internet/community.okd
3
0
Fork 0
mirror of https://github.com/openshift/community.okd.git synced 2026-03-26 19:03:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove openshift inventory plugin (#252)

Browse Source 
* Remove openshift inventory plugin

This removes the openshift inventory plugin which has been deprecated
since version 3.0.0. The tests have been updated to retain coverage of
the connection plugin, which is still supported.

* Update version in Makefile

* CI fixes

* Update version info in build scripts

* Set ansible remote directory

The security policy on the pod is preventing ansible from writing to /.
Set it to /tmp which should be writable.
This commit is contained in:
Mike Graves
2025-05-05 11:55:22 -04:00
committed by GitHub
parent a3c3a69bbf
commit 93746f2392
7 changed files with 30 additions and 266 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@@ -1,7 +1,7 @@
.PHONY: molecule .PHONY: molecule
# Also needs to be updated in galaxy.yml # Also needs to be updated in galaxy.yml
VERSION = 4.0.1 VERSION = 6.0.0-dev0
SANITY_TEST_ARGS ?= --docker --color SANITY_TEST_ARGS ?= --docker --color
UNITS_TEST_ARGS ?= --docker --color UNITS_TEST_ARGS ?= --docker --color

2
ci/downstream.sh
View File

@@ -9,7 +9,7 @@
# - All functions are prefixed with f_ so it's obvious where they come # - All functions are prefixed with f_ so it's obvious where they come
# from when in use throughout the script # from when in use throughout the script
DOWNSTREAM_VERSION="4.0.1" DOWNSTREAM_VERSION="6.0.0-dev0"
KEEP_DOWNSTREAM_TMPDIR="${KEEP_DOWNSTREAM_TMPDIR:-''}" KEEP_DOWNSTREAM_TMPDIR="${KEEP_DOWNSTREAM_TMPDIR:-''}"
INSTALL_DOWNSTREAM_COLLECTION_PATH="${INSTALL_DOWNSTREAM_COLLECTION_PATH:-}" INSTALL_DOWNSTREAM_COLLECTION_PATH="${INSTALL_DOWNSTREAM_COLLECTION_PATH:-}"
_build_dir="" _build_dir=""

2
galaxy.yml
View File

@@ -24,4 +24,4 @@ tags:
- okd - okd
- cluster - cluster
# Also needs to be updated in the Makefile # Also needs to be updated in the Makefile
version: 4.0.1 version: 6.0.0-dev0

5
meta/runtime.yml
View File

@@ -19,11 +19,10 @@ plugin_routing:
redirect: community.okd.openshift_auth redirect: community.okd.openshift_auth
inventory: inventory:
openshift: openshift:
deprecation: tombstone:
removal_version: 5.0.0 removal_version: 5.0.0
warning_text: >- warning_text: >-
The openshift inventory plugin has been deprecated and Use kubernetes.core.k8s_info and ansible.builtin.add_host instead.
will be removed in release 5.0.0.
action: action:
k8s: k8s:
redirect: kubernetes.core.k8s_info redirect: kubernetes.core.k8s_info

5
molecule/default/molecule.yml
View File

@@ -14,12 +14,7 @@ provisioner:
log: true log: true
options: options:
vvv: True vvv: True
config_options:
inventory:
enable_plugins: community.okd.openshift
inventory: inventory:
hosts:
plugin: community.okd.openshift
host_vars: host_vars:
localhost: localhost:
virtualenv: ${MOLECULE_EPHEMERAL_DIRECTORY}/virtualenv virtualenv: ${MOLECULE_EPHEMERAL_DIRECTORY}/virtualenv

28
molecule/default/verify.yml
View File

@@ -1,9 +1,31 @@
--- ---
- name: Verify inventory and connection plugins - name: Create inventory of pods
# This group is created by the openshift_inventory plugin # We need to manually create the inventory of pods now that the inventory plugin has been removed
# It is automatically configured to use the `oc` connection plugin gather_facts: false
hosts: localhost
connection: local
tasks:
- name: Get pods
kubernetes.core.k8s_info:
kind: Pod
namespace: testing
register: pods
- name: Add pods to inventory
ansible.builtin.add_host:
name: "{{ item.metadata.name }}"
groups:
- namespace_testing_pods
ansible_oc_pod: "{{ item.metadata.name }}"
ansible_oc_namespace: "{{ item.metadata.namespace }}"
pod_phase: "{{ item.status.phase }}"
ansible_remote_tmp: /tmp/.ansible
loop: "{{ pods.resources }}"
- name: Verify connection plugin
hosts: namespace_testing_pods hosts: namespace_testing_pods
gather_facts: no gather_facts: no
connection: community.okd.oc
vars: vars:
file_content: | file_content: |
Hello world Hello world

252
plugins/inventory/openshift.py
View File

@@ -1,252 +0,0 @@
# Copyright (c) 2018 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = """
name: openshift
author:
- Chris Houseknecht (@chouseknecht)
short_description: OpenShift inventory source
description:
- Fetch containers, services and routes for one or more clusters
- Groups by cluster name, namespace, namespace_services, namespace_pods, namespace_routes, and labels
- Uses openshift.(yml|yaml) YAML configuration file to set parameter values.
deprecated:
removed_in: 5.0.0
why: |
As discussed in U(https://github.com/ansible-collections/kubernetes.core/issues/31), we decided to
remove the openshift inventory plugin in release 5.0.0.
alternative: "Use M(kubernetes.core.k8s_info) and M(ansible.builtin.add_host) instead."
options:
plugin:
description: token that ensures this is a source file for the 'openshift' plugin.
required: True
choices: ['openshift', 'community.okd.openshift']
connections:
description:
- Optional list of cluster connection settings. If no connections are provided, the default
I(~/.kube/config) and active context will be used, and objects will be returned for all namespaces
the active user is authorized to access.
suboptions:
name:
description:
- Optional name to assign to the cluster. If not provided, a name is constructed from the server
and port.
kubeconfig:
description:
- Path to an existing Kubernetes config file. If not provided, and no other connection
options are provided, the Kubernetes client will attempt to load the default
configuration file from I(~/.kube/config). Can also be specified via K8S_AUTH_KUBECONFIG
environment variable.
context:
description:
- The name of a context found in the config file. Can also be specified via K8S_AUTH_CONTEXT environment
variable.
host:
description:
- Provide a URL for accessing the API. Can also be specified via K8S_AUTH_HOST environment variable.
api_key:
description:
- Token used to authenticate with the API. Can also be specified via K8S_AUTH_API_KEY environment
variable.
username:
description:
- Provide a username for authenticating with the API. Can also be specified via K8S_AUTH_USERNAME
environment variable.
password:
description:
- Provide a password for authenticating with the API. Can also be specified via K8S_AUTH_PASSWORD
environment variable.
client_cert:
description:
- Path to a certificate used to authenticate with the API. Can also be specified via K8S_AUTH_CERT_FILE
environment variable.
aliases: [ cert_file ]
client_key:
description:
- Path to a key file used to authenticate with the API. Can also be specified via K8S_AUTH_KEY_FILE
environment variable.
aliases: [ key_file ]
ca_cert:
description:
- Path to a CA certificate used to authenticate with the API. Can also be specified via
K8S_AUTH_SSL_CA_CERT environment variable.
aliases: [ ssl_ca_cert ]
validate_certs:
description:
- "Whether or not to verify the API server's SSL certificates. Can also be specified via
K8S_AUTH_VERIFY_SSL environment variable."
type: bool
aliases: [ verify_ssl ]
namespaces:
description:
- List of namespaces. If not specified, will fetch all containers for all namespaces user is authorized
to access.
requirements:
- "python >= 3.6"
- "kubernetes >= 12.0.0"
- "PyYAML >= 3.11"
"""
EXAMPLES = """
# File must be named openshift.yaml or openshift.yml
- name: Authenticate with token, and return all pods and services for all namespaces
plugin: community.okd.openshift
connections:
- host: https://192.168.64.4:8443
api_key: xxxxxxxxxxxxxxxx
verify_ssl: false
- name: Use default config (~/.kube/config) file and active context, and return objects for a specific namespace
plugin: community.okd.openshift
connections:
- namespaces:
- testing
- name: Use a custom config file, and a specific context.
plugin: community.okd.openshift
connections:
- kubeconfig: /path/to/config
context: 'awx/192-168-64-4:8443/developer'
"""
try:
from ansible_collections.kubernetes.core.plugins.inventory.k8s import (
K8sInventoryException,
InventoryModule as K8sInventoryModule,
format_dynamic_api_exc,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import (
get_api_client,
)
HAS_KUBERNETES_COLLECTION = True
except ImportError as e:
HAS_KUBERNETES_COLLECTION = False
try:
from kubernetes.dynamic.exceptions import DynamicApiError
except ImportError:
pass
class InventoryModule(K8sInventoryModule):
NAME = "community.okd.openshift"
connection_plugin = "community.okd.oc"
transport = "oc"
def check_kubernetes_collection(self):
if not HAS_KUBERNETES_COLLECTION:
raise K8sInventoryException(
"The kubernetes.core collection must be installed"
)
def fetch_objects(self, connections):
self.check_kubernetes_collection()
super(InventoryModule, self).fetch_objects(connections)
self.display.deprecated(
"The 'openshift' inventory plugin has been deprecated and will be removed in release 5.0.0",
version="5.0.0",
collection_name="community.okd",
)
if connections:
if not isinstance(connections, list):
raise K8sInventoryException("Expecting connections to be a list.")
for connection in connections:
client = get_api_client(**connection)
name = connection.get(
"name", self.get_default_host_name(client.configuration.host)
)
if connection.get("namespaces"):
namespaces = connection["namespaces"]
else:
namespaces = self.get_available_namespaces(client)
for namespace in namespaces:
self.get_routes_for_namespace(client, name, namespace)
else:
client = get_api_client()
name = self.get_default_host_name(client.configuration.host)
namespaces = self.get_available_namespaces(client)
for namespace in namespaces:
self.get_routes_for_namespace(client, name, namespace)
def get_routes_for_namespace(self, client, name, namespace):
self.check_kubernetes_collection()
v1_route = client.resources.get(
api_version="route.openshift.io/v1", kind="Route"
)
try:
obj = v1_route.get(namespace=namespace)
except DynamicApiError as exc:
self.display.debug(exc)
raise K8sInventoryException(
"Error fetching Routes list: %s" % format_dynamic_api_exc(exc)
)
namespace_group = "namespace_{0}".format(namespace)
namespace_routes_group = "{0}_routes".format(namespace_group)
self.inventory.add_group(name)
self.inventory.add_group(namespace_group)
self.inventory.add_child(name, namespace_group)
self.inventory.add_group(namespace_routes_group)
self.inventory.add_child(namespace_group, namespace_routes_group)
for route in obj.items:
route_name = route.metadata.name
route_annotations = (
{}
if not route.metadata.annotations
else dict(route.metadata.annotations)
)
self.inventory.add_host(route_name)
if route.metadata.labels:
# create a group for each label_value
for key, value in route.metadata.labels:
group_name = "label_{0}_{1}".format(key, value)
self.inventory.add_group(group_name)
self.inventory.add_child(group_name, route_name)
route_labels = dict(route.metadata.labels)
else:
route_labels = {}
self.inventory.add_child(namespace_routes_group, route_name)
# add hostvars
self.inventory.set_variable(route_name, "labels", route_labels)
self.inventory.set_variable(route_name, "annotations", route_annotations)
self.inventory.set_variable(
route_name, "cluster_name", route.metadata.clusterName
)
self.inventory.set_variable(route_name, "object_type", "route")
self.inventory.set_variable(
route_name, "self_link", route.metadata.selfLink
)
self.inventory.set_variable(
route_name, "resource_version", route.metadata.resourceVersion
)
self.inventory.set_variable(route_name, "uid", route.metadata.uid)
if route.spec.host:
self.inventory.set_variable(route_name, "host", route.spec.host)
if route.spec.path:
self.inventory.set_variable(route_name, "path", route.spec.path)
if hasattr(route.spec.port, "targetPort") and route.spec.port.targetPort:
self.inventory.set_variable(route_name, "port", dict(route.spec.port))