def create(self,
files=None,
contents=None,
from_literal=None,
cert=None,
key=None,
force=False):
'''Create a secret '''
cmd = ['create', 'secret']
if self.type is not None:
cmd.append(self.type)
cmd.append(self.name)
if from_literal is not None:
cmd.extend(self.from_literal_to_params(from_literal))
elif self.type == 'tls':
certInput = '--cert=%s' % cert
keyInput = '--key=%s' % key
cmd.append(certInput)
cmd.append(keyInput)
else:
if not files:
files = Utils.create_tmp_files_from_contents(contents)
secrets = ["--from-file=%s" % (sfile['path']) for sfile in files]
cmd.extend(secrets)
results = self.openshift_cmd(cmd)
return results
def prep_secret(self, files=None, contents=None, force=False):
''' return what the secret would look like if created
This is accomplished by passing -ojson. This will most likely change in the future
'''
if not files:
files = Utils.create_tmp_files_from_contents(contents)
secrets = ["%s=%s" % (sfile['name'], sfile['path']) for sfile in files]
cmd = ['-ojson', 'secrets', 'new', self.name]
if self.type is not None:
cmd.extend(["--type=%s" % (self.type)])
if force:
cmd.append('--confirm')
cmd.extend(secrets)
return self.openshift_cmd(cmd, output=True)
def create(self, files=None, content=None):
'''
Create a config
NOTE: This creates the first file OR the first conent.
TODO: Handle all files and content passed in
'''
if files:
return self._create(files[0])
# The purpose of this change is twofold:
# - we need a check to only use the ruamel specific dumper if ruamel is loaded
# - the dumper or the flow style change is needed so openshift is able to parse
# the resulting yaml, at least until gopkg.in/yaml.v2 is updated
if hasattr(yaml, 'RoundTripDumper'):
content['data'] = yaml.dump(content['data'],
Dumper=yaml.RoundTripDumper)
else:
content['data'] = yaml.safe_dump(content['data'],
default_flow_style=False)
content_file = Utils.create_tmp_files_from_contents(content)[0]
return self._create(content_file['path'])
def run_ansible(params, check_mode):
'''run the oc_secret module'''
ocsecret = OCSecret(params['namespace'],
params['name'],
params['type'],
params['decode'],
oc_binary=params['oc_binary'],
verbose=params['debug'])
state = params['state']
api_rval = ocsecret.get()
#####
# Get
#####
if state == 'list':
return {
'changed': False,
'ansible_module_results': api_rval,
state: 'list'
}
if not params['name']:
return {
'failed': True,
'msg': 'Please specify a name when state is absent|present.'
}
########
# Delete
########
if state == 'absent':
if not Utils.exists(api_rval['results'], params['name']):
return {'changed': False, 'state': 'absent'}
if check_mode:
return {
'changed': True,
'msg': 'Would have performed a delete.'
}
api_rval = ocsecret.delete()
return {
'changed': True,
'ansible_module_results': api_rval,
'state': 'absent'
}
if state == 'present':
if params['files']:
files = params['files']
elif params['contents']:
files = Utils.create_tmp_files_from_contents(
params['contents'])
else:
files = [{'name': 'null', 'path': os.devnull}]
########
# Create
########
if not Utils.exists(api_rval['results'], params['name']):
if check_mode:
return {
'changed': True,
'msg': 'Would have performed a create.'
}
api_rval = ocsecret.create(files,
params['contents'],
params['from_literal'],
params['cert'],
params['key'],
force=params['force'])
# Remove files
if files and params['delete_after']:
Utils.cleanup([ftmp['path'] for ftmp in files])
if api_rval['returncode'] != 0:
return {'failed': True, 'msg': api_rval}
return {
'changed': True,
'ansible_module_results': api_rval,
'state': 'present'
}
########
# Update
########
# if update is set to false, return
update = params['update']
if not update:
return {
'changed': False,
'ansible_module_results': api_rval,
'state': state
}
secret = ocsecret.prep_secret(params['files'],
params['contents'],
force=params['force'])
if secret['returncode'] != 0:
return {'failed': True, 'msg': secret}
if Utils.check_def_equal(secret['results'],
api_rval['results'][0]):
# Remove files
if files and params['delete_after']:
Utils.cleanup([ftmp['path'] for ftmp in files])
return {
'changed': False,
'ansible_module_results': secret['results'],
'state': 'present'
}
if check_mode:
return {
'changed': True,
'msg': 'Would have performed an update.'
}
api_rval = ocsecret.update(files, force=params['force'])
# Remove files
if secret and params['delete_after']:
Utils.cleanup([ftmp['path'] for ftmp in files])
if api_rval['returncode'] != 0:
return {'failed': True, 'msg': api_rval}
return {
'changed': True,
'ansible_module_results': api_rval,
'state': 'present'
}
return {
'failed': True,
'changed': False,
'msg': 'Unknown state passed. %s' % state,
'state': 'unknown'
}