add etcd3 lookup plugin (#127)
* add etcd3 lookup plugin
* retire version_added tag
Co-Authored-By: Felix Fontein <felix@fontein.de>
* typo fixes
Co-Authored-By: Felix Fontein <felix@fontein.de>
* fix YAML syntax in example
Co-Authored-By: Felix Fontein <felix@fontein.de>
* typo fixes
Co-Authored-By: Felix Fontein <felix@fontein.de>
* remove python shebang as it is useless in Ansible lookup module
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/etcd3.py typo
Co-Authored-By: Felix Fontein <felix@fontein.de>
* fixes:
- replaced LookupBase._display by ansible.utils.display.Display
- add regex to retrieve host and port from ETCDCTL_ENDPOINTS env
- add env support for user, password, timeout
* fixes:
- use short form for types
- update doc section with envs
- catch exceptions between etcd3 api calls
* etcd3 lookup pass ansible sanity checks
introduce ansible integration tests for etcd3 lookup
* extract etcd3 setup from existing etcd3 module integration test
* fix etcd3 module/lookup integration tests
* fixes:
- fix port option in docstring
- raise connecttion error
- fix display format issues
- fix ETCDCTL_ENDPOINTS regex
adds:
- basic unit tests
* fix sanity issues
* add etcd3 lookup plugin
* retire version_added tag
Co-Authored-By: Felix Fontein <felix@fontein.de>
* typo fixes
Co-Authored-By: Felix Fontein <felix@fontein.de>
* fix YAML syntax in example
Co-Authored-By: Felix Fontein <felix@fontein.de>
* typo fixes
Co-Authored-By: Felix Fontein <felix@fontein.de>
* remove python shebang as it is useless in Ansible lookup module
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/etcd3.py typo
Co-Authored-By: Felix Fontein <felix@fontein.de>
* fixes:
- replaced LookupBase._display by ansible.utils.display.Display
- add regex to retrieve host and port from ETCDCTL_ENDPOINTS env
- add env support for user, password, timeout
* fixes:
- use short form for types
- update doc section with envs
- catch exceptions between etcd3 api calls
* etcd3 lookup pass ansible sanity checks
introduce ansible integration tests for etcd3 lookup
* extract etcd3 setup from existing etcd3 module integration test
* fix etcd3 module/lookup integration tests
* fixes:
- fix port option in docstring
- raise connecttion error
- fix display format issues
- fix ETCDCTL_ENDPOINTS regex
adds:
- basic unit tests
* fix sanity issues
* changes:
- replace kwargs lookups with get_option()
- add 'entpoint' option for correct handling of ETCDCTL_ENDPOINTS env
- code simplification
* fix etcd3 lookup unit test:
replace LookupModule instanciation with lookup_loader
* fix sanity checks
* etcd3 changes:
- docstring documentation fixes/updates
- create etcd3 cnx object with a get_option() loop instead of copying 'private' class object
- set 'endpoints' option mutually exclusive with 'host' and 'port' (raises an AnsibleError exception)
* etcd3 changes:
- added ANSIBLE_METADATA,
- added default value for 'endpoints' option,
- removed defaults for options 'host' and 'port',
- fixed docstring links,
- added 'notes' and 'seealso' sections in doctring
- updated options code handling to reflect docstring's updates
* etcd3 changes:
- fix descriptions for endpoints, host, and port options
- update notes sections
- fix reference to etcd lookup plugin in seealso section
- fix return docstring
- remove useless logging
- obfuscates password in connection logging
* more pythonic lookup on dict keys
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update password obfuscation
Co-Authored-By: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
2020-04-25 10:58:06 +02:00
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
#
|
|
|
|
# (c) 2020, SCC France, Eric Belhomme <ebelhomme@fr.scc.com>
|
|
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
|
|
|
|
|
|
from __future__ import absolute_import, division, print_function
|
|
|
|
__metaclass__ = type
|
|
|
|
|
|
|
|
DOCUMENTATION = '''
|
|
|
|
author:
|
|
|
|
- Eric Belhomme <ebelhomme@fr.scc.com>
|
2020-06-13 15:01:19 +02:00
|
|
|
version_added: '0.2.0'
|
add etcd3 lookup plugin (#127)
* add etcd3 lookup plugin
* retire version_added tag
Co-Authored-By: Felix Fontein <felix@fontein.de>
* typo fixes
Co-Authored-By: Felix Fontein <felix@fontein.de>
* fix YAML syntax in example
Co-Authored-By: Felix Fontein <felix@fontein.de>
* typo fixes
Co-Authored-By: Felix Fontein <felix@fontein.de>
* remove python shebang as it is useless in Ansible lookup module
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/etcd3.py typo
Co-Authored-By: Felix Fontein <felix@fontein.de>
* fixes:
- replaced LookupBase._display by ansible.utils.display.Display
- add regex to retrieve host and port from ETCDCTL_ENDPOINTS env
- add env support for user, password, timeout
* fixes:
- use short form for types
- update doc section with envs
- catch exceptions between etcd3 api calls
* etcd3 lookup pass ansible sanity checks
introduce ansible integration tests for etcd3 lookup
* extract etcd3 setup from existing etcd3 module integration test
* fix etcd3 module/lookup integration tests
* fixes:
- fix port option in docstring
- raise connecttion error
- fix display format issues
- fix ETCDCTL_ENDPOINTS regex
adds:
- basic unit tests
* fix sanity issues
* add etcd3 lookup plugin
* retire version_added tag
Co-Authored-By: Felix Fontein <felix@fontein.de>
* typo fixes
Co-Authored-By: Felix Fontein <felix@fontein.de>
* fix YAML syntax in example
Co-Authored-By: Felix Fontein <felix@fontein.de>
* typo fixes
Co-Authored-By: Felix Fontein <felix@fontein.de>
* remove python shebang as it is useless in Ansible lookup module
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/etcd3.py typo
Co-Authored-By: Felix Fontein <felix@fontein.de>
* fixes:
- replaced LookupBase._display by ansible.utils.display.Display
- add regex to retrieve host and port from ETCDCTL_ENDPOINTS env
- add env support for user, password, timeout
* fixes:
- use short form for types
- update doc section with envs
- catch exceptions between etcd3 api calls
* etcd3 lookup pass ansible sanity checks
introduce ansible integration tests for etcd3 lookup
* extract etcd3 setup from existing etcd3 module integration test
* fix etcd3 module/lookup integration tests
* fixes:
- fix port option in docstring
- raise connecttion error
- fix display format issues
- fix ETCDCTL_ENDPOINTS regex
adds:
- basic unit tests
* fix sanity issues
* changes:
- replace kwargs lookups with get_option()
- add 'entpoint' option for correct handling of ETCDCTL_ENDPOINTS env
- code simplification
* fix etcd3 lookup unit test:
replace LookupModule instanciation with lookup_loader
* fix sanity checks
* etcd3 changes:
- docstring documentation fixes/updates
- create etcd3 cnx object with a get_option() loop instead of copying 'private' class object
- set 'endpoints' option mutually exclusive with 'host' and 'port' (raises an AnsibleError exception)
* etcd3 changes:
- added ANSIBLE_METADATA,
- added default value for 'endpoints' option,
- removed defaults for options 'host' and 'port',
- fixed docstring links,
- added 'notes' and 'seealso' sections in doctring
- updated options code handling to reflect docstring's updates
* etcd3 changes:
- fix descriptions for endpoints, host, and port options
- update notes sections
- fix reference to etcd lookup plugin in seealso section
- fix return docstring
- remove useless logging
- obfuscates password in connection logging
* more pythonic lookup on dict keys
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update password obfuscation
Co-Authored-By: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
2020-04-25 10:58:06 +02:00
|
|
|
lookup: etcd3
|
|
|
|
short_description: Get key values from etcd3 server
|
|
|
|
description:
|
|
|
|
- Retrieves key values and/or key prefixes from etcd3 server using its native gRPC API.
|
|
|
|
- Try to reuse M(etcd3) options for connection parameters, but add support for some C(ETCDCTL_*) environment variables.
|
|
|
|
- See U(https://github.com/etcd-io/etcd/tree/master/Documentation/op-guide) for etcd overview.
|
|
|
|
|
|
|
|
options:
|
|
|
|
_terms:
|
|
|
|
description:
|
|
|
|
- The list of keys (or key prefixes) to look up on the etcd3 server.
|
|
|
|
type: list
|
|
|
|
elements: str
|
|
|
|
required: True
|
|
|
|
prefix:
|
|
|
|
description:
|
|
|
|
- Look for key or prefix key.
|
|
|
|
type: bool
|
|
|
|
default: False
|
|
|
|
endpoints:
|
|
|
|
description:
|
|
|
|
- Counterpart of C(ETCDCTL_ENDPOINTS) enviroment variable.
|
|
|
|
Specify the etcd3 connection with and URL form eg. C(https://hostname:2379) or C(<host>:<port>) form.
|
|
|
|
- The C(host) part is overwritten by I(host) option, if defined.
|
|
|
|
- The C(port) part is overwritten by I(port) option, if defined.
|
|
|
|
env:
|
|
|
|
- name: ETCDCTL_ENDPOINTS
|
|
|
|
default: '127.0.0.1:2379'
|
|
|
|
type: str
|
|
|
|
host:
|
|
|
|
description:
|
|
|
|
- etcd3 listening client host.
|
|
|
|
- Takes precedence over I(endpoints).
|
|
|
|
type: str
|
|
|
|
port:
|
|
|
|
description:
|
|
|
|
- etcd3 listening client port.
|
|
|
|
- Takes precedence over I(endpoints).
|
|
|
|
type: int
|
|
|
|
ca_cert:
|
|
|
|
description:
|
|
|
|
- etcd3 CA authority.
|
|
|
|
env:
|
|
|
|
- name: ETCDCTL_CACERT
|
|
|
|
type: str
|
|
|
|
cert_cert:
|
|
|
|
description:
|
|
|
|
- etcd3 client certificate.
|
|
|
|
env:
|
|
|
|
- name: ETCDCTL_CERT
|
|
|
|
type: str
|
|
|
|
cert_key:
|
|
|
|
description:
|
|
|
|
- etcd3 client private key.
|
|
|
|
env:
|
|
|
|
- name: ETCDCTL_KEY
|
|
|
|
type: str
|
|
|
|
timeout:
|
|
|
|
description:
|
|
|
|
- Client timeout.
|
|
|
|
default: 60
|
|
|
|
env:
|
|
|
|
- name: ETCDCTL_DIAL_TIMEOUT
|
|
|
|
type: int
|
|
|
|
user:
|
|
|
|
description:
|
|
|
|
- Authentified user name.
|
|
|
|
env:
|
|
|
|
- name: ETCDCTL_USER
|
|
|
|
type: str
|
|
|
|
password:
|
|
|
|
description:
|
|
|
|
- Authentified user password.
|
|
|
|
env:
|
|
|
|
- name: ETCDCTL_PASSWORD
|
|
|
|
type: str
|
|
|
|
|
|
|
|
notes:
|
|
|
|
- I(host) and I(port) options take precedence over (endpoints) option.
|
|
|
|
- The recommanded way to connect to etcd3 server is using C(ETCDCTL_ENDPOINT)
|
|
|
|
environment variable and keep I(endpoints), I(host), and I(port) unused.
|
|
|
|
seealso:
|
2020-06-25 13:34:46 +02:00
|
|
|
- module: community.general.etcd3
|
add etcd3 lookup plugin (#127)
* add etcd3 lookup plugin
* retire version_added tag
Co-Authored-By: Felix Fontein <felix@fontein.de>
* typo fixes
Co-Authored-By: Felix Fontein <felix@fontein.de>
* fix YAML syntax in example
Co-Authored-By: Felix Fontein <felix@fontein.de>
* typo fixes
Co-Authored-By: Felix Fontein <felix@fontein.de>
* remove python shebang as it is useless in Ansible lookup module
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/etcd3.py typo
Co-Authored-By: Felix Fontein <felix@fontein.de>
* fixes:
- replaced LookupBase._display by ansible.utils.display.Display
- add regex to retrieve host and port from ETCDCTL_ENDPOINTS env
- add env support for user, password, timeout
* fixes:
- use short form for types
- update doc section with envs
- catch exceptions between etcd3 api calls
* etcd3 lookup pass ansible sanity checks
introduce ansible integration tests for etcd3 lookup
* extract etcd3 setup from existing etcd3 module integration test
* fix etcd3 module/lookup integration tests
* fixes:
- fix port option in docstring
- raise connecttion error
- fix display format issues
- fix ETCDCTL_ENDPOINTS regex
adds:
- basic unit tests
* fix sanity issues
* add etcd3 lookup plugin
* retire version_added tag
Co-Authored-By: Felix Fontein <felix@fontein.de>
* typo fixes
Co-Authored-By: Felix Fontein <felix@fontein.de>
* fix YAML syntax in example
Co-Authored-By: Felix Fontein <felix@fontein.de>
* typo fixes
Co-Authored-By: Felix Fontein <felix@fontein.de>
* remove python shebang as it is useless in Ansible lookup module
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/etcd3.py typo
Co-Authored-By: Felix Fontein <felix@fontein.de>
* fixes:
- replaced LookupBase._display by ansible.utils.display.Display
- add regex to retrieve host and port from ETCDCTL_ENDPOINTS env
- add env support for user, password, timeout
* fixes:
- use short form for types
- update doc section with envs
- catch exceptions between etcd3 api calls
* etcd3 lookup pass ansible sanity checks
introduce ansible integration tests for etcd3 lookup
* extract etcd3 setup from existing etcd3 module integration test
* fix etcd3 module/lookup integration tests
* fixes:
- fix port option in docstring
- raise connecttion error
- fix display format issues
- fix ETCDCTL_ENDPOINTS regex
adds:
- basic unit tests
* fix sanity issues
* changes:
- replace kwargs lookups with get_option()
- add 'entpoint' option for correct handling of ETCDCTL_ENDPOINTS env
- code simplification
* fix etcd3 lookup unit test:
replace LookupModule instanciation with lookup_loader
* fix sanity checks
* etcd3 changes:
- docstring documentation fixes/updates
- create etcd3 cnx object with a get_option() loop instead of copying 'private' class object
- set 'endpoints' option mutually exclusive with 'host' and 'port' (raises an AnsibleError exception)
* etcd3 changes:
- added ANSIBLE_METADATA,
- added default value for 'endpoints' option,
- removed defaults for options 'host' and 'port',
- fixed docstring links,
- added 'notes' and 'seealso' sections in doctring
- updated options code handling to reflect docstring's updates
* etcd3 changes:
- fix descriptions for endpoints, host, and port options
- update notes sections
- fix reference to etcd lookup plugin in seealso section
- fix return docstring
- remove useless logging
- obfuscates password in connection logging
* more pythonic lookup on dict keys
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update password obfuscation
Co-Authored-By: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
2020-04-25 10:58:06 +02:00
|
|
|
- ref: etcd_lookup
|
|
|
|
|
|
|
|
requirements:
|
|
|
|
- "etcd3 >= 0.10"
|
|
|
|
'''
|
|
|
|
|
|
|
|
EXAMPLES = '''
|
|
|
|
- name: "a value from a locally running etcd"
|
|
|
|
debug:
|
|
|
|
msg: "{{ lookup('community.general.etcd3', 'foo/bar') }}"
|
|
|
|
|
|
|
|
- name: "values from multiple folders on a locally running etcd"
|
|
|
|
debug:
|
|
|
|
msg: "{{ lookup('community.general.etcd3', 'foo', 'bar', 'baz') }}"
|
|
|
|
|
|
|
|
- name: "look for a key prefix"
|
|
|
|
debug:
|
|
|
|
msg: "{{ lookup('community.general.etcd3', '/foo/bar', prefix=True) }}"
|
|
|
|
|
|
|
|
- name: "connect to etcd3 with a client certificate"
|
|
|
|
debug:
|
|
|
|
msg: "{{ lookup('community.general.etcd3', 'foo/bar', cert_cert='/etc/ssl/etcd/client.pem', cert_key='/etc/ssl/etcd/client.key') }}"
|
|
|
|
'''
|
|
|
|
|
|
|
|
RETURN = '''
|
|
|
|
_raw:
|
|
|
|
description:
|
|
|
|
- List of keys and associated values.
|
|
|
|
type: list
|
|
|
|
elements: dict
|
|
|
|
contains:
|
|
|
|
key:
|
|
|
|
description: The element's key.
|
|
|
|
type: str
|
|
|
|
value:
|
|
|
|
description: The element's value.
|
|
|
|
type: str
|
|
|
|
'''
|
|
|
|
|
|
|
|
import re
|
|
|
|
|
|
|
|
from ansible.plugins.lookup import LookupBase
|
|
|
|
from ansible.utils.display import Display
|
|
|
|
from ansible.module_utils.basic import missing_required_lib
|
|
|
|
from ansible.module_utils._text import to_native
|
|
|
|
from ansible.plugins.lookup import LookupBase
|
|
|
|
from ansible.errors import AnsibleError, AnsibleLookupError
|
|
|
|
|
|
|
|
try:
|
|
|
|
import etcd3
|
|
|
|
HAS_ETCD = True
|
|
|
|
except ImportError:
|
|
|
|
HAS_ETCD = False
|
|
|
|
|
|
|
|
display = Display()
|
|
|
|
|
|
|
|
etcd3_cnx_opts = (
|
|
|
|
'host',
|
|
|
|
'port',
|
|
|
|
'ca_cert',
|
|
|
|
'cert_key',
|
|
|
|
'cert_cert',
|
|
|
|
'timeout',
|
|
|
|
'user',
|
|
|
|
'password',
|
|
|
|
# 'grpc_options' Etcd3Client() option currently not supported by lookup module (maybe in future ?)
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
def etcd3_client(client_params):
|
|
|
|
try:
|
|
|
|
etcd = etcd3.client(**client_params)
|
|
|
|
etcd.status()
|
|
|
|
except Exception as exp:
|
|
|
|
raise AnsibleLookupError('Cannot connect to etcd cluster: %s' % (to_native(exp)))
|
|
|
|
return etcd
|
|
|
|
|
|
|
|
|
|
|
|
class LookupModule(LookupBase):
|
|
|
|
|
|
|
|
def run(self, terms, variables, **kwargs):
|
|
|
|
|
|
|
|
self.set_options(var_options=variables, direct=kwargs)
|
|
|
|
|
|
|
|
if not HAS_ETCD:
|
|
|
|
display.error(missing_required_lib('etcd3'))
|
|
|
|
return None
|
|
|
|
|
|
|
|
# create the etcd3 connection parameters dict to pass to etcd3 class
|
|
|
|
client_params = {}
|
|
|
|
|
|
|
|
# etcd3 class expects host and port as connection parameters, so endpoints
|
|
|
|
# must be mangled a bit to fit in this scheme.
|
|
|
|
# so here we use a regex to extract server and port
|
|
|
|
match = re.compile(
|
|
|
|
r'^(https?://)?(?P<host>(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})|([-_\d\w\.]+))(:(?P<port>\d{1,5}))?/?$'
|
|
|
|
).match(self.get_option('endpoints'))
|
|
|
|
if match:
|
|
|
|
if match.group('host'):
|
|
|
|
client_params['host'] = match.group('host')
|
|
|
|
if match.group('port'):
|
|
|
|
client_params['port'] = match.group('port')
|
|
|
|
|
|
|
|
for opt in etcd3_cnx_opts:
|
|
|
|
if self.get_option(opt):
|
|
|
|
client_params[opt] = self.get_option(opt)
|
|
|
|
|
|
|
|
cnx_log = dict(client_params)
|
|
|
|
if 'password' in cnx_log:
|
|
|
|
cnx_log['password'] = '<redacted>'
|
|
|
|
display.verbose("etcd3 connection parameters: %s" % cnx_log)
|
|
|
|
|
|
|
|
# connect to etcd3 server
|
|
|
|
etcd = etcd3_client(client_params)
|
|
|
|
|
|
|
|
ret = []
|
|
|
|
# we can pass many keys to lookup
|
|
|
|
for term in terms:
|
|
|
|
if self.get_option('prefix'):
|
|
|
|
try:
|
|
|
|
for val, meta in etcd.get_prefix(term):
|
|
|
|
if val and meta:
|
|
|
|
ret.append({'key': to_native(meta.key), 'value': to_native(val)})
|
|
|
|
except Exception as exp:
|
|
|
|
display.warning('Caught except during etcd3.get_prefix: %s' % (to_native(exp)))
|
|
|
|
else:
|
|
|
|
try:
|
|
|
|
val, meta = etcd.get(term)
|
|
|
|
if val and meta:
|
|
|
|
ret.append({'key': to_native(meta.key), 'value': to_native(val)})
|
|
|
|
except Exception as exp:
|
|
|
|
display.warning('Caught except during etcd3.get: %s' % (to_native(exp)))
|
|
|
|
return ret
|