From aa01d9d243c18f2d6ede9357e25d9b64afec55df Mon Sep 17 00:00:00 2001 From: Fabian von Feilitzsch Date: Mon, 10 Sep 2018 15:30:59 -0400 Subject: [PATCH] Set defaults from params after loading files, allowing params to override (#44142) * Set defaults from params after loading files, allowing params to override * cleanup, add some comments --- lib/ansible/module_utils/k8s/common.py | 68 ++++++++++---------------- 1 file changed, 25 insertions(+), 43 deletions(-) diff --git a/lib/ansible/module_utils/k8s/common.py b/lib/ansible/module_utils/k8s/common.py index 3788a4e2a9..ae82f32370 100644 --- a/lib/ansible/module_utils/k8s/common.py +++ b/lib/ansible/module_utils/k8s/common.py @@ -139,57 +139,39 @@ class K8sAnsibleMixin(object): auth_params = auth_params or getattr(self, 'params', {}) auth = copy.deepcopy(auth_params) - configuration = kubernetes.client.Configuration() + # If authorization variables aren't defined, look for them in environment variables for key, value in iteritems(auth_params): + if key in auth_args and value is None: + env_value = os.getenv('K8S_AUTH_{0}'.format(key.upper()), None) + if env_value is not None: + auth[key] = env_value + + def auth_set(*names): + return all([auth.get(name) for name in names]) + + if auth_set('username', 'password', 'host') or auth_set('api_key', 'host'): + # We have enough in the parameters to authenticate, no need to load incluster or kubeconfig + pass + elif auth_set('kubeconfig', 'context'): + kubernetes.config.load_kube_config(auth.get('kubeconfig'), auth.get('context')) + else: + # First try to do incluster config, then kubeconfig + try: + kubernetes.config.load_incluster_config() + except kubernetes.config.ConfigException: + kubernetes.config.load_kube_config(auth.get('kubeconfig'), auth.get('context')) + + # Override any values in the default configuration with Ansible parameters + configuration = kubernetes.client.Configuration() + for key, value in iteritems(auth): if key in auth_args and value is not None: if key == 'api_key': setattr(configuration, key, {'authorization': "Bearer {0}".format(value)}) else: setattr(configuration, key, value) - elif key in auth_args and value is None: - env_value = os.getenv('K8S_AUTH_{0}'.format(key.upper()), None) - if env_value is not None: - if key == 'api_key': - setattr(configuration, key, {'authorization': "Bearer {0}".format(env_value)}) - else: - setattr(configuration, key, env_value) - auth[key] = env_value kubernetes.client.Configuration.set_default(configuration) - - if auth.get('username') and auth.get('password') and auth.get('host'): - auth_method = 'params' - elif auth.get('api_key') and auth.get('host'): - auth_method = 'params' - elif auth.get('kubeconfig') or auth.get('context'): - auth_method = 'file' - else: - auth_method = 'default' - - # First try to do incluster config, then kubeconfig - if auth_method == 'default': - try: - kubernetes.config.load_incluster_config() - return DynamicClient(kubernetes.client.ApiClient()) - except kubernetes.config.ConfigException: - return DynamicClient(self.client_from_kubeconfig(auth.get('kubeconfig'), auth.get('context'))) - - if auth_method == 'file': - return DynamicClient(self.client_from_kubeconfig(auth.get('kubeconfig'), auth.get('context'))) - - if auth_method == 'params': - return DynamicClient(kubernetes.client.ApiClient(configuration)) - - def client_from_kubeconfig(self, config_file, context): - try: - return kubernetes.config.new_client_from_config(config_file, context) - except (IOError, kubernetes.config.ConfigException): - # If we failed to load the default config file then we'll return - # an empty configuration - # If one was specified, we will crash - if not config_file: - return kubernetes.client.ApiClient() - raise + return DynamicClient(kubernetes.client.ApiClient(configuration)) def find_resource(self, kind, api_version, fail=False): for attribute in ['kind', 'name', 'singular_name']: