a31dcfa319
This change introduces several new modules that make up the bulk of the functionality required to port over the derived parameters functionality into an Ansible role. All modules will be tested within the derived params role, to be introduced in a follow on commit. > Documentation has been generated for the new modules. Change-Id: I19da74ff1b1b6a1e889e93d3fcad82918ad8a367 Signed-off-by: Kevin Carter <kecarter@redhat.com>
136 lines
3.6 KiB
Python
136 lines
3.6 KiB
Python
#!/usr/bin/python
|
|
# -*- coding: utf-8 -*-
|
|
# Copyright (c) 2018 OpenStack Foundation
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
from __future__ import absolute_import
|
|
from __future__ import division
|
|
from __future__ import print_function
|
|
|
|
import yaml
|
|
|
|
from ansible.module_utils import tripleo_common_utils as tc
|
|
from ansible.module_utils.basic import AnsibleModule
|
|
from ansible.module_utils.openstack import openstack_full_argument_spec
|
|
from ansible.module_utils.openstack import openstack_module_kwargs
|
|
from ansible.module_utils.openstack import openstack_cloud_from_module
|
|
|
|
from tripleo_common.utils import plan as plan_utils
|
|
|
|
ANSIBLE_METADATA = {
|
|
'metadata_version': '1.1',
|
|
'status': ['preview'],
|
|
'supported_by': 'community'
|
|
}
|
|
|
|
DOCUMENTATION = '''
|
|
---
|
|
module: tripleo_passwords_rotate
|
|
|
|
short_description: Rotate Passwords
|
|
|
|
version_added: "2.8"
|
|
|
|
description:
|
|
- "Rotate Passwords."
|
|
|
|
options:
|
|
container:
|
|
description:
|
|
- Overcloud plan container name
|
|
default: overcloud
|
|
rotate_passwords:
|
|
description: flag for rotate passwords or not
|
|
default: true
|
|
type: bool
|
|
password_list:
|
|
description:
|
|
- Password list to be rotated
|
|
type: list
|
|
default: []
|
|
no_log: true
|
|
author:
|
|
- Rabi Mishra (@ramishra)
|
|
requirements: ["openstacksdk", "tripleo-common"]
|
|
'''
|
|
|
|
EXAMPLES = '''
|
|
- name: Rotate passwords and update plan
|
|
tripleo_password_rotate:
|
|
container: overcloud
|
|
rotate_passwords: true
|
|
password_list: []
|
|
'''
|
|
|
|
RETURN = '''
|
|
passwords:
|
|
description: Rotated passwords
|
|
returned: always
|
|
type: dict
|
|
no_log: true
|
|
'''
|
|
|
|
|
|
def run_module():
|
|
result = dict(
|
|
success=False,
|
|
changed=False,
|
|
error="",
|
|
passwords={}
|
|
)
|
|
|
|
argument_spec = openstack_full_argument_spec(
|
|
**yaml.safe_load(DOCUMENTATION)['options']
|
|
)
|
|
|
|
module = AnsibleModule(
|
|
argument_spec,
|
|
supports_check_mode=False,
|
|
**openstack_module_kwargs()
|
|
)
|
|
|
|
try:
|
|
container = module.params.get('container')
|
|
rotate_passwords = module.params.get('rotate_passwords')
|
|
password_list = module.params.get('password_list')
|
|
_, conn = openstack_cloud_from_module(module)
|
|
tripleo = tc.TripleOCommon(session=conn.session)
|
|
swift = tripleo.get_object_client()
|
|
heat = tripleo.get_orchestration_client()
|
|
rotated_passwords = plan_utils.generate_passwords(
|
|
swift, heat, container=container,
|
|
rotate_passwords=rotate_passwords,
|
|
rotate_pw_list=password_list)
|
|
result['success'] = True
|
|
result['passwords'] = rotated_passwords
|
|
result['changed'] = True
|
|
except Exception as err:
|
|
result['error'] = str(err)
|
|
result['msg'] = ("Error rotating passwords for plan %s: %s" % (
|
|
container, err))
|
|
module.fail_json(**result)
|
|
|
|
# in the event of a successful module execution, you will want to
|
|
# simple AnsibleModule.exit_json(), passing the key/value results
|
|
module.exit_json(**result)
|
|
|
|
|
|
def main():
|
|
run_module()
|
|
|
|
|
|
if __name__ == '__main__':
|
|
main()
|