mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
2d26fba0b9
Consul implement agent service and check (#7989)
* Implement agent service and check (#7987)
* implement update of service and check
* update tests
update documentation
* update documentation
* add consul_agent_check/service to action_groups
check if unique_identifier of name is in params to get object
add suggested improvements
* update sanity
* fix sanity issues
update documentation
* fix naming
* fix naming
check if response_data has data
* fix sanity extra-docs
* add as ignore maintainer in BOTMETA.yml
update version_added to 8.4
* fix sanity
* add to maintainers
* Update plugins/modules/consul_agent_check.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/consul_agent_check.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/consul_agent_check.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* update version_added
* if create and update return no object as result we read the object again
* get_first_appearing_identifier check the params for the given identifier and return it to simplify id vs name
* add unique_identifiers as a new property and a method to decide which identifier should be used
* fix sanity
* add self to team consul
remove params with no values
add operational_attributes that inherited classes can set them
get identifier value from object
* fix sanity
fix test
* remove the possibility to add checks with consul_agent_check.
check if service has changed
* remove tests for idempotency check because for checks it is not possible
* remove unique_identifier from consul.py
change unique_identifier to unique_identifiers
* get id from params
* Revert "remove unique_identifier from consul.py"
This reverts commit a4f0d0220dd23e95871914b152c25ff352097a2c.
* update version to 8.5
* Revert "Revert "remove unique_identifier from consul.py""
This reverts commit d2c35cf04c8aaf5f0175d772f862a796e22e35d4.
* update description
update test
* fix sanity tests
* fix sanity tests
* update documentation for agent_check
* fix line length
* add documentation
* fix sanity
* simplified check for Tcp
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* check duration with regex
* fix
* update documentation
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
(cherry picked from commit 03966624ba
)
Co-authored-by: Ilgmi <michael.ilg@mailbox.org>
166 lines
4.1 KiB
Python
166 lines
4.1 KiB
Python
#!/usr/bin/python
|
|
# -*- coding: utf-8 -*-
|
|
|
|
# Copyright (c) 2022, Håkon Lerring
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
from __future__ import absolute_import, division, print_function
|
|
|
|
__metaclass__ = type
|
|
|
|
DOCUMENTATION = """
|
|
module: consul_policy
|
|
short_description: Manipulate Consul policies
|
|
version_added: 7.2.0
|
|
description:
|
|
- Allows the addition, modification and deletion of policies in a consul
|
|
cluster via the agent. For more details on using and configuring ACLs,
|
|
see U(https://www.consul.io/docs/guides/acl.html).
|
|
author:
|
|
- Håkon Lerring (@Hakon)
|
|
extends_documentation_fragment:
|
|
- community.general.consul
|
|
- community.general.consul.actiongroup_consul
|
|
- community.general.consul.token
|
|
- community.general.attributes
|
|
attributes:
|
|
check_mode:
|
|
support: full
|
|
version_added: 8.3.0
|
|
diff_mode:
|
|
support: partial
|
|
version_added: 8.3.0
|
|
details:
|
|
- In check mode the diff will miss operational attributes.
|
|
action_group:
|
|
version_added: 8.3.0
|
|
options:
|
|
state:
|
|
description:
|
|
- Whether the policy should be present or absent.
|
|
choices: ['present', 'absent']
|
|
default: present
|
|
type: str
|
|
valid_datacenters:
|
|
description:
|
|
- Valid datacenters for the policy. All if list is empty.
|
|
type: list
|
|
elements: str
|
|
name:
|
|
description:
|
|
- The name that should be associated with the policy, this is opaque
|
|
to Consul.
|
|
required: true
|
|
type: str
|
|
description:
|
|
description:
|
|
- Description of the policy.
|
|
type: str
|
|
rules:
|
|
type: str
|
|
description:
|
|
- Rule document that should be associated with the current policy.
|
|
"""
|
|
|
|
EXAMPLES = """
|
|
- name: Create a policy with rules
|
|
community.general.consul_policy:
|
|
host: consul1.example.com
|
|
token: some_management_acl
|
|
name: foo-access
|
|
rules: |
|
|
key "foo" {
|
|
policy = "read"
|
|
}
|
|
key "private/foo" {
|
|
policy = "deny"
|
|
}
|
|
|
|
- name: Update the rules associated to a policy
|
|
community.general.consul_policy:
|
|
host: consul1.example.com
|
|
token: some_management_acl
|
|
name: foo-access
|
|
rules: |
|
|
key "foo" {
|
|
policy = "read"
|
|
}
|
|
key "private/foo" {
|
|
policy = "deny"
|
|
}
|
|
event "bbq" {
|
|
policy = "write"
|
|
}
|
|
|
|
- name: Remove a policy
|
|
community.general.consul_policy:
|
|
host: consul1.example.com
|
|
token: some_management_acl
|
|
name: foo-access
|
|
state: absent
|
|
"""
|
|
|
|
RETURN = """
|
|
policy:
|
|
description: The policy as returned by the consul HTTP API.
|
|
returned: always
|
|
type: dict
|
|
sample:
|
|
CreateIndex: 632
|
|
Description: Testing
|
|
Hash: rj5PeDHddHslkpW7Ij4OD6N4bbSXiecXFmiw2SYXg2A=
|
|
Name: foo-access
|
|
Rules: |-
|
|
key "foo" {
|
|
policy = "read"
|
|
}
|
|
key "private/foo" {
|
|
policy = "deny"
|
|
}
|
|
operation:
|
|
description: The operation performed.
|
|
returned: changed
|
|
type: str
|
|
sample: update
|
|
"""
|
|
|
|
from ansible.module_utils.basic import AnsibleModule
|
|
from ansible_collections.community.general.plugins.module_utils.consul import (
|
|
AUTH_ARGUMENTS_SPEC,
|
|
OPERATION_READ,
|
|
_ConsulModule,
|
|
)
|
|
|
|
_ARGUMENT_SPEC = {
|
|
"name": dict(required=True),
|
|
"description": dict(required=False, type="str"),
|
|
"rules": dict(type="str"),
|
|
"valid_datacenters": dict(type="list", elements="str"),
|
|
"state": dict(default="present", choices=["present", "absent"]),
|
|
}
|
|
_ARGUMENT_SPEC.update(AUTH_ARGUMENTS_SPEC)
|
|
|
|
|
|
class ConsulPolicyModule(_ConsulModule):
|
|
api_endpoint = "acl/policy"
|
|
result_key = "policy"
|
|
unique_identifiers = ["id"]
|
|
|
|
def endpoint_url(self, operation, identifier=None):
|
|
if operation == OPERATION_READ:
|
|
return [self.api_endpoint, "name", self.params["name"]]
|
|
return super(ConsulPolicyModule, self).endpoint_url(operation, identifier)
|
|
|
|
|
|
def main():
|
|
module = AnsibleModule(
|
|
_ARGUMENT_SPEC,
|
|
supports_check_mode=True,
|
|
)
|
|
consul_module = ConsulPolicyModule(module)
|
|
consul_module.execute()
|
|
|
|
|
|
if __name__ == "__main__":
|
|
main()
|