From 9a2b2200050279dca107f42addf3083e61628e7b Mon Sep 17 00:00:00 2001 From: Ondra Machacek Date: Fri, 30 Dec 2016 18:24:05 +0100 Subject: [PATCH] ovirt: get default auth/connection params from environment vars (#19385) * cloud: ovirt: add possibility specify auth params in env vars * module_utils: ovirt: fix pep8 issues --- lib/ansible/module_utils/ovirt.py | 35 ++++++++++++++++--- lib/ansible/modules/cloud/ovirt/ovirt_vms.py | 2 +- .../utils/module_docs_fragments/ovirt.py | 10 +++--- .../module_docs_fragments/ovirt_facts.py | 10 +++--- 4 files changed, 42 insertions(+), 15 deletions(-) diff --git a/lib/ansible/module_utils/ovirt.py b/lib/ansible/module_utils/ovirt.py index 7449c64d42..e044b878f2 100644 --- a/lib/ansible/module_utils/ovirt.py +++ b/lib/ansible/module_utils/ovirt.py @@ -19,6 +19,7 @@ # import inspect +import os import time from abc import ABCMeta, abstractmethod @@ -28,7 +29,6 @@ from enum import Enum try: import ovirtsdk4 as sdk - import ovirtsdk4.types as otypes import ovirtsdk4.version as sdk_version HAS_SDK = LooseVersion(sdk_version.VERSION) >= LooseVersion('4.0.0') except ImportError: @@ -126,6 +126,7 @@ def create_connection(auth): kerberos=auth.get('kerberos', None), ) + def convert_to_bytes(param): """ This method convert units to bytes, which follow IEC standard. @@ -209,7 +210,7 @@ def search_by_attributes(service, **kwargs): else: res = [ e for e in service.list() if len([ - k for k, v in kwargs.items() if getattr(e, k, None) == v + k for k, v in kwargs.items() if getattr(e, k, None) == v ]) == len(kwargs) ] @@ -279,6 +280,32 @@ def wait( time.sleep(float(poll_interval)) +def __get_auth_dict(): + OVIRT_URL = os.environ.get('OVIRT_URL') + OVIRT_USERNAME = os.environ.get('OVIRT_USERNAME') + OVIRT_PASSWORD = os.environ.get('OVIRT_PASSWORD') + OVIRT_TOKEN = os.environ.get('OVIRT_TOKEN') + OVIRT_CAFILE = os.environ.get('OVIRT_CAFILE') + OVIRT_INSECURE = OVIRT_CAFILE is None + + env_vars = None + if OVIRT_URL and ((OVIRT_USERNAME and OVIRT_PASSWORD) or OVIRT_TOKEN): + env_vars = { + 'url': OVIRT_URL, + 'username': OVIRT_USERNAME, + 'password': OVIRT_PASSWORD, + 'insecure': OVIRT_INSECURE, + 'token': OVIRT_TOKEN, + 'ca_file': OVIRT_CAFILE, + } + if env_vars is not None: + auth = dict(default=env_vars, type='dict') + else: + auth = dict(required=True, type='dict') + + return auth + + def ovirt_facts_full_argument_spec(**kwargs): """ Extend parameters of facts module with parameters which are common to all @@ -288,7 +315,7 @@ def ovirt_facts_full_argument_spec(**kwargs): :return: extended dictionary with common parameters """ spec = dict( - auth=dict(required=True, type='dict'), + auth=__get_auth_dict(), fetch_nested=dict(default=False, type='bool'), nested_attributes=dict(type='list'), ) @@ -304,7 +331,7 @@ def ovirt_full_argument_spec(**kwargs): :return: extended dictionary with common parameters """ spec = dict( - auth=dict(required=True, type='dict'), + auth=__get_auth_dict(), timeout=dict(default=180, type='int'), wait=dict(default=True, type='bool'), poll_interval=dict(default=3, type='int'), diff --git a/lib/ansible/modules/cloud/ovirt/ovirt_vms.py b/lib/ansible/modules/cloud/ovirt/ovirt_vms.py index 59da64e195..fe2a765e03 100644 --- a/lib/ansible/modules/cloud/ovirt/ovirt_vms.py +++ b/lib/ansible/modules/cloud/ovirt/ovirt_vms.py @@ -719,7 +719,7 @@ def control_state(vm, vms_service, module): vm.status == otypes.VmStatus.UNKNOWN ): # Invalid states: - module.fail_json("Not possible to control VM, if it's in '{}' status".format(vm.status)) + module.fail_json(msg="Not possible to control VM, if it's in '{}' status".format(vm.status)) elif vm.status == otypes.VmStatus.POWERING_DOWN: if (force and state == 'stopped') or state == 'absent': vm_service.stop() diff --git a/lib/ansible/utils/module_docs_fragments/ovirt.py b/lib/ansible/utils/module_docs_fragments/ovirt.py index 37af795d83..d469ef83c1 100644 --- a/lib/ansible/utils/module_docs_fragments/ovirt.py +++ b/lib/ansible/utils/module_docs_fragments/ovirt.py @@ -41,17 +41,17 @@ options: required: True description: - "Dictionary with values needed to create HTTP/HTTPS connection to oVirt:" - - "C(username)[I(required)] - The name of the user, something like `I(admin@internal)`." - - "C(password)[I(required)] - The password of the user." + - "C(username)[I(required)] - The name of the user, something like `I(admin@internal)`. Default value is set by I(OVIRT_USERNAME) environment variable." + - "C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable." - "C(url)[I(required)] - A string containing the base URL of the server, usually - something like `I(https://server.example.com/ovirt-engine/api)`." - - "C(token) - Token to be used instead of login with username/password." + something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable." + - "C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable." - "C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked." - "C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide - CA certificate store is used." + CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable." - "C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication." timeout: diff --git a/lib/ansible/utils/module_docs_fragments/ovirt_facts.py b/lib/ansible/utils/module_docs_fragments/ovirt_facts.py index 571ae6ca20..6fc690589d 100644 --- a/lib/ansible/utils/module_docs_fragments/ovirt_facts.py +++ b/lib/ansible/utils/module_docs_fragments/ovirt_facts.py @@ -38,17 +38,17 @@ options: required: True description: - "Dictionary with values needed to create HTTP/HTTPS connection to oVirt:" - - "C(username)[I(required)] - The name of the user, something like `I(admin@internal)`." - - "C(password)[I(required)] - The password of the user." + - "C(username)[I(required)] - The name of the user, something like `I(admin@internal)`. Default value is set by I(OVIRT_USERNAME) environment variable." + - "C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable." - "C(url)[I(required)] - A string containing the base URL of the server, usually - something like `I(https://server.example.com/ovirt-engine/api)`." - - "C(token) - Token to be used instead of login with username/password." + something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable." + - "C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable." - "C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked." - "C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide - CA certificate store is used." + CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable." - "C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication." requirements: