1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

vmware_inventory: Make the ceritifate check default, and create a config option (#17830)

Fixes #17811
This commit is contained in:
jctanner 2016-09-30 09:06:02 -04:00 committed by GitHub
parent c157c47802
commit 8095c3951a
2 changed files with 14 additions and 10 deletions

View file

@ -14,6 +14,9 @@ username=administrator@vsphere.local
# The password for the vsphere API # The password for the vsphere API
password=vmware password=vmware
# Verify the server's SSL certificate
#validate_certs = True
# Specify the number of seconds to use the inventory cache before it is # Specify the number of seconds to use the inventory cache before it is
# considered stale. If not defined, defaults to 0 seconds. # considered stale. If not defined, defaults to 0 seconds.
#cache_max_age = 3600 #cache_max_age = 3600

View file

@ -186,6 +186,7 @@ class VMWareInventory(object):
'port': 443, 'port': 443,
'username': '', 'username': '',
'password': '', 'password': '',
'validate_certs': True,
'ini_path': os.path.join(os.path.dirname(__file__), '%s.ini' % scriptbasename), 'ini_path': os.path.join(os.path.dirname(__file__), '%s.ini' % scriptbasename),
'cache_name': 'ansible-vmware', 'cache_name': 'ansible-vmware',
'cache_path': '~/.ansible/tmp', 'cache_path': '~/.ansible/tmp',
@ -228,6 +229,11 @@ class VMWareInventory(object):
self.port = int(os.environ.get('VMWARE_PORT', config.get('vmware', 'port'))) self.port = int(os.environ.get('VMWARE_PORT', config.get('vmware', 'port')))
self.username = os.environ.get('VMWARE_USERNAME', config.get('vmware', 'username')) self.username = os.environ.get('VMWARE_USERNAME', config.get('vmware', 'username'))
self.password = os.environ.get('VMWARE_PASSWORD', config.get('vmware', 'password')) self.password = os.environ.get('VMWARE_PASSWORD', config.get('vmware', 'password'))
self.validate_certs = os.environ.get('VMWARE_VALIDATE_CERTS', config.get('vmware', 'validate_certs'))
if self.validate_certs in ['no', 'false', 'False', False]:
self.validate_certs = False
else:
self.validate_certs = True
# behavior control # behavior control
self.maxlevel = int(config.get('vmware', 'max_object_level')) self.maxlevel = int(config.get('vmware', 'max_object_level'))
@ -274,13 +280,8 @@ class VMWareInventory(object):
'pwd': self.password, 'pwd': self.password,
'port': int(self.port) } 'port': int(self.port) }
if hasattr(ssl, 'SSLContext'): if hasattr(ssl, 'SSLContext') and not self.validate_certs:
# older ssl libs do not have an SSLContext method: context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
# context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
# AttributeError: 'module' object has no attribute 'SSLContext'
# older pyvmomi version also do not have an sslcontext kwarg:
# https://github.com/vmware/pyvmomi/commit/92c1de5056be7c5390ac2a28eb08ad939a4b7cdd
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
context.verify_mode = ssl.CERT_NONE context.verify_mode = ssl.CERT_NONE
kwargs['sslContext'] = context kwargs['sslContext'] = context