1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/plugins/modules/puppet.py

278 lines
8.3 KiB
Python
Raw Normal View History

2020-03-09 09:11:07 +00:00
#!/usr/bin/python
# -*- coding: utf-8 -*-
# Copyright (c) 2015, Hewlett-Packard Development Company, L.P.
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
2020-03-09 09:11:07 +00:00
from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = r'''
---
module: puppet
short_description: Runs puppet
description:
- Runs I(puppet) agent or apply in a reliable manner.
extends_documentation_fragment:
- community.general.attributes
attributes:
check_mode:
support: full
diff_mode:
support: none
2020-03-09 09:11:07 +00:00
options:
timeout:
description:
- How long to wait for I(puppet) to finish.
type: str
default: 30m
puppetmaster:
description:
- The hostname of the puppetmaster to contact.
type: str
modulepath:
description:
- Path to an alternate location for puppet modules.
type: str
manifest:
description:
- Path to the manifest file to run puppet apply on.
type: str
noop:
description:
- Override puppet.conf noop mode.
- When C(true), run Puppet agent with C(--noop) switch set.
- When C(false), run Puppet agent with C(--no-noop) switch set.
2020-03-09 09:11:07 +00:00
- When unset (default), use default or puppet.conf value if defined.
type: bool
facts:
description:
- A dict of values to pass in as persistent external facter facts.
type: dict
facter_basename:
description:
- Basename of the facter output file.
type: str
default: ansible
environment:
description:
- Puppet environment to be used.
type: str
confdir:
description:
- Path to the directory containing the puppet.conf file.
type: str
version_added: 5.1.0
2020-03-09 09:11:07 +00:00
logdest:
description:
- Where the puppet logs should go, if puppet apply is being used.
- C(all) will go to both C(console) and C(syslog).
- C(stdout) will be deprecated and replaced by C(console).
2020-03-09 09:11:07 +00:00
type: str
choices: [ all, stdout, syslog ]
default: stdout
certname:
description:
- The name to use when handling certificates.
type: str
tags:
description:
- A list of puppet tags to be used.
type: list
Enabling validation-modules for system modules (#1212) * fixed validation-modules for aix_devices.py * fixed validation-modules for aix_filesystem.py * fixed validation-modules for aix_inittab.py * fixed validation-modules for aix_lvg.py * fixed validation-modules for aix_lvol.py * fixed validation-modules for awall.py * fixed validation-modules for dconf.py * fixed validation-modules for gconftool2.py * fixed validation-modules for interfaces_file.py * fixed validation-modules for java_keystore.py * fixed validation-modules for kernel_blacklist.py * fixed validation-modules for plugins/modules/system/lbu.py * fixed validation-modules for plugins/modules/system/locale_gen.py * fixed validation-modules for plugins/modules/system/lvg.py * fixed validation-modules for plugins/modules/system/lvol.py * fixed validation-modules for plugins/modules/system/mksysb.py * fixed validation-modules for plugins/modules/system/modprobe.py * fixed validation-modules for plugins/modules/system/nosh.py * fixed validation-modules for plugins/modules/system/open_iscsi.py * fixed validation-modules for plugins/modules/system/openwrt_init.py * fixed validation-modules for plugins/modules/system/osx_defaults.py * fixed validation-modules for plugins/modules/system/pamd.py * fixed validation-modules for plugins/modules/system/pam_limits.py * fixed validation-modules for plugins/modules/system/parted.py * fixed validation-modules for plugins/modules/system/puppet.py * fixed validation-modules for plugins/modules/system/python_requirements_info.py * fixed validation-modules for plugins/modules/system/runit.py the parameter "dist" is not used anywhere in the module * fixed validation-modules for plugins/modules/system/sefcontext.py * fixed validation-modules for plugins/modules/system/selogin.py * fixed validation-modules for plugins/modules/system/seport.py * fixed validation-modules for plugins/modules/system/solaris_zone.py * fixed validation-modules for plugins/modules/system/syspatch.py * fixed validation-modules for plugins/modules/system/vdo.py * fixed validation-modules for plugins/modules/system/xfconf.py * removed ignore almost all validate-modules lines in system * removed unnecessary validations, per shippable test * kernel_blacklist: keeping blacklist_file as str instead of path * mksysb: keeping storage_path as str instead of path * pam_limits: keeping dest as str instead of path * rollback on adding doc for puppet.py legacy param * rolledback param seuser required in selogin module * rolledback changes in runit * rolledback changes in osx_defaults * rolledback changes in aix_defaults
2020-11-04 21:02:50 +13:00
elements: str
skip_tags:
description:
- A list of puppet tags to be excluded.
type: list
elements: str
version_added: 6.6.0
2020-03-09 09:11:07 +00:00
execute:
description:
- Execute a specific piece of Puppet code.
- It has no effect with a puppetmaster.
type: str
use_srv_records:
description:
- Toggles use_srv_records flag
type: bool
summarize:
description:
- Whether to print a transaction summary.
type: bool
2020-11-23 12:14:43 +01:00
default: false
2020-03-09 09:11:07 +00:00
verbose:
description:
- Print extra information.
type: bool
2020-11-23 12:14:43 +01:00
default: false
2020-03-09 09:11:07 +00:00
debug:
description:
- Enable full debugging.
type: bool
2020-11-23 12:14:43 +01:00
default: false
show_diff:
description:
- Whether to print file changes details
type: bool
default: false
2020-03-09 09:11:07 +00:00
requirements:
- puppet
author:
- Monty Taylor (@emonty)
'''
EXAMPLES = r'''
- name: Run puppet agent and fail if anything goes wrong
community.general.puppet:
2020-03-09 09:11:07 +00:00
- name: Run puppet and timeout in 5 minutes
community.general.puppet:
2020-03-09 09:11:07 +00:00
timeout: 5m
- name: Run puppet using a different environment
community.general.puppet:
2020-03-09 09:11:07 +00:00
environment: testing
- name: Run puppet using a specific certname
community.general.puppet:
2020-03-09 09:11:07 +00:00
certname: agent01.example.com
- name: Run puppet using a specific piece of Puppet code. Has no effect with a puppetmaster
community.general.puppet:
2020-03-09 09:11:07 +00:00
execute: include ::mymodule
- name: Run puppet using a specific tags
community.general.puppet:
2020-03-09 09:11:07 +00:00
tags:
- update
- nginx
skip_tags:
- service
2020-03-09 09:11:07 +00:00
- name: Run puppet agent in noop mode
community.general.puppet:
noop: true
2020-03-09 09:11:07 +00:00
- name: Run a manifest with debug, log to both syslog and console, specify module path
community.general.puppet:
2020-03-09 09:11:07 +00:00
modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
logdest: all
manifest: /var/lib/example/puppet_step_config.pp
'''
import json
import os
import stat
import ansible_collections.community.general.plugins.module_utils.puppet as puppet_utils
2020-03-09 09:11:07 +00:00
from ansible.module_utils.basic import AnsibleModule
2020-03-09 09:11:07 +00:00
def _write_structured_data(basedir, basename, data):
if not os.path.exists(basedir):
os.makedirs(basedir)
file_path = os.path.join(basedir, "{0}.json".format(basename))
# This is more complex than you might normally expect because we want to
# open the file with only u+rw set. Also, we use the stat constants
# because ansible still supports python 2.4 and the octal syntax changed
out_file = os.fdopen(
os.open(
file_path, os.O_CREAT | os.O_WRONLY,
stat.S_IRUSR | stat.S_IWUSR), 'w')
out_file.write(json.dumps(data).encode('utf8'))
out_file.close()
def main():
module = AnsibleModule(
argument_spec=dict(
timeout=dict(type='str', default='30m'),
puppetmaster=dict(type='str'),
modulepath=dict(type='str'),
manifest=dict(type='str'),
confdir=dict(type='str'),
Deprecation of parameters triggering the parameter-invalid sanity-check (#1927) * fixed validation-modules for plugins/modules/packaging/language/composer.py * fixed validation-modules for plugins/modules/packaging/os/apt_rpm.py * fixed validation-modules for plugins/modules/packaging/os/homebrew.py * fixed validation-modules for plugins/modules/packaging/os/homebrew_cask.py * fixed validation-modules for plugins/modules/packaging/os/opkg.py * fixed validation-modules for plugins/modules/packaging/os/pacman.py * fixed validation-modules for plugins/modules/packaging/os/slackpkg.py * fixed validation-modules for plugins/modules/packaging/os/urpmi.py * fixed validation-modules for plugins/modules/packaging/os/xbps.py * fixed validation-modules for plugins/modules/source_control/github/github_deploy_key.py * fixed validation-modules for plugins/modules/system/puppet.py * added changelog fragment * adjustments from PR + fixes in changelog frag * fixed deprecation of param "show_diff" in module "puppet" * Update changelogs/fragments/1927-removed-parameter-invalid.yml Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/system/puppet.py Co-authored-by: Felix Fontein <felix@fontein.de> * removed unnecessary ignore lines, adjustment in changelog frag * no need to explicitly call deprecate() when param marked for removal * Update changelogs/fragments/1927-removed-parameter-invalid.yml Co-authored-by: Felix Fontein <felix@fontein.de> * Adjustments in changelog fragment, per PR * bumping deprecation to 7.0.0 Co-authored-by: Felix Fontein <felix@fontein.de>
2021-03-05 20:17:36 +13:00
noop=dict(type='bool'),
logdest=dict(type='str', default='stdout', choices=['all', 'stdout', 'syslog']),
# The following is not related to Ansible's diff; see https://github.com/ansible-collections/community.general/pull/3980#issuecomment-1005666154
show_diff=dict(type='bool', default=False),
2020-03-09 09:11:07 +00:00
facts=dict(type='dict'),
facter_basename=dict(type='str', default='ansible'),
environment=dict(type='str'),
certname=dict(type='str'),
Enabling validation-modules for system modules (#1212) * fixed validation-modules for aix_devices.py * fixed validation-modules for aix_filesystem.py * fixed validation-modules for aix_inittab.py * fixed validation-modules for aix_lvg.py * fixed validation-modules for aix_lvol.py * fixed validation-modules for awall.py * fixed validation-modules for dconf.py * fixed validation-modules for gconftool2.py * fixed validation-modules for interfaces_file.py * fixed validation-modules for java_keystore.py * fixed validation-modules for kernel_blacklist.py * fixed validation-modules for plugins/modules/system/lbu.py * fixed validation-modules for plugins/modules/system/locale_gen.py * fixed validation-modules for plugins/modules/system/lvg.py * fixed validation-modules for plugins/modules/system/lvol.py * fixed validation-modules for plugins/modules/system/mksysb.py * fixed validation-modules for plugins/modules/system/modprobe.py * fixed validation-modules for plugins/modules/system/nosh.py * fixed validation-modules for plugins/modules/system/open_iscsi.py * fixed validation-modules for plugins/modules/system/openwrt_init.py * fixed validation-modules for plugins/modules/system/osx_defaults.py * fixed validation-modules for plugins/modules/system/pamd.py * fixed validation-modules for plugins/modules/system/pam_limits.py * fixed validation-modules for plugins/modules/system/parted.py * fixed validation-modules for plugins/modules/system/puppet.py * fixed validation-modules for plugins/modules/system/python_requirements_info.py * fixed validation-modules for plugins/modules/system/runit.py the parameter "dist" is not used anywhere in the module * fixed validation-modules for plugins/modules/system/sefcontext.py * fixed validation-modules for plugins/modules/system/selogin.py * fixed validation-modules for plugins/modules/system/seport.py * fixed validation-modules for plugins/modules/system/solaris_zone.py * fixed validation-modules for plugins/modules/system/syspatch.py * fixed validation-modules for plugins/modules/system/vdo.py * fixed validation-modules for plugins/modules/system/xfconf.py * removed ignore almost all validate-modules lines in system * removed unnecessary validations, per shippable test * kernel_blacklist: keeping blacklist_file as str instead of path * mksysb: keeping storage_path as str instead of path * pam_limits: keeping dest as str instead of path * rollback on adding doc for puppet.py legacy param * rolledback param seuser required in selogin module * rolledback changes in runit * rolledback changes in osx_defaults * rolledback changes in aix_defaults
2020-11-04 21:02:50 +13:00
tags=dict(type='list', elements='str'),
skip_tags=dict(type='list', elements='str'),
2020-03-09 09:11:07 +00:00
execute=dict(type='str'),
summarize=dict(type='bool', default=False),
debug=dict(type='bool', default=False),
verbose=dict(type='bool', default=False),
use_srv_records=dict(type='bool'),
),
supports_check_mode=True,
mutually_exclusive=[
('puppetmaster', 'manifest'),
('puppetmaster', 'manifest', 'execute'),
('puppetmaster', 'modulepath'),
],
)
p = module.params
if p['manifest']:
if not os.path.exists(p['manifest']):
module.fail_json(
msg="Manifest file %(manifest)s not found." % dict(
manifest=p['manifest']))
# Check if puppet is disabled here
if not p['manifest']:
puppet_utils.ensure_agent_enabled(module)
2020-03-09 09:11:07 +00:00
if module.params['facts'] and not module.check_mode:
_write_structured_data(
puppet_utils.get_facter_dir(),
2020-03-09 09:11:07 +00:00
module.params['facter_basename'],
module.params['facts'])
runner = puppet_utils.puppet_runner(module)
2020-03-09 09:11:07 +00:00
if not p['manifest'] and not p['execute']:
args_order = "_agent_fixed puppetmaster show_diff confdir environment tags skip_tags certname noop use_srv_records"
with runner(args_order) as ctx:
rc, stdout, stderr = ctx.run()
2020-03-09 09:11:07 +00:00
else:
args_order = "_apply_fixed logdest modulepath environment certname tags skip_tags noop _execute summarize debug verbose"
with runner(args_order) as ctx:
rc, stdout, stderr = ctx.run(_execute=[p['execute'], p['manifest']])
2020-03-09 09:11:07 +00:00
if rc == 0:
# success
module.exit_json(rc=rc, changed=False, stdout=stdout, stderr=stderr)
elif rc == 1:
# rc==1 could be because it's disabled
# rc==1 could also mean there was a compilation failure
disabled = "administratively disabled" in stdout
if disabled:
msg = "puppet is disabled"
else:
msg = "puppet did not run"
module.exit_json(
rc=rc, disabled=disabled, msg=msg,
error=True, stdout=stdout, stderr=stderr)
elif rc == 2:
# success with changes
module.exit_json(rc=0, changed=True, stdout=stdout, stderr=stderr)
elif rc == 124:
# timeout
module.exit_json(
rc=rc, msg="%s timed out" % ctx.cmd, stdout=stdout, stderr=stderr)
2020-03-09 09:11:07 +00:00
else:
# failure
module.fail_json(
rc=rc, msg="%s failed with return code: %d" % (ctx.cmd, rc),
2020-03-09 09:11:07 +00:00
stdout=stdout, stderr=stderr)
if __name__ == '__main__':
main()