From 6984eecdb96680296804e26d37ed7a7edbc88900 Mon Sep 17 00:00:00 2001 From: Werner Dijkerman Date: Mon, 16 Oct 2017 15:42:28 +0200 Subject: [PATCH] zabbix: add validate certs param (#31739) --- .../modules/monitoring/zabbix_group.py | 9 +++++- lib/ansible/modules/monitoring/zabbix_host.py | 14 ++++++--- .../modules/monitoring/zabbix_hostmacro.py | 8 ++++- .../modules/monitoring/zabbix_maintenance.py | 9 +++++- .../modules/monitoring/zabbix_screen.py | 13 ++++++-- .../utils/module_docs_fragments/zabbix.py | 31 +++++++++++++++++++ 6 files changed, 74 insertions(+), 10 deletions(-) create mode 100644 lib/ansible/utils/module_docs_fragments/zabbix.py diff --git a/lib/ansible/modules/monitoring/zabbix_group.py b/lib/ansible/modules/monitoring/zabbix_group.py index 3414137e28..77d24b6573 100644 --- a/lib/ansible/modules/monitoring/zabbix_group.py +++ b/lib/ansible/modules/monitoring/zabbix_group.py @@ -70,6 +70,10 @@ options: - List of host groups to create or delete. required: true aliases: [ "host_group" ] + +extends_documentation_fragment: + - zabbix + notes: - Too many concurrent updates to the same group may cause Zabbix to return errors, see examples for a workaround if needed. ''' @@ -163,6 +167,7 @@ def main(): login_password=dict(type='str', required=True, no_log=True), http_login_user=dict(type='str',required=False, default=None), http_login_password=dict(type='str',required=False, default=None, no_log=True), + validate_certs=dict(type='bool',required=False, default=True), host_groups=dict(type='list', required=True, aliases=['host_group']), state=dict(default="present", choices=['present','absent']), timeout=dict(type='int', default=10) @@ -178,6 +183,7 @@ def main(): login_password = module.params['login_password'] http_login_user = module.params['http_login_user'] http_login_password = module.params['http_login_password'] + validate_certs = module.params['validate_certs'] host_groups = module.params['host_groups'] state = module.params['state'] timeout = module.params['timeout'] @@ -186,7 +192,8 @@ def main(): # login to zabbix try: - zbx = ZabbixAPI(server_url, timeout=timeout, user=http_login_user, passwd=http_login_password) + zbx = ZabbixAPI(server_url, timeout=timeout, user=http_login_user, passwd=http_login_password, + validate_certs=validate_certs) zbx.login(login_user, login_password) except Exception as e: module.fail_json(msg="Failed to connect to Zabbix server: %s" % e) diff --git a/lib/ansible/modules/monitoring/zabbix_host.py b/lib/ansible/modules/monitoring/zabbix_host.py index f2af4cdec7..eb5ba266ab 100644 --- a/lib/ansible/modules/monitoring/zabbix_host.py +++ b/lib/ansible/modules/monitoring/zabbix_host.py @@ -27,7 +27,7 @@ author: - "Werner Dijkerman" requirements: - "python >= 2.6" - - zabbix-api + - "zabbix-api >= 0.5.3" options: server_url: description: @@ -166,6 +166,9 @@ options: default: "yes" choices: [ "yes", "no" ] version_added: "2.0" + +extends_documentation_fragment: + - zabbix ''' EXAMPLES = ''' @@ -231,8 +234,8 @@ try: class ZabbixAPIExtends(ZabbixAPI): hostinterface = None - def __init__(self, server, timeout, user, passwd, **kwargs): - ZabbixAPI.__init__(self, server, timeout=timeout, user=user, passwd=passwd) + def __init__(self, server, timeout, user, passwd, validate_certs, **kwargs): + ZabbixAPI.__init__(self, server, timeout=timeout, user=user, passwd=passwd, validate_certs=validate_certs) self.hostinterface = ZabbixAPISubClass(self, dict({"prefix": "hostinterface"}, **kwargs)) @@ -538,6 +541,7 @@ def main(): host_name=dict(type='str', required=True), http_login_user=dict(type='str', required=False, default=None), http_login_password=dict(type='str', required=False, default=None, no_log=True), + validate_certs=dict(type='bool', required=False, default=True), host_groups=dict(type='list', required=False), link_templates=dict(type='list', required=False), status=dict(default="enabled", choices=['enabled', 'disabled']), @@ -567,6 +571,7 @@ def main(): login_password = module.params['login_password'] http_login_user = module.params['http_login_user'] http_login_password = module.params['http_login_password'] + validate_certs = module.params['validate_certs'] host_name = module.params['host_name'] visible_name = module.params['visible_name'] description = module.params['description'] @@ -592,7 +597,8 @@ def main(): zbx = None # login to zabbix try: - zbx = ZabbixAPIExtends(server_url, timeout=timeout, user=http_login_user, passwd=http_login_password) + zbx = ZabbixAPIExtends(server_url, timeout=timeout, user=http_login_user, passwd=http_login_password, + validate_certs=validate_certs) zbx.login(login_user, login_password) except Exception as e: module.fail_json(msg="Failed to connect to Zabbix server: %s" % e) diff --git a/lib/ansible/modules/monitoring/zabbix_hostmacro.py b/lib/ansible/modules/monitoring/zabbix_hostmacro.py index 8150cb3f1c..64848fc73b 100644 --- a/lib/ansible/modules/monitoring/zabbix_hostmacro.py +++ b/lib/ansible/modules/monitoring/zabbix_hostmacro.py @@ -76,6 +76,9 @@ options: description: - The timeout of API request (seconds). default: 10 + +extends_documentation_fragment: + - zabbix ''' EXAMPLES = ''' @@ -177,6 +180,7 @@ def main(): login_password=dict(type='str', required=True, no_log=True), http_login_user=dict(type='str', required=False, default=None), http_login_password=dict(type='str', required=False, default=None, no_log=True), + validate_certs=dict(type='bool', required=False, default=True), host_name=dict(type='str', required=True), macro_name=dict(type='str', required=True), macro_value=dict(type='str', required=True), @@ -194,6 +198,7 @@ def main(): login_password = module.params['login_password'] http_login_user = module.params['http_login_user'] http_login_password = module.params['http_login_password'] + validate_certs = module.params['validate_certs'] host_name = module.params['host_name'] macro_name = (module.params['macro_name']).upper() macro_value = module.params['macro_value'] @@ -203,7 +208,8 @@ def main(): zbx = None # login to zabbix try: - zbx = ZabbixAPIExtends(server_url, timeout=timeout, user=http_login_user, passwd=http_login_password) + zbx = ZabbixAPIExtends(server_url, timeout=timeout, user=http_login_user, passwd=http_login_password, + validate_certs=validate_certs) zbx.login(login_user, login_password) except Exception as e: module.fail_json(msg="Failed to connect to Zabbix server: %s" % e) diff --git a/lib/ansible/modules/monitoring/zabbix_maintenance.py b/lib/ansible/modules/monitoring/zabbix_maintenance.py index 4a1b4f89b0..ecb62e9c07 100644 --- a/lib/ansible/modules/monitoring/zabbix_maintenance.py +++ b/lib/ansible/modules/monitoring/zabbix_maintenance.py @@ -103,6 +103,10 @@ options: default: 10 version_added: "2.1" required: false + +extends_documentation_fragment: + - zabbix + notes: - Useful for setting hosts in maintenance mode before big update, and removing maintenance window after update. @@ -305,6 +309,7 @@ def main(): host_groups=dict(type='list', required=False, default=None, aliases=['host_group']), login_user=dict(type='str', required=True), login_password=dict(type='str', required=True, no_log=True), + validate_certs=dict(type='bool', required=False, default=True), http_login_user=dict(type='str', required=False, default=None), http_login_password=dict(type='str', required=False, default=None, no_log=True), name=dict(type='str', required=True), @@ -325,6 +330,7 @@ def main(): login_password = module.params['login_password'] http_login_user = module.params['http_login_user'] http_login_password = module.params['http_login_password'] + validate_certs = module.params['validate_certs'] minutes = module.params['minutes'] name = module.params['name'] desc = module.params['desc'] @@ -338,7 +344,8 @@ def main(): maintenance_type = 1 try: - zbx = ZabbixAPI(server_url, timeout=timeout, user=http_login_user, passwd=http_login_password) + zbx = ZabbixAPI(server_url, timeout=timeout, user=http_login_user, passwd=http_login_password, + validate_certs=validate_certs) zbx.login(login_user, login_password) except BaseException as e: module.fail_json(msg="Failed to connect to Zabbix server: %s" % e) diff --git a/lib/ansible/modules/monitoring/zabbix_screen.py b/lib/ansible/modules/monitoring/zabbix_screen.py index facb3f2471..4be11200ab 100644 --- a/lib/ansible/modules/monitoring/zabbix_screen.py +++ b/lib/ansible/modules/monitoring/zabbix_screen.py @@ -68,6 +68,10 @@ options: The available states are: C(present) (default) and C(absent). If the screen(s) already exists, and the state is not C(absent), the screen(s) will just be updated as needed. required: true + +extends_documentation_fragment: + - zabbix + notes: - Too many concurrent updates to the same screen may cause Zabbix to return errors, see examples for a workaround if needed. ''' @@ -146,8 +150,8 @@ try: class ZabbixAPIExtends(ZabbixAPI): screenitem = None - def __init__(self, server, timeout, user, passwd, **kwargs): - ZabbixAPI.__init__(self, server, timeout=timeout, user=user, passwd=passwd) + def __init__(self, server, timeout, user, passwd, validate_certs, **kwargs): + ZabbixAPI.__init__(self, server, timeout=timeout, user=user, passwd=passwd, validate_certs=validate_certs) self.screenitem = ZabbixAPISubClass(self, dict({"prefix": "screenitem"}, **kwargs)) HAS_ZABBIX_API = True @@ -330,6 +334,7 @@ def main(): login_password=dict(type='str', required=True, no_log=True), http_login_user=dict(type='str', required=False, default=None), http_login_password=dict(type='str', required=False, default=None, no_log=True), + validate_certs=dict(type='bool', required=False, default=True), timeout=dict(type='int', default=10), screens=dict(type='list', required=True) ), @@ -344,13 +349,15 @@ def main(): login_password = module.params['login_password'] http_login_user = module.params['http_login_user'] http_login_password = module.params['http_login_password'] + validate_certs = module.params['validate_certs'] timeout = module.params['timeout'] screens = module.params['screens'] zbx = None # login to zabbix try: - zbx = ZabbixAPIExtends(server_url, timeout=timeout, user=http_login_user, passwd=http_login_password) + zbx = ZabbixAPIExtends(server_url, timeout=timeout, user=http_login_user, passwd=http_login_password, + validate_certs=validate_certs) zbx.login(login_user, login_password) except Exception as e: module.fail_json(msg="Failed to connect to Zabbix server: %s" % e) diff --git a/lib/ansible/utils/module_docs_fragments/zabbix.py b/lib/ansible/utils/module_docs_fragments/zabbix.py new file mode 100644 index 0000000000..52de4d7cbd --- /dev/null +++ b/lib/ansible/utils/module_docs_fragments/zabbix.py @@ -0,0 +1,31 @@ +# Copyright (c) 2017 Ansible, Inc +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . + + +class ModuleDocFragment(object): + + # Standard documentation fragment + DOCUMENTATION = ''' +options: + validate_certs: + required: false + description: + - If set to False, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + default: true + choices: ['true', 'false'] + version_added: "2.5" +'''