1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/plugins/modules/web_infrastructure/jenkins_script.py

197 lines
6.4 KiB
Python
Raw Normal View History

2020-03-09 10:11:07 +01:00
#!/usr/bin/python
# -*- coding: utf-8 -*-
2020-03-09 10:11:07 +01:00
# (c) 2016, James Hogarth <james.hogarth@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
author: James Hogarth (@hogarthj)
module: jenkins_script
short_description: Executes a groovy script in the jenkins instance
description:
- The C(jenkins_script) module takes a script plus a dict of values
to use within the script and returns the result of the script being run.
options:
script:
Enabling validation-modules for web_infrastructure modules (#1200) * fixed validation-modules for apache2_mod_proxy.py * fixed validation-modules for apache2_module.py * fixed validation-modules for deploy_helper.py The ignore lines were put back in place because add_file_common_args=True is used and the module inherits a number of options that do not show up in the documentation (nor should they). * fixed validation-modules for ejabberd_user.py * fixed validation-modules for gunicorn.py * fixed validation-modules for htpasswd.py * fixed validation-modules for jenkins_job.py * fixed validation-modules for jenkins_job_info.py * fixed validation-modules for jenkins_plugin.py * fixed validation-modules for jenkins_script.py * fixed validation-modules for jira.py * fixed validation-modules for nginx_status_facts.py * fixed validation-modules for rundeck_acl_policy.py * fixed validation-modules for rundeck_project.py * fixed validation-modules for supervisorctl.py * fixed validation-modules for taiga_issue.py * fixed pylint mistake in plugins/modules/web_infrastructure/jenkins_job_info.py * removed ignore lines for almost-all web_infrastructure modules * rolled back ignore lines for nested sophos_utm modules that were not adjusted * Removed doc-missing-type from ignore-2.11.txt for deploy_helper and jenkins_plugin * When adding lines back to ignore files, we added more than it was before. Removing. * Rolled back deprecation line in ignore-2.9.txt for nginx_status_facts * Rolled back yet another line in ignore-2.9.txt for nginx_status_facts * Fixed argument_spec and docs for crypt_scheme parameter in htpasswd, per PR * Added extends_documentation_fragment:files to deploy_helper and jenkins_plugin * Removed long-deprecated option params from jenkins_plugin, removed validate-modules lines from ignore files for that module * Update plugins/modules/web_infrastructure/htpasswd.py Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
2020-10-31 13:53:57 +01:00
type: str
2020-03-09 10:11:07 +01:00
description:
- The groovy script to be executed.
This gets passed as a string Template if args is defined.
required: true
url:
Enabling validation-modules for web_infrastructure modules (#1200) * fixed validation-modules for apache2_mod_proxy.py * fixed validation-modules for apache2_module.py * fixed validation-modules for deploy_helper.py The ignore lines were put back in place because add_file_common_args=True is used and the module inherits a number of options that do not show up in the documentation (nor should they). * fixed validation-modules for ejabberd_user.py * fixed validation-modules for gunicorn.py * fixed validation-modules for htpasswd.py * fixed validation-modules for jenkins_job.py * fixed validation-modules for jenkins_job_info.py * fixed validation-modules for jenkins_plugin.py * fixed validation-modules for jenkins_script.py * fixed validation-modules for jira.py * fixed validation-modules for nginx_status_facts.py * fixed validation-modules for rundeck_acl_policy.py * fixed validation-modules for rundeck_project.py * fixed validation-modules for supervisorctl.py * fixed validation-modules for taiga_issue.py * fixed pylint mistake in plugins/modules/web_infrastructure/jenkins_job_info.py * removed ignore lines for almost-all web_infrastructure modules * rolled back ignore lines for nested sophos_utm modules that were not adjusted * Removed doc-missing-type from ignore-2.11.txt for deploy_helper and jenkins_plugin * When adding lines back to ignore files, we added more than it was before. Removing. * Rolled back deprecation line in ignore-2.9.txt for nginx_status_facts * Rolled back yet another line in ignore-2.9.txt for nginx_status_facts * Fixed argument_spec and docs for crypt_scheme parameter in htpasswd, per PR * Added extends_documentation_fragment:files to deploy_helper and jenkins_plugin * Removed long-deprecated option params from jenkins_plugin, removed validate-modules lines from ignore files for that module * Update plugins/modules/web_infrastructure/htpasswd.py Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
2020-10-31 13:53:57 +01:00
type: str
2020-03-09 10:11:07 +01:00
description:
- The jenkins server to execute the script against. The default is a local
jenkins instance that is not being proxied through a webserver.
default: http://localhost:8080
validate_certs:
description:
- If set to C(no), the SSL certificates will not be validated.
This should only set to C(no) used on personally controlled sites
using self-signed certificates as it avoids verifying the source site.
type: bool
default: 'yes'
user:
Enabling validation-modules for web_infrastructure modules (#1200) * fixed validation-modules for apache2_mod_proxy.py * fixed validation-modules for apache2_module.py * fixed validation-modules for deploy_helper.py The ignore lines were put back in place because add_file_common_args=True is used and the module inherits a number of options that do not show up in the documentation (nor should they). * fixed validation-modules for ejabberd_user.py * fixed validation-modules for gunicorn.py * fixed validation-modules for htpasswd.py * fixed validation-modules for jenkins_job.py * fixed validation-modules for jenkins_job_info.py * fixed validation-modules for jenkins_plugin.py * fixed validation-modules for jenkins_script.py * fixed validation-modules for jira.py * fixed validation-modules for nginx_status_facts.py * fixed validation-modules for rundeck_acl_policy.py * fixed validation-modules for rundeck_project.py * fixed validation-modules for supervisorctl.py * fixed validation-modules for taiga_issue.py * fixed pylint mistake in plugins/modules/web_infrastructure/jenkins_job_info.py * removed ignore lines for almost-all web_infrastructure modules * rolled back ignore lines for nested sophos_utm modules that were not adjusted * Removed doc-missing-type from ignore-2.11.txt for deploy_helper and jenkins_plugin * When adding lines back to ignore files, we added more than it was before. Removing. * Rolled back deprecation line in ignore-2.9.txt for nginx_status_facts * Rolled back yet another line in ignore-2.9.txt for nginx_status_facts * Fixed argument_spec and docs for crypt_scheme parameter in htpasswd, per PR * Added extends_documentation_fragment:files to deploy_helper and jenkins_plugin * Removed long-deprecated option params from jenkins_plugin, removed validate-modules lines from ignore files for that module * Update plugins/modules/web_infrastructure/htpasswd.py Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
2020-10-31 13:53:57 +01:00
type: str
2020-03-09 10:11:07 +01:00
description:
- The username to connect to the jenkins server with.
password:
Enabling validation-modules for web_infrastructure modules (#1200) * fixed validation-modules for apache2_mod_proxy.py * fixed validation-modules for apache2_module.py * fixed validation-modules for deploy_helper.py The ignore lines were put back in place because add_file_common_args=True is used and the module inherits a number of options that do not show up in the documentation (nor should they). * fixed validation-modules for ejabberd_user.py * fixed validation-modules for gunicorn.py * fixed validation-modules for htpasswd.py * fixed validation-modules for jenkins_job.py * fixed validation-modules for jenkins_job_info.py * fixed validation-modules for jenkins_plugin.py * fixed validation-modules for jenkins_script.py * fixed validation-modules for jira.py * fixed validation-modules for nginx_status_facts.py * fixed validation-modules for rundeck_acl_policy.py * fixed validation-modules for rundeck_project.py * fixed validation-modules for supervisorctl.py * fixed validation-modules for taiga_issue.py * fixed pylint mistake in plugins/modules/web_infrastructure/jenkins_job_info.py * removed ignore lines for almost-all web_infrastructure modules * rolled back ignore lines for nested sophos_utm modules that were not adjusted * Removed doc-missing-type from ignore-2.11.txt for deploy_helper and jenkins_plugin * When adding lines back to ignore files, we added more than it was before. Removing. * Rolled back deprecation line in ignore-2.9.txt for nginx_status_facts * Rolled back yet another line in ignore-2.9.txt for nginx_status_facts * Fixed argument_spec and docs for crypt_scheme parameter in htpasswd, per PR * Added extends_documentation_fragment:files to deploy_helper and jenkins_plugin * Removed long-deprecated option params from jenkins_plugin, removed validate-modules lines from ignore files for that module * Update plugins/modules/web_infrastructure/htpasswd.py Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
2020-10-31 13:53:57 +01:00
type: str
2020-03-09 10:11:07 +01:00
description:
- The password to connect to the jenkins server with.
timeout:
Enabling validation-modules for web_infrastructure modules (#1200) * fixed validation-modules for apache2_mod_proxy.py * fixed validation-modules for apache2_module.py * fixed validation-modules for deploy_helper.py The ignore lines were put back in place because add_file_common_args=True is used and the module inherits a number of options that do not show up in the documentation (nor should they). * fixed validation-modules for ejabberd_user.py * fixed validation-modules for gunicorn.py * fixed validation-modules for htpasswd.py * fixed validation-modules for jenkins_job.py * fixed validation-modules for jenkins_job_info.py * fixed validation-modules for jenkins_plugin.py * fixed validation-modules for jenkins_script.py * fixed validation-modules for jira.py * fixed validation-modules for nginx_status_facts.py * fixed validation-modules for rundeck_acl_policy.py * fixed validation-modules for rundeck_project.py * fixed validation-modules for supervisorctl.py * fixed validation-modules for taiga_issue.py * fixed pylint mistake in plugins/modules/web_infrastructure/jenkins_job_info.py * removed ignore lines for almost-all web_infrastructure modules * rolled back ignore lines for nested sophos_utm modules that were not adjusted * Removed doc-missing-type from ignore-2.11.txt for deploy_helper and jenkins_plugin * When adding lines back to ignore files, we added more than it was before. Removing. * Rolled back deprecation line in ignore-2.9.txt for nginx_status_facts * Rolled back yet another line in ignore-2.9.txt for nginx_status_facts * Fixed argument_spec and docs for crypt_scheme parameter in htpasswd, per PR * Added extends_documentation_fragment:files to deploy_helper and jenkins_plugin * Removed long-deprecated option params from jenkins_plugin, removed validate-modules lines from ignore files for that module * Update plugins/modules/web_infrastructure/htpasswd.py Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
2020-10-31 13:53:57 +01:00
type: int
2020-03-09 10:11:07 +01:00
description:
- The request timeout in seconds
default: 10
args:
Enabling validation-modules for web_infrastructure modules (#1200) * fixed validation-modules for apache2_mod_proxy.py * fixed validation-modules for apache2_module.py * fixed validation-modules for deploy_helper.py The ignore lines were put back in place because add_file_common_args=True is used and the module inherits a number of options that do not show up in the documentation (nor should they). * fixed validation-modules for ejabberd_user.py * fixed validation-modules for gunicorn.py * fixed validation-modules for htpasswd.py * fixed validation-modules for jenkins_job.py * fixed validation-modules for jenkins_job_info.py * fixed validation-modules for jenkins_plugin.py * fixed validation-modules for jenkins_script.py * fixed validation-modules for jira.py * fixed validation-modules for nginx_status_facts.py * fixed validation-modules for rundeck_acl_policy.py * fixed validation-modules for rundeck_project.py * fixed validation-modules for supervisorctl.py * fixed validation-modules for taiga_issue.py * fixed pylint mistake in plugins/modules/web_infrastructure/jenkins_job_info.py * removed ignore lines for almost-all web_infrastructure modules * rolled back ignore lines for nested sophos_utm modules that were not adjusted * Removed doc-missing-type from ignore-2.11.txt for deploy_helper and jenkins_plugin * When adding lines back to ignore files, we added more than it was before. Removing. * Rolled back deprecation line in ignore-2.9.txt for nginx_status_facts * Rolled back yet another line in ignore-2.9.txt for nginx_status_facts * Fixed argument_spec and docs for crypt_scheme parameter in htpasswd, per PR * Added extends_documentation_fragment:files to deploy_helper and jenkins_plugin * Removed long-deprecated option params from jenkins_plugin, removed validate-modules lines from ignore files for that module * Update plugins/modules/web_infrastructure/htpasswd.py Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
2020-10-31 13:53:57 +01:00
type: dict
2020-03-09 10:11:07 +01:00
description:
- A dict of key-value pairs used in formatting the script using string.Template (see https://docs.python.org/2/library/string.html#template-strings).
notes:
- Since the script can do anything this does not report on changes.
Knowing the script is being run it's important to set changed_when
for the ansible output to be clear on any alterations made.
'''
EXAMPLES = '''
- name: Obtaining a list of plugins
community.general.jenkins_script:
2020-03-09 10:11:07 +01:00
script: 'println(Jenkins.instance.pluginManager.plugins)'
user: admin
password: admin
- name: Setting master using a variable to hold a more complicate script
ansible.builtin.set_fact:
2020-03-09 10:11:07 +01:00
setmaster_mode: |
import jenkins.model.*
instance = Jenkins.getInstance()
instance.setMode(${jenkins_mode})
instance.save()
2020-05-16 15:07:51 +02:00
- name: Use the variable as the script
community.general.jenkins_script:
2020-03-09 10:11:07 +01:00
script: "{{ setmaster_mode }}"
args:
jenkins_mode: Node.Mode.EXCLUSIVE
2020-05-16 15:07:51 +02:00
- name: Interacting with an untrusted HTTPS connection
community.general.jenkins_script:
2020-03-09 10:11:07 +01:00
script: "println(Jenkins.instance.pluginManager.plugins)"
user: admin
password: admin
url: https://localhost
validate_certs: no
'''
RETURN = '''
output:
description: Result of script
returned: success
type: str
sample: 'Result: true'
'''
import json
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.six.moves import http_cookiejar as cookiejar
from ansible.module_utils.six.moves.urllib.parse import urlencode
from ansible.module_utils.urls import fetch_url
from ansible.module_utils.common.text.converters import to_native
2020-03-09 10:11:07 +01:00
def is_csrf_protection_enabled(module):
resp, info = fetch_url(module,
module.params['url'] + '/api/json',
timeout=module.params['timeout'],
method='GET')
if info["status"] != 200:
module.fail_json(msg="HTTP error " + str(info["status"]) + " " + info["msg"], output='')
content = to_native(resp.read())
return json.loads(content).get('useCrumbs', False)
def get_crumb(module, cookies):
resp, info = fetch_url(module,
module.params['url'] + '/crumbIssuer/api/json',
method='GET',
timeout=module.params['timeout'],
cookies=cookies)
if info["status"] != 200:
module.fail_json(msg="HTTP error " + str(info["status"]) + " " + info["msg"], output='')
content = to_native(resp.read())
return json.loads(content)
def main():
module = AnsibleModule(
argument_spec=dict(
script=dict(required=True, type="str"),
url=dict(required=False, type="str", default="http://localhost:8080"),
validate_certs=dict(required=False, type="bool", default=True),
user=dict(required=False, type="str", default=None),
password=dict(required=False, no_log=True, type="str", default=None),
timeout=dict(required=False, type="int", default=10),
args=dict(required=False, type="dict", default=None)
)
)
if module.params['user'] is not None:
if module.params['password'] is None:
module.fail_json(msg="password required when user provided", output='')
module.params['url_username'] = module.params['user']
module.params['url_password'] = module.params['password']
module.params['force_basic_auth'] = True
if module.params['args'] is not None:
from string import Template
try:
script_contents = Template(module.params['script']).substitute(module.params['args'])
except KeyError as err:
module.fail_json(msg="Error with templating variable: %s" % err, output='')
else:
script_contents = module.params['script']
headers = {}
cookies = None
if is_csrf_protection_enabled(module):
cookies = cookiejar.LWPCookieJar()
crumb = get_crumb(module, cookies)
headers = {crumb['crumbRequestField']: crumb['crumb']}
resp, info = fetch_url(module,
module.params['url'] + "/scriptText",
data=urlencode({'script': script_contents}),
headers=headers,
method="POST",
timeout=module.params['timeout'],
cookies=cookies)
if info["status"] != 200:
module.fail_json(msg="HTTP error " + str(info["status"]) + " " + info["msg"], output='')
result = to_native(resp.read())
if 'Exception:' in result and 'at java.lang.Thread' in result:
module.fail_json(msg="script failed with stacktrace:\n " + result, output='')
module.exit_json(
output=result,
)
if __name__ == '__main__':
main()