138 lines
3.6 KiB
Python
138 lines
3.6 KiB
Python
#!/usr/bin/python
|
|
# -*- coding: utf-8 -*-
|
|
|
|
# Copyright (c) 2016 IBM
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
|
|
DOCUMENTATION = r'''
|
|
---
|
|
module: identity_role
|
|
short_description: Manage a OpenStack identity (Keystone) role
|
|
author: OpenStack Ansible SIG
|
|
description:
|
|
- Create, update or delete a OpenStack identity (Keystone) role.
|
|
options:
|
|
description:
|
|
description:
|
|
- Role description.
|
|
type: str
|
|
domain_id:
|
|
description:
|
|
- Domain id to create the role in.
|
|
type: str
|
|
name:
|
|
description:
|
|
- Role name.
|
|
required: true
|
|
type: str
|
|
state:
|
|
description:
|
|
- Should the resource be present or absent.
|
|
choices: ['present', 'absent']
|
|
default: present
|
|
type: str
|
|
extends_documentation_fragment:
|
|
- openstack.cloud.openstack
|
|
'''
|
|
|
|
EXAMPLES = r'''
|
|
- name: Create a role named demo
|
|
openstack.cloud.identity_role:
|
|
cloud: mycloud
|
|
state: present
|
|
name: demo
|
|
|
|
- name: Delete the role named demo
|
|
openstack.cloud.identity_role:
|
|
cloud: mycloud
|
|
state: absent
|
|
name: demo
|
|
'''
|
|
|
|
RETURN = r'''
|
|
role:
|
|
description: Dictionary describing the identity role.
|
|
returned: On success when I(state) is C(present).
|
|
type: dict
|
|
contains:
|
|
description:
|
|
description: Description of the role resource
|
|
type: str
|
|
sample: role description
|
|
domain_id:
|
|
description: Domain to which the role belongs
|
|
type: str
|
|
sample: default
|
|
id:
|
|
description: Unique role ID.
|
|
type: str
|
|
sample: "677bfab34c844a01b88a217aa12ec4c2"
|
|
links:
|
|
description: Links for the role resource
|
|
type: list
|
|
name:
|
|
description: Role name.
|
|
type: str
|
|
sample: "demo"
|
|
'''
|
|
|
|
from ansible_collections.openstack.cloud.plugins.module_utils.openstack import OpenStackModule
|
|
from ansible_collections.openstack.cloud.plugins.module_utils.resource import StateMachine
|
|
|
|
|
|
class IdentityRoleModule(OpenStackModule):
|
|
argument_spec = dict(
|
|
description=dict(),
|
|
domain_id=dict(),
|
|
name=dict(required=True),
|
|
state=dict(default='present', choices=['absent', 'present']),
|
|
)
|
|
|
|
module_kwargs = dict(
|
|
supports_check_mode=True
|
|
)
|
|
|
|
class _StateMachine(StateMachine):
|
|
def _find(self, attributes, **kwargs):
|
|
kwargs = dict((k, attributes[k])
|
|
for k in ['domain_id']
|
|
if k in attributes and attributes[k] is not None)
|
|
|
|
return self.find_function(attributes['name'], **kwargs)
|
|
|
|
def run(self):
|
|
sm = self._StateMachine(connection=self.conn,
|
|
service_name='identity',
|
|
type_name='role',
|
|
sdk=self.sdk)
|
|
|
|
kwargs = dict((k, self.params[k])
|
|
for k in ['state', 'timeout']
|
|
if self.params[k] is not None)
|
|
|
|
kwargs['attributes'] = \
|
|
dict((k, self.params[k])
|
|
for k in ['description', 'domain_id', 'name']
|
|
if self.params[k] is not None)
|
|
|
|
role, is_changed = sm(check_mode=self.ansible.check_mode,
|
|
updateable_attributes=None,
|
|
non_updateable_attributes=['domain_id'],
|
|
wait=False,
|
|
**kwargs)
|
|
|
|
if role is None:
|
|
self.exit_json(changed=is_changed)
|
|
else:
|
|
self.exit_json(changed=is_changed,
|
|
role=role.to_dict(computed=False))
|
|
|
|
|
|
def main():
|
|
module = IdentityRoleModule()
|
|
module()
|
|
|
|
|
|
if __name__ == '__main__':
|
|
main()
|