From a409f8fc2fcfcc36a942f6b50b0e225c4d2db74c Mon Sep 17 00:00:00 2001 From: Gilbert Gilb's Date: Sat, 18 May 2024 15:42:11 +0200 Subject: [PATCH] feat(gandi_livedns): support personal access tokens (#8337) * fix(gandi_livedns): fix unsafe conditionals in tests * feat(gandi_livedns): support personal access tokens Fixes #7639 --- ...90-gandi-livedns-personal-access-token.yml | 2 + plugins/module_utils/gandi_livedns_api.py | 8 +++- plugins/modules/gandi_livedns.py | 37 ++++++++++++++++--- .../gandi_livedns/tasks/create_record.yml | 25 +++++++++---- .../gandi_livedns/tasks/update_record.yml | 24 ++++++------ 5 files changed, 69 insertions(+), 27 deletions(-) create mode 100644 changelogs/fragments/8290-gandi-livedns-personal-access-token.yml diff --git a/changelogs/fragments/8290-gandi-livedns-personal-access-token.yml b/changelogs/fragments/8290-gandi-livedns-personal-access-token.yml new file mode 100644 index 0000000000..3168bf20fd --- /dev/null +++ b/changelogs/fragments/8290-gandi-livedns-personal-access-token.yml @@ -0,0 +1,2 @@ +minor_changes: + - gandi_livedns - adds support for personal access tokens (https://github.com/ansible-collections/community.general/issues/7639, https://github.com/ansible-collections/community.general/pull/8337). diff --git a/plugins/module_utils/gandi_livedns_api.py b/plugins/module_utils/gandi_livedns_api.py index 53245d44d0..824fea46e7 100644 --- a/plugins/module_utils/gandi_livedns_api.py +++ b/plugins/module_utils/gandi_livedns_api.py @@ -33,6 +33,7 @@ class GandiLiveDNSAPI(object): def __init__(self, module): self.module = module self.api_key = module.params['api_key'] + self.personal_access_token = module.params['personal_access_token'] def _build_error_message(self, module, info): s = '' @@ -50,7 +51,12 @@ class GandiLiveDNSAPI(object): return s def _gandi_api_call(self, api_call, method='GET', payload=None, error_on_404=True): - headers = {'Authorization': 'Apikey {0}'.format(self.api_key), + authorization_header = ( + 'Bearer {0}'.format(self.personal_access_token) + if self.personal_access_token + else 'Apikey {0}'.format(self.api_key) + ) + headers = {'Authorization': authorization_header, 'Content-Type': 'application/json'} data = None if payload: diff --git a/plugins/modules/gandi_livedns.py b/plugins/modules/gandi_livedns.py index fdb7993a5e..ad2e96fd15 100644 --- a/plugins/modules/gandi_livedns.py +++ b/plugins/modules/gandi_livedns.py @@ -25,11 +25,19 @@ attributes: diff_mode: support: none options: + personal_access_token: + description: + - Scoped API token. + - One of O(personal_access_token) and O(api_key) must be specified. + type: str + version_added: 9.0.0 api_key: description: - Account API token. + - Note that these type of keys are deprecated and might stop working at some point. + Use personal access tokens instead. + - One of O(personal_access_token) and O(api_key) must be specified. type: str - required: true record: description: - Record to add. @@ -73,7 +81,7 @@ EXAMPLES = r''' values: - 127.0.0.1 ttl: 7200 - api_key: dummyapitoken + personal_access_token: dummytoken register: record - name: Create a mail CNAME record to www.my.com domain @@ -84,7 +92,7 @@ EXAMPLES = r''' values: - www ttl: 7200 - api_key: dummyapitoken + personal_access_token: dummytoken state: present - name: Change its TTL @@ -95,7 +103,7 @@ EXAMPLES = r''' values: - www ttl: 10800 - api_key: dummyapitoken + personal_access_token: dummytoken state: present - name: Delete the record @@ -103,8 +111,18 @@ EXAMPLES = r''' domain: my.com type: CNAME record: mail - api_key: dummyapitoken + personal_access_token: dummytoken state: absent + +- name: Use a (deprecated) API Key + community.general.gandi_livedns: + domain: my.com + record: test + type: A + values: + - 127.0.0.1 + ttl: 7200 + api_key: dummyapikey ''' RETURN = r''' @@ -151,7 +169,8 @@ from ansible_collections.community.general.plugins.module_utils.gandi_livedns_ap def main(): module = AnsibleModule( argument_spec=dict( - api_key=dict(type='str', required=True, no_log=True), + api_key=dict(type='str', no_log=True), + personal_access_token=dict(type='str', no_log=True), record=dict(type='str', required=True), state=dict(type='str', default='present', choices=['absent', 'present']), ttl=dict(type='int'), @@ -163,6 +182,12 @@ def main(): required_if=[ ('state', 'present', ['values', 'ttl']), ], + mutually_exclusive=[ + ('api_key', 'personal_access_token'), + ], + required_one_of=[ + ('api_key', 'personal_access_token'), + ], ) gandi_api = GandiLiveDNSAPI(module) diff --git a/tests/integration/targets/gandi_livedns/tasks/create_record.yml b/tests/integration/targets/gandi_livedns/tasks/create_record.yml index c3f1c17981..87056aa865 100644 --- a/tests/integration/targets/gandi_livedns/tasks/create_record.yml +++ b/tests/integration/targets/gandi_livedns/tasks/create_record.yml @@ -45,10 +45,10 @@ assert: that: - result is changed - - result.record['values'] == {{ item['values'] }} - - result.record.record == "{{ item.record }}" - - result.record.type == "{{ item.type }}" - - result.record.ttl == {{ item.ttl }} + - result.record['values'] == item['values'] + - result.record.record == item.record + - result.record.type == item.type + - result.record.ttl == item.ttl - name: test create a dns record idempotence community.general.gandi_livedns: @@ -63,7 +63,16 @@ assert: that: - result is not changed - - result.record['values'] == {{ item['values'] }} - - result.record.record == "{{ item.record }}" - - result.record.type == "{{ item.type }}" - - result.record.ttl == {{ item.ttl }} + - result.record['values'] == item['values'] + - result.record.record == item.record + - result.record.type == item.type + - result.record.ttl == item.ttl + +- name: test create a DNS record with personal access token + community.general.gandi_livedns: + personal_access_token: "{{ gandi_personal_access_token }}" + record: "{{ item.record }}" + domain: "{{ gandi_livedns_domain_name }}" + values: "{{ item['values'] }}" + ttl: "{{ item.ttl }}" + type: "{{ item.type }}" diff --git a/tests/integration/targets/gandi_livedns/tasks/update_record.yml b/tests/integration/targets/gandi_livedns/tasks/update_record.yml index a080560a75..5f19bfa244 100644 --- a/tests/integration/targets/gandi_livedns/tasks/update_record.yml +++ b/tests/integration/targets/gandi_livedns/tasks/update_record.yml @@ -17,10 +17,10 @@ assert: that: - result is changed - - result.record['values'] == {{ item.update_values | default(item['values']) }} - - result.record.record == "{{ item.record }}" - - result.record.type == "{{ item.type }}" - - result.record.ttl == {{ item.update_ttl | default(item.ttl) }} + - result.record['values'] == (item.update_values | default(item['values'])) + - result.record.record == item.record + - result.record.type == item.type + - result.record.ttl == (item.update_ttl | default(item.ttl)) - name: test update or add another dns record community.general.gandi_livedns: @@ -35,10 +35,10 @@ assert: that: - result is changed - - result.record['values'] == {{ item.update_values | default(item['values']) }} - - result.record.record == "{{ item.record }}" - - result.record.ttl == {{ item.update_ttl | default(item.ttl) }} - - result.record.type == "{{ item.type }}" + - result.record['values'] == (item.update_values | default(item['values'])) + - result.record.record == item.record + - result.record.ttl == (item.update_ttl | default(item.ttl)) + - result.record.type == item.type - name: test update or add another dns record idempotence community.general.gandi_livedns: @@ -53,7 +53,7 @@ assert: that: - result is not changed - - result.record['values'] == {{ item.update_values | default(item['values']) }} - - result.record.record == "{{ item.record }}" - - result.record.ttl == {{ item.update_ttl | default(item.ttl) }} - - result.record.type == "{{ item.type }}" + - result.record['values'] == (item.update_values | default(item['values'])) + - result.record.record == item.record + - result.record.ttl == (item.update_ttl | default(item.ttl)) + - result.record.type == item.type