1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/plugins/lookup/consul_kv.py

192 lines
6.5 KiB
Python
Raw Normal View History

2020-03-09 10:11:07 +01:00
# (c) 2015, Steve Gargan <steve.gargan@gmail.com>
# (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
DOCUMENTATION = '''
author: Unknown (!UNKNOWN)
2021-01-12 07:12:03 +01:00
name: consul_kv
2020-03-09 10:11:07 +01:00
short_description: Fetch metadata from a Consul key value store.
description:
- Lookup metadata for a playbook from the key value store in a Consul cluster.
Values can be easily set in the kv store with simple rest commands
- C(curl -X PUT -d 'some-value' http://localhost:8500/v1/kv/ansible/somedata)
requirements:
- 'python-consul python library U(https://python-consul.readthedocs.io/en/latest/#installation)'
options:
_raw:
description: List of key(s) to retrieve.
type: list
recurse:
type: boolean
description: If true, will retrieve all the values that have the given key as prefix.
default: False
index:
description:
- If the key has a value with the specified index then this is returned allowing access to historical values.
datacenter:
description:
- Retrieve the key from a consul datacenter other than the default for the consul host.
2020-03-09 10:11:07 +01:00
token:
description: The acl token to allow access to restricted values.
host:
default: localhost
description:
- The target to connect to, must be a resolvable address.
Will be determined from C(ANSIBLE_CONSUL_URL) if that is set.
- "C(ANSIBLE_CONSUL_URL) should look like this: C(https://my.consul.server:8500)"
env:
- name: ANSIBLE_CONSUL_URL
ini:
- section: lookup_consul
key: host
port:
description:
- The port of the target host to connect to.
- If you use C(ANSIBLE_CONSUL_URL) this value will be used from there.
default: 8500
scheme:
default: http
description:
- Whether to use http or https.
- If you use C(ANSIBLE_CONSUL_URL) this value will be used from there.
validate_certs:
default: True
description: Whether to verify the ssl connection or not.
env:
- name: ANSIBLE_CONSUL_VALIDATE_CERTS
ini:
- section: lookup_consul
key: validate_certs
client_cert:
description: The client cert to verify the ssl connection.
env:
- name: ANSIBLE_CONSUL_CLIENT_CERT
ini:
- section: lookup_consul
key: client_cert
url:
description: "The target to connect to, should look like this: C(https://my.consul.server:8500)."
type: str
version_added: 1.0.0
env:
- name: ANSIBLE_CONSUL_URL
ini:
- section: lookup_consul
key: url
2020-03-09 10:11:07 +01:00
'''
EXAMPLES = """
- ansible.builtin.debug:
2020-03-09 10:11:07 +01:00
msg: 'key contains {{item}}'
with_community.general.consul_kv:
2020-03-09 10:11:07 +01:00
- 'key/to/retrieve'
- name: Parameters can be provided after the key be more specific about what to retrieve
ansible.builtin.debug:
2020-03-09 10:11:07 +01:00
msg: 'key contains {{item}}'
with_community.general.consul_kv:
2020-03-09 10:11:07 +01:00
- 'key/to recurse=true token=E6C060A9-26FB-407A-B83E-12DDAFCB4D98'
- name: retrieving a KV from a remote cluster on non default port
ansible.builtin.debug:
msg: "{{ lookup('community.general.consul_kv', 'my/key', host='10.10.10.10', port='2000') }}"
2020-03-09 10:11:07 +01:00
"""
RETURN = """
_raw:
description:
- Value(s) stored in consul.
type: dict
2020-03-09 10:11:07 +01:00
"""
import os
from ansible.module_utils.six.moves.urllib.parse import urlparse
from ansible.errors import AnsibleError, AnsibleAssertionError
from ansible.plugins.lookup import LookupBase
from ansible.module_utils._text import to_text
try:
import consul
HAS_CONSUL = True
except ImportError as e:
HAS_CONSUL = False
class LookupModule(LookupBase):
def run(self, terms, variables=None, **kwargs):
if not HAS_CONSUL:
raise AnsibleError(
'python-consul is required for consul_kv lookup. see http://python-consul.readthedocs.org/en/latest/#installation')
# get options
self.set_options(direct=kwargs)
scheme = self.get_option('scheme')
host = self.get_option('host')
port = self.get_option('port')
url = self.get_option('url')
if url is not None:
u = urlparse(url)
if u.scheme:
scheme = u.scheme
host = u.hostname
if u.port is not None:
port = u.port
validate_certs = self.get_option('validate_certs')
client_cert = self.get_option('client_cert')
2020-03-09 10:11:07 +01:00
values = []
try:
for term in terms:
params = self.parse_params(term)
consul_api = consul.Consul(host=host, port=port, scheme=scheme, verify=validate_certs, cert=client_cert)
2020-03-09 10:11:07 +01:00
results = consul_api.kv.get(params['key'],
token=params['token'],
index=params['index'],
recurse=params['recurse'],
dc=params['datacenter'])
if results[1]:
# responds with a single or list of result maps
if isinstance(results[1], list):
for r in results[1]:
values.append(to_text(r['Value']))
else:
values.append(to_text(results[1]['Value']))
except Exception as e:
raise AnsibleError(
"Error locating '%s' in kv store. Error was %s" % (term, e))
return values
def parse_params(self, term):
params = term.split(' ')
paramvals = {
'key': params[0],
Wire token param into consul_api #2124 (#2126) (#2725) * Wire token param into consul_api #2124 * Update changelogs/fragments/2124-consul_kv-pass-token.yml Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> * #2124 renamed release fragment to match pr, removed parse_params. * putting look back in, do some linting #2124 * try more linting * linting * try overwriting defaults in parse_params with get_option vals, instead of removing that function completely. * Revert "back to start, from 2nd approach: allow keyword arguments via parse_params for compatibility." This reverts commit 748be8e366d46b43cc63b740cb78cde519274342. * Revert " linting" This reverts commit 1d57374c3e539a2cb640bf1482496d80f654b7d8. * Revert " try more linting" This reverts commit 91c8d06e6af442bd130859a64afbf5d558528e74. * Revert "putting look back in, do some linting #2124" This reverts commit 87eeec71803929f08e2dbfc1bfa3c76c79ea55d0. * Revert " #2124 renamed release fragment to match pr, removed parse_params." This reverts commit d2869b2f22ad64d84945ed91145de5b52bff2676. * Revert "Update changelogs/fragments/2124-consul_kv-pass-token.yml" This reverts commit c50b1cf9d4a53fbbfaa8332ba3a7acca33909f09. * Revert "Wire token param into consul_api #2124" This reverts commit b60b6433a8000459b40c4fdcee1da4fe436729a9. * minimal chnages for this PR relative to current upstream. * superfluous newline in changlog fragment. Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> (cherry picked from commit 0e6d70697c57889c7af66757dd501f38422cf0b8) Co-authored-by: fkuep <flo.kuepper@gmail.com>
2021-06-05 23:03:48 +02:00
'token': self.get_option('token'),
'recurse': self.get_option('recurse'),
'index': self.get_option('index'),
'datacenter': self.get_option('datacenter')
2020-03-09 10:11:07 +01:00
}
# parameters specified?
try:
for param in params[1:]:
if param and len(param) > 0:
name, value = param.split('=')
if name not in paramvals:
raise AnsibleAssertionError("%s not a valid consul lookup parameter" % name)
paramvals[name] = value
except (ValueError, AssertionError) as e:
raise AnsibleError(e)
return paramvals