mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
vmware_inventory: Make the ceritifate check default, and create a config option (#17830)
Fixes #17811
This commit is contained in:
parent
c157c47802
commit
8095c3951a
2 changed files with 14 additions and 10 deletions
|
@ -14,6 +14,9 @@ username=administrator@vsphere.local
|
||||||
# The password for the vsphere API
|
# The password for the vsphere API
|
||||||
password=vmware
|
password=vmware
|
||||||
|
|
||||||
|
# Verify the server's SSL certificate
|
||||||
|
#validate_certs = True
|
||||||
|
|
||||||
# Specify the number of seconds to use the inventory cache before it is
|
# Specify the number of seconds to use the inventory cache before it is
|
||||||
# considered stale. If not defined, defaults to 0 seconds.
|
# considered stale. If not defined, defaults to 0 seconds.
|
||||||
#cache_max_age = 3600
|
#cache_max_age = 3600
|
||||||
|
|
|
@ -186,6 +186,7 @@ class VMWareInventory(object):
|
||||||
'port': 443,
|
'port': 443,
|
||||||
'username': '',
|
'username': '',
|
||||||
'password': '',
|
'password': '',
|
||||||
|
'validate_certs': True,
|
||||||
'ini_path': os.path.join(os.path.dirname(__file__), '%s.ini' % scriptbasename),
|
'ini_path': os.path.join(os.path.dirname(__file__), '%s.ini' % scriptbasename),
|
||||||
'cache_name': 'ansible-vmware',
|
'cache_name': 'ansible-vmware',
|
||||||
'cache_path': '~/.ansible/tmp',
|
'cache_path': '~/.ansible/tmp',
|
||||||
|
@ -228,6 +229,11 @@ class VMWareInventory(object):
|
||||||
self.port = int(os.environ.get('VMWARE_PORT', config.get('vmware', 'port')))
|
self.port = int(os.environ.get('VMWARE_PORT', config.get('vmware', 'port')))
|
||||||
self.username = os.environ.get('VMWARE_USERNAME', config.get('vmware', 'username'))
|
self.username = os.environ.get('VMWARE_USERNAME', config.get('vmware', 'username'))
|
||||||
self.password = os.environ.get('VMWARE_PASSWORD', config.get('vmware', 'password'))
|
self.password = os.environ.get('VMWARE_PASSWORD', config.get('vmware', 'password'))
|
||||||
|
self.validate_certs = os.environ.get('VMWARE_VALIDATE_CERTS', config.get('vmware', 'validate_certs'))
|
||||||
|
if self.validate_certs in ['no', 'false', 'False', False]:
|
||||||
|
self.validate_certs = False
|
||||||
|
else:
|
||||||
|
self.validate_certs = True
|
||||||
|
|
||||||
# behavior control
|
# behavior control
|
||||||
self.maxlevel = int(config.get('vmware', 'max_object_level'))
|
self.maxlevel = int(config.get('vmware', 'max_object_level'))
|
||||||
|
@ -270,17 +276,12 @@ class VMWareInventory(object):
|
||||||
instances = []
|
instances = []
|
||||||
|
|
||||||
kwargs = {'host': self.server,
|
kwargs = {'host': self.server,
|
||||||
'user': self.username,
|
'user': self.username,
|
||||||
'pwd': self.password,
|
'pwd': self.password,
|
||||||
'port': int(self.port) }
|
'port': int(self.port) }
|
||||||
|
|
||||||
if hasattr(ssl, 'SSLContext'):
|
if hasattr(ssl, 'SSLContext') and not self.validate_certs:
|
||||||
# older ssl libs do not have an SSLContext method:
|
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
|
||||||
# context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
|
|
||||||
# AttributeError: 'module' object has no attribute 'SSLContext'
|
|
||||||
# older pyvmomi version also do not have an sslcontext kwarg:
|
|
||||||
# https://github.com/vmware/pyvmomi/commit/92c1de5056be7c5390ac2a28eb08ad939a4b7cdd
|
|
||||||
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
|
|
||||||
context.verify_mode = ssl.CERT_NONE
|
context.verify_mode = ssl.CERT_NONE
|
||||||
kwargs['sslContext'] = context
|
kwargs['sslContext'] = context
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue