internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-05-06 21:33:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor and extend argument spec helper, use for ACME modules (#749)

Browse Source 
* Refactor argument spec helper.

* Remove superfluous comments.
This commit is contained in:
Felix Fontein
2024-05-05 11:42:42 +02:00
committed by GitHub
parent f82b335916
commit f3c9cb7a8a
16 changed files with 166 additions and 121 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
plugins/modules/acme_account.py
View File

@@ -170,11 +170,9 @@ account_uri:
import base64
from ansible.module_utils.basic import AnsibleModule
from ansible_collections.community.crypto.plugins.module_utils.acme.acme import (
create_backend,
get_default_argspec,
create_default_argspec,
ACMEClient,
)
@@ -189,8 +187,8 @@ from ansible_collections.community.crypto.plugins.module_utils.acme.errors impor
def main():
argument_spec = get_default_argspec()
argument_spec.update(dict(
argument_spec = create_default_argspec()
argument_spec.update_argspec(
terms_agreed=dict(type='bool', default=False),
state=dict(type='str', required=True, choices=['absent', 'present', 'changed_key']),
allow_creation=dict(type='bool', default=True),
@@ -203,14 +201,9 @@ def main():
alg=dict(type='str', required=True, choices=['HS256', 'HS384', 'HS512']),
key=dict(type='str', required=True, no_log=True),
))
))
module = AnsibleModule(
argument_spec=argument_spec,
required_one_of=(
['account_key_src', 'account_key_content'],
),
)
argument_spec.update(
mutually_exclusive=(
['account_key_src', 'account_key_content'],
['new_account_key_src', 'new_account_key_content'],
),
required_if=(
@@ -218,8 +211,8 @@ def main():
# new_account_key_src and new_account_key_content are specified
['state', 'changed_key', ['new_account_key_src', 'new_account_key_content'], True],
),
supports_check_mode=True,
)
module = argument_spec.create_ansible_module(supports_check_mode=True)
backend = create_backend(module, True)
if module.params['external_account_binding']:

19
plugins/modules/acme_account_info.py
View File

@@ -214,11 +214,9 @@ order_uris:
version_added: 1.5.0
'''
from ansible.module_utils.basic import AnsibleModule
from ansible_collections.community.crypto.plugins.module_utils.acme.acme import (
create_backend,
get_default_argspec,
create_default_argspec,
ACMEClient,
)
@@ -271,20 +269,11 @@ def get_order(client, order_url):
def main():
argument_spec = get_default_argspec()
argument_spec.update(dict(
argument_spec = create_default_argspec()
argument_spec.update_argspec(
retrieve_orders=dict(type='str', default='ignore', choices=['ignore', 'url_list', 'object_list']),
))
module = AnsibleModule(
argument_spec=argument_spec,
required_one_of=(
['account_key_src', 'account_key_content'],
),
mutually_exclusive=(
['account_key_src', 'account_key_content'],
),
supports_check_mode=True,
)
module = argument_spec.create_ansible_module(supports_check_mode=True)
backend = create_backend(module, True)
try:

15
plugins/modules/acme_ari_info.py
View File

@@ -98,11 +98,9 @@ renewal_info:
sample: '2024-04-29T01:17:10.236921+00:00'
'''
from ansible.module_utils.basic import AnsibleModule
from ansible_collections.community.crypto.plugins.module_utils.acme.acme import (
create_backend,
get_default_argspec,
create_default_argspec,
ACMEClient,
)
@@ -110,21 +108,20 @@ from ansible_collections.community.crypto.plugins.module_utils.acme.errors impor
def main():
argument_spec = get_default_argspec(with_account=False)
argument_spec.update(dict(
argument_spec = create_default_argspec(with_account=False)
argument_spec.update_argspec(
certificate_path=dict(type='path'),
certificate_content=dict(type='str'),
))
module = AnsibleModule(
argument_spec=argument_spec,
)
argument_spec.update(
required_one_of=(
['certificate_path', 'certificate_content'],
),
mutually_exclusive=(
['certificate_path', 'certificate_content'],
),
supports_check_mode=True,
)
module = argument_spec.create_ansible_module(supports_check_mode=True)
backend = create_backend(module, True)
try:

17
plugins/modules/acme_certificate.py
View File

@@ -592,11 +592,9 @@ all_chains:
import os
from ansible.module_utils.basic import AnsibleModule
from ansible_collections.community.crypto.plugins.module_utils.acme.acme import (
create_backend,
get_default_argspec,
create_default_argspec,
ACMEClient,
)
@@ -922,8 +920,8 @@ class ACMECertificateClient(object):
def main():
argument_spec = get_default_argspec()
argument_spec.update(dict(
argument_spec = create_default_argspec()
argument_spec.update_argspec(
modify_account=dict(type='bool', default=True),
account_email=dict(type='str'),
agreement=dict(type='str'),
@@ -947,20 +945,17 @@ def main():
authority_key_identifier=dict(type='str'),
)),
include_renewal_cert_id=dict(type='str', choices=['never', 'when_ari_supported', 'always'], default='never'),
))
module = AnsibleModule(
argument_spec=argument_spec,
)
argument_spec.update(
required_one_of=(
['account_key_src', 'account_key_content'],
['dest', 'fullchain_dest'],
['csr', 'csr_content'],
),
mutually_exclusive=(
['account_key_src', 'account_key_content'],
['csr', 'csr_content'],
),
supports_check_mode=True,
)
module = argument_spec.create_ansible_module(supports_check_mode=True)
backend = create_backend(module, False)
try:

19
plugins/modules/acme_certificate_deactivate_authz.py
View File

@@ -54,11 +54,9 @@ EXAMPLES = r'''
RETURN = '''#'''
from ansible.module_utils.basic import AnsibleModule
from ansible_collections.community.crypto.plugins.module_utils.acme.acme import (
create_backend,
get_default_argspec,
create_default_argspec,
ACMEClient,
)
@@ -76,20 +74,11 @@ from ansible_collections.community.crypto.plugins.module_utils.acme.orders impor
def main():
argument_spec = get_default_argspec()
argument_spec.update(dict(
argument_spec = create_default_argspec()
argument_spec.update_argspec(
order_uri=dict(type='str', required=True),
))
module = AnsibleModule(
argument_spec=argument_spec,
required_one_of=(
['account_key_src', 'account_key_content'],
),
mutually_exclusive=(
['account_key_src', 'account_key_content'],
),
supports_check_mode=True,
)
module = argument_spec.create_ansible_module(supports_check_mode=True)
if module.params['acme_version'] == 1:
module.fail_json('The module does not support acme_version=1')

17
plugins/modules/acme_certificate_renewal_info.py
View File

@@ -131,11 +131,9 @@ cert_id:
import os
import random
from ansible.module_utils.basic import AnsibleModule
from ansible_collections.community.crypto.plugins.module_utils.acme.acme import (
create_backend,
get_default_argspec,
create_default_argspec,
ACMEClient,
)
@@ -145,8 +143,8 @@ from ansible_collections.community.crypto.plugins.module_utils.acme.utils import
def main():
argument_spec = get_default_argspec(with_account=False)
argument_spec.update(dict(
argument_spec = create_default_argspec(with_account=False)
argument_spec.update_argspec(
certificate_path=dict(type='path'),
certificate_content=dict(type='str'),
use_ari=dict(type='bool', default=True),
@@ -154,14 +152,13 @@ def main():
remaining_days=dict(type='int'),
remaining_percentage=dict(type='float'),
now=dict(type='str'),
))
module = AnsibleModule(
argument_spec=argument_spec,
)
argument_spec.update(
mutually_exclusive=(
['certificate_path', 'certificate_content'],
),
supports_check_mode=True,
)
module = argument_spec.create_ansible_module(supports_check_mode=True)
backend = create_backend(module, True)
result = dict(
@@ -223,13 +220,11 @@ def main():
),
)
# TODO check remaining_days
if module.params['remaining_days'] is not None:
remaining_days = (cert_info.not_valid_after - now).days
if remaining_days < module.params['remaining_days']:
complete(True, msg='The certificate expires in {0} days'.format(remaining_days))
# TODO check remaining_percentage
if module.params['remaining_percentage'] is not None:
timestamp = backend.interpolate_timestamp(cert_info.not_valid_before, cert_info.not_valid_after, 1 - module.params['remaining_percentage'])
if timestamp < now:

15
plugins/modules/acme_certificate_revoke.py
View File

@@ -128,11 +128,9 @@ EXAMPLES = '''
RETURN = '''#'''
from ansible.module_utils.basic import AnsibleModule
from ansible_collections.community.crypto.plugins.module_utils.acme.acme import (
create_backend,
get_default_argspec,
create_default_argspec,
ACMEClient,
)
@@ -153,24 +151,23 @@ from ansible_collections.community.crypto.plugins.module_utils.acme.utils import
def main():
argument_spec = get_default_argspec()
argument_spec.update(dict(
argument_spec = create_default_argspec(require_account_key=False)
argument_spec.update_argspec(
private_key_src=dict(type='path'),
private_key_content=dict(type='str', no_log=True),
private_key_passphrase=dict(type='str', no_log=True),
certificate=dict(type='path', required=True),
revoke_reason=dict(type='int'),
))
module = AnsibleModule(
argument_spec=argument_spec,
)
argument_spec.update(
required_one_of=(
['account_key_src', 'account_key_content', 'private_key_src', 'private_key_content'],
),
mutually_exclusive=(
['account_key_src', 'account_key_content', 'private_key_src', 'private_key_content'],
),
supports_check_mode=False,
)
module = argument_spec.create_ansible_module()
backend = create_backend(module, False)
try:

16
plugins/modules/acme_inspect.py
View File

@@ -248,12 +248,11 @@ output_json:
- ...
'''
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.common.text.converters import to_native, to_bytes, to_text
from ansible_collections.community.crypto.plugins.module_utils.acme.acme import (
create_backend,
get_default_argspec,
create_default_argspec,
ACMEClient,
)
@@ -264,18 +263,14 @@ from ansible_collections.community.crypto.plugins.module_utils.acme.errors impor
def main():
argument_spec = get_default_argspec()
argument_spec.update(dict(
argument_spec = create_default_argspec(require_account_key=False)
argument_spec.update_argspec(
url=dict(type='str'),
method=dict(type='str', choices=['get', 'post', 'directory-only'], default='get'),
content=dict(type='str'),
fail_on_acme_error=dict(type='bool', default=True),
))
module = AnsibleModule(
argument_spec=argument_spec,
mutually_exclusive=(
['account_key_src', 'account_key_content'],
),
)
argument_spec.update(
required_if=(
['method', 'get', ['url']],
['method', 'post', ['url', 'content']],
@@ -283,6 +278,7 @@ def main():
['method', 'post', ['account_key_src', 'account_key_content'], True],
),
)
module = argument_spec.create_ansible_module()
backend = create_backend(module, False)
result = dict()