFY_SSL'])),
api_key=dict(type='str',
no_log=True,
fallback=(env_fallback, ['K8S_AUTH_API_KEY']))),
supports_check_mode=True,
required_if=[
("state", "present", ("plugin_path", )),
("state", "absent", ("plugin_name", )),
],
mutually_exclusive=[('plugin_name', 'plugin_path'),
("context", "ca_cert"),
("context", "validate_certs"),
("kubeconfig", "ca_cert"),
("kubeconfig", "validate_certs")],
)
bin_path = module.params.get('binary_path')
state = module.params.get('state')
if bin_path is not None:
helm_cmd_common = bin_path
else:
helm_cmd_common = 'helm'
helm_cmd_common = module.get_bin_path(helm_cmd_common, required=True)
helm_cmd_common += " plugin"
if state == 'present':
helm_cmd_common += " install %s" % module.params.get('plugin_path')
if not module.check_mode:
rc, out, err = run_helm(module,
helm_cmd_common,
fails_on_error=False)
else:
rc, out, err = (0, '', '')
if rc == 1 and 'plugin already exists' in err:
module.exit_json(failed=False,
changed=False,
msg="Plugin already exists",
command=helm_cmd_common,
stdout=out,
stderr=err,
rc=rc)
elif rc == 0:
module.exit_json(
failed=False,
changed=True,
msg="Plugin installed successfully",
command=helm_cmd_common,
stdout=out,
stderr=err,
rc=rc,
)
else:
module.fail_json(
msg="Failure when executing Helm command.",
command=helm_cmd_common,
stdout=out,
stderr=err,
rc=rc,
)
elif state == 'absent':
plugin_name = module.params.get('plugin_name')
rc, output, err = get_helm_plugin_list(module,
helm_bin=helm_cmd_common)
out = parse_helm_plugin_list(module, output=output.splitlines())
if not out:
module.exit_json(failed=False,
changed=False,
msg="Plugin not found or is already uninstalled",
command=helm_cmd_common + " list",
stdout=output,
stderr=err,
rc=rc)
found = False
for line in out:
if line[0] == plugin_name:
found = True
break
if not found:
module.exit_json(failed=False,
changed=False,
msg="Plugin not found or is already uninstalled",
command=helm_cmd_common + " list",
stdout=output,
stderr=err,
rc=rc)
helm_uninstall_cmd = "%s uninstall %s" % (helm_cmd_common, plugin_name)
if not module.check_mode:
rc, out, err = run_helm(module,
helm_uninstall_cmd,
fails_on_error=False)
else:
rc, out, err = (0, '', '')
if rc == 0:
module.exit_json(changed=True,
msg="Plugin uninstalled successfully",
command=helm_uninstall_cmd,
stdout=out,
stderr=err,
rc=rc)
module.fail_json(
msg="Failed to get Helm plugin uninstall",
command=helm_uninstall_cmd,
stdout=out,
stderr=err,
rc=rc,
)
def main():
""" main entry point for module execution
"""
argument_spec = dict(
src=dict(type='path'),
replace_src=dict(),
lines=dict(aliases=['commands'], type='list'),
parents=dict(type='list'),
before=dict(type='list'),
after=dict(type='list'),
match=dict(default='line', choices=['line', 'strict', 'exact',
'none']),
replace=dict(default='line', choices=['line', 'block', 'config']),
running_config=dict(aliases=['config']),
intended_config=dict(),
defaults=dict(type='bool', default=False),
backup=dict(type='bool', default=False),
save_when=dict(choices=['always', 'never', 'modified', 'changed'],
default='never'),
diff_against=dict(choices=['running', 'startup', 'intended']),
diff_ignore_lines=dict(type='list'),
# save is deprecated as of ans2.4, use save_when instead
save=dict(default=False, type='bool', removed_in_version='2.8'),
# force argument deprecated in ans2.2
force=dict(default=False, type='bool', removed_in_version='2.6'))
argument_spec.update(nxos_argument_spec)
mutually_exclusive = [('lines', 'src', 'replace_src'), ('parents', 'src'),
('save', 'save_when')]
required_if = [('match', 'strict', ['lines']),
('match', 'exact', ['lines']),
('replace', 'block', ['lines']),
('replace', 'config', ['replace_src']),
('diff_against', 'intended', ['intended_config'])]
module = AnsibleModule(argument_spec=argument_spec,
mutually_exclusive=mutually_exclusive,
required_if=required_if,
supports_check_mode=True)
warnings = list()
nxos_check_args(module, warnings)
result = {'changed': False, 'warnings': warnings}
config = None
try:
info = get_capabilities(module)
api = info.get('network_api', 'nxapi')
device_info = info.get('device_info', {})
os_platform = device_info.get('network_os_platform', '')
except ConnectionError:
api = ''
os_platform = ''
if api == 'cliconf' and module.params['replace'] == 'config':
if '9K' not in os_platform:
module.fail_json(
msg=
'replace: config is supported only on Nexus 9K series switches'
)
if module.params['replace_src']:
if module.params['replace'] != 'config':
module.fail_json(
msg='replace: config is required with replace_src')
if module.params['backup'] or (module._diff and
module.params['diff_against'] == 'running'):
contents = get_config(module)
config = NetworkConfig(indent=2, contents=contents)
if module.params['backup']:
result['__backup__'] = contents
if any((module.params['src'], module.params['lines'],
module.params['replace_src'])):
match = module.params['match']
replace = module.params['replace']
candidate = get_candidate(module)
if match != 'none' and replace != 'config':
config = get_running_config(module, config)
path = module.params['parents']
configobjs = candidate.difference(config,
match=match,
replace=replace,
path=path)
else:
configobjs = candidate.items
if configobjs:
commands = dumps(configobjs, 'commands').split('\n')
if module.params['before']:
commands[:0] = module.params['before']
if module.params['after']:
commands.extend(module.params['after'])
result['commands'] = commands
result['updates'] = commands
if not module.check_mode:
load_config(module, commands)
result['changed'] = True
running_config = module.params['running_config']
startup_config = None
diff_ignore_lines = module.params['diff_ignore_lines']
if module.params['save_when'] == 'always' or module.params['save']:
save_config(module, result)
elif module.params['save_when'] == 'modified':
output = execute_show_commands(
module, ['show running-config', 'show startup-config'])
running_config = NetworkConfig(indent=1,
contents=output[0],
ignore_lines=diff_ignore_lines)
startup_config = NetworkConfig(indent=1,
contents=output[1],
ignore_lines=diff_ignore_lines)
if running_config.sha1 != startup_config.sha1:
save_config(module, result)
elif module.params['save_when'] == 'changed' and result['changed']:
save_config(module, result)
if module._diff:
if not running_config:
output = execute_show_commands(module, 'show running-config')
contents = output[0]
else:
contents = running_config
# recreate the object in order to process diff_ignore_lines
running_config = NetworkConfig(indent=1,
contents=contents,
ignore_lines=diff_ignore_lines)
if module.params['diff_against'] == 'running':
if module.check_mode:
module.warn(
"unable to perform diff against running-config due to check mode"
)
contents = None
else:
contents = config.config_text
elif module.params['diff_against'] == 'startup':
if not startup_config:
output = execute_show_commands(module, 'show startup-config')
contents = output[0]
else:
contents = output[0]
contents = startup_config.config_text
elif module.params['diff_against'] == 'intended':
contents = module.params['intended_config']
if contents is not None:
base_config = NetworkConfig(indent=1,
contents=contents,
ignore_lines=diff_ignore_lines)
if running_config.sha1 != base_config.sha1:
if module.params['diff_against'] == 'intended':
before = running_config
after = base_config
elif module.params['diff_against'] in ('startup', 'running'):
before = base_config
after = running_config
result.update({
'changed': True,
'diff': {
'before': str(before),
'after': str(after)
}
})
module.exit_json(**result)
