1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/plugins/modules/manageiq_policies.py

176 lines
5.6 KiB
Python
Raw Permalink Normal View History

2020-03-09 10:11:07 +01:00
#!/usr/bin/python
# -*- coding: utf-8 -*-
# Copyright (c) 2017, Daniel Korn <korndaniel1@gmail.com>
# Copyright (c) 2017, Yaacov Zamir <yzamir@redhat.com>
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
2020-03-09 10:11:07 +01:00
from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
module: manageiq_policies
short_description: Management of resource policy_profiles in ManageIQ
2020-03-09 10:11:07 +01:00
extends_documentation_fragment:
- community.general.manageiq
- community.general.attributes
2020-03-09 10:11:07 +01:00
author: Daniel Korn (@dkorn)
description:
- The manageiq_policies module supports adding and deleting policy_profiles in ManageIQ.
attributes:
check_mode:
support: none
diff_mode:
support: none
2020-03-09 10:11:07 +01:00
options:
state:
type: str
2020-03-09 10:11:07 +01:00
description:
- V(absent) - policy_profiles should not exist,
- V(present) - policy_profiles should exist,
choices: ['absent', 'present']
2020-03-09 10:11:07 +01:00
default: 'present'
policy_profiles:
type: list
Tidy up sanity checks ignore lines modules (batch 7) (#1970) * fixed validation-modules for plugins/modules/cloud/heroku/heroku_collaborator.py * fixed validation-modules for plugins/modules/cloud/linode/linode_v4.py * fixed validation-modules for plugins/modules/remote_management/manageiq/manageiq_provider.py * fixed validation-modules for plugins/modules/remote_management/manageiq/manageiq_policies.py * fixed validation-modules for plugins/modules/remote_management/manageiq/manageiq_alert_profiles.py * fixed validation-modules for plugins/modules/remote_management/manageiq/manageiq_tags.py * fixed validation-modules for plugins/modules/cloud/opennebula/one_host.py * fixed validation-modules for plugins/modules/cloud/opennebula/one_image_info.py * fixed validation-modules for plugins/modules/cloud/opennebula/one_vm.py * fixed validation-modules for plugins/modules/cloud/scaleway/scaleway_lb.py * fixed validation-modules for plugins/modules/cloud/scaleway/scaleway_compute.py * fixed validation-modules for plugins/modules/remote_management/oneview/oneview_network_set_info.py * fixed validation-modules for plugins/modules/remote_management/oneview/oneview_ethernet_network_info.py * fixed validation-modules for plugins/modules/remote_management/oneview/oneview_datacenter_info.py * fixed validation-modules for plugins/modules/remote_management/oneview/oneview_enclosure_info.py * Tidy up sanity checks ignore lines modules (batch 7) * added changelog fragment * Missed a couple of lines in ingnore-2.11.txt * fixed validation-modules for plugins/modules/cloud/packet/packet_volume_attachment.py * Adjusted ignore files and changelog for packet_volume_attachment.py * Rolled back ignore line for linode module * Update plugins/modules/cloud/opennebula/one_image_info.py Co-authored-by: Felix Fontein <felix@fontein.de> * fixes from the PR Co-authored-by: Felix Fontein <felix@fontein.de>
2021-03-08 08:35:09 +01:00
elements: dict
2020-03-09 10:11:07 +01:00
description:
- List of dictionaries, each includes the policy_profile V(name) key.
- Required if O(state) is V(present) or V(absent).
2020-03-09 10:11:07 +01:00
resource_type:
type: str
2020-03-09 10:11:07 +01:00
description:
- The type of the resource to which the profile should be [un]assigned.
2020-03-09 10:11:07 +01:00
required: true
choices: ['provider', 'host', 'vm', 'blueprint', 'category', 'cluster',
'data store', 'group', 'resource pool', 'service', 'service template',
'template', 'tenant', 'user']
resource_name:
type: str
2020-03-09 10:11:07 +01:00
description:
- The name of the resource to which the profile should be [un]assigned.
- Must be specified if O(resource_id) is not set. Both options are mutually exclusive.
resource_id:
type: int
description:
- The ID of the resource to which the profile should be [un]assigned.
- Must be specified if O(resource_name) is not set. Both options are mutually exclusive.
version_added: 2.2.0
2020-03-09 10:11:07 +01:00
'''
EXAMPLES = '''
- name: Assign new policy_profile for a provider in ManageIQ
community.general.manageiq_policies:
2020-03-09 10:11:07 +01:00
resource_name: 'EngLab'
resource_type: 'provider'
policy_profiles:
- name: openscap profile
manageiq_connection:
url: 'http://127.0.0.1:3000'
username: 'admin'
password: 'smartvm'
validate_certs: false # only do this when you trust the network!
2020-03-09 10:11:07 +01:00
- name: Unassign a policy_profile for a provider in ManageIQ
community.general.manageiq_policies:
2020-03-09 10:11:07 +01:00
state: absent
resource_name: 'EngLab'
resource_type: 'provider'
policy_profiles:
- name: openscap profile
manageiq_connection:
url: 'http://127.0.0.1:3000'
username: 'admin'
password: 'smartvm'
validate_certs: false # only do this when you trust the network!
2020-03-09 10:11:07 +01:00
'''
RETURN = '''
manageiq_policies:
description:
- List current policy_profile and policies for a provider in ManageIQ
returned: always
type: dict
sample: '{
"changed": false,
"profiles": [
{
"policies": [
{
"active": true,
"description": "OpenSCAP",
"name": "openscap policy"
},
{
"active": true,
"description": "Analyse incoming container images",
"name": "analyse incoming container images"
},
{
"active": true,
"description": "Schedule compliance after smart state analysis",
"name": "schedule compliance after smart state analysis"
}
],
"profile_description": "OpenSCAP profile",
"profile_name": "openscap profile"
}
]
}'
'''
from ansible.module_utils.basic import AnsibleModule
from ansible_collections.community.general.plugins.module_utils.manageiq import ManageIQ, manageiq_argument_spec, manageiq_entities
def main():
actions = {'present': 'assign', 'absent': 'unassign'}
2020-03-09 10:11:07 +01:00
argument_spec = dict(
Tidy up sanity checks ignore lines modules (batch 7) (#1970) * fixed validation-modules for plugins/modules/cloud/heroku/heroku_collaborator.py * fixed validation-modules for plugins/modules/cloud/linode/linode_v4.py * fixed validation-modules for plugins/modules/remote_management/manageiq/manageiq_provider.py * fixed validation-modules for plugins/modules/remote_management/manageiq/manageiq_policies.py * fixed validation-modules for plugins/modules/remote_management/manageiq/manageiq_alert_profiles.py * fixed validation-modules for plugins/modules/remote_management/manageiq/manageiq_tags.py * fixed validation-modules for plugins/modules/cloud/opennebula/one_host.py * fixed validation-modules for plugins/modules/cloud/opennebula/one_image_info.py * fixed validation-modules for plugins/modules/cloud/opennebula/one_vm.py * fixed validation-modules for plugins/modules/cloud/scaleway/scaleway_lb.py * fixed validation-modules for plugins/modules/cloud/scaleway/scaleway_compute.py * fixed validation-modules for plugins/modules/remote_management/oneview/oneview_network_set_info.py * fixed validation-modules for plugins/modules/remote_management/oneview/oneview_ethernet_network_info.py * fixed validation-modules for plugins/modules/remote_management/oneview/oneview_datacenter_info.py * fixed validation-modules for plugins/modules/remote_management/oneview/oneview_enclosure_info.py * Tidy up sanity checks ignore lines modules (batch 7) * added changelog fragment * Missed a couple of lines in ingnore-2.11.txt * fixed validation-modules for plugins/modules/cloud/packet/packet_volume_attachment.py * Adjusted ignore files and changelog for packet_volume_attachment.py * Rolled back ignore line for linode module * Update plugins/modules/cloud/opennebula/one_image_info.py Co-authored-by: Felix Fontein <felix@fontein.de> * fixes from the PR Co-authored-by: Felix Fontein <felix@fontein.de>
2021-03-08 08:35:09 +01:00
policy_profiles=dict(type='list', elements='dict'),
resource_id=dict(type='int'),
resource_name=dict(type='str'),
2020-03-09 10:11:07 +01:00
resource_type=dict(required=True, type='str',
choices=list(manageiq_entities().keys())),
2020-03-09 10:11:07 +01:00
state=dict(required=False, type='str',
choices=['present', 'absent'], default='present'),
2020-03-09 10:11:07 +01:00
)
# add the manageiq connection arguments to the arguments
argument_spec.update(manageiq_argument_spec())
module = AnsibleModule(
argument_spec=argument_spec,
mutually_exclusive=[["resource_id", "resource_name"]],
required_one_of=[["resource_id", "resource_name"]],
2020-03-09 10:11:07 +01:00
required_if=[
('state', 'present', ['policy_profiles']),
('state', 'absent', ['policy_profiles'])
],
)
policy_profiles = module.params['policy_profiles']
resource_id = module.params['resource_id']
2020-03-09 10:11:07 +01:00
resource_type_key = module.params['resource_type']
resource_name = module.params['resource_name']
state = module.params['state']
# get the action and resource type
action = actions[state]
resource_type = manageiq_entities()[resource_type_key]
manageiq = ManageIQ(module)
manageiq_policies = manageiq.policies(resource_id, resource_type, resource_name)
2020-03-09 10:11:07 +01:00
# assign or unassign the profiles
res_args = manageiq_policies.assign_or_unassign_profiles(policy_profiles, action)
2020-03-09 10:11:07 +01:00
module.exit_json(**res_args)
if __name__ == "__main__":
main()