refactoring for ansible_module.turbo integration (#313)

* refactoring for ansible_module.turbo integration This refactoring prepares the integration of `ansible_module.turbo` - Delay the loading of `common.py`, move the shared structure in `args_common`. - Avoid the use of one single object per module, this to increase the amount of Python structure that we can cache. - Cache the Kubernetes client. See: https://github.com/ansible-collections/community.kubernetes/pull/270 Co-authored-by: Jill Rouleau <jill.rouleau@bespokess.com>
2026-03-26 21:33:02 +00:00 · 2021-03-16 17:16:18 -04:00
parent 2f6fae322c
commit 39660dd40e
14 changed files with 798 additions and 892 deletions
--- a/plugins/module_utils/common.py
+++ b/plugins/module_utils/common.py
@@ -26,6 +26,7 @@ import sys
 from datetime import datetime
 from distutils.version import LooseVersion

+from ansible_collections.community.kubernetes.plugins.module_utils.args_common import (AUTH_ARG_MAP, AUTH_ARG_SPEC)

 from ansible.module_utils.basic import AnsibleModule, missing_required_lib
 from ansible.module_utils.six import iteritems, string_types
@@ -99,201 +100,107 @@ except ImportError as e:
    K8S_IMP_ERR = traceback.format_exc()


-def list_dict_str(value):
-    if isinstance(value, (list, dict, string_types)):
-        return value
-    raise TypeError
+def configuration_digest(configuration):
+    import hashlib
+    m = hashlib.sha256()
+    for k in AUTH_ARG_MAP:
+        if not hasattr(configuration, k):
+            v = None
+        else:
+            v = getattr(configuration, k)
+        if v and k in ["ssl_ca_cert", "cert_file", "key_file"]:
+            with open(str(v), "r") as fd:
+                content = fd.read()
+                m.update(content.encode())
+        else:
+            m.update(str(v).encode())
+    digest = m.hexdigest()
+    return digest


-ARG_ATTRIBUTES_BLACKLIST = ('property_path',)
+def get_api_client(module=None):
+    auth = {}

-COMMON_ARG_SPEC = {
-    'state': {
-        'default': 'present',
-        'choices': ['present', 'absent'],
-    },
-    'force': {
-        'type': 'bool',
-        'default': False,
-    },
-}
+    def _raise_or_fail(exc, msg):
+        if module:
+            module.fail_json(msg % to_native(exc))
+        else:
+            raise exc

-RESOURCE_ARG_SPEC = {
-    'resource_definition': {
-        'type': list_dict_str,
-        'aliases': ['definition', 'inline']
-    },
-    'src': {
-        'type': 'path',
-    },
-}
+    # If authorization variables aren't defined, look for them in environment variables
+    for true_name, arg_name in AUTH_ARG_MAP.items():
+        if module and module.params.get(arg_name):
+            auth[true_name] = module.params.get(arg_name)
+        else:
+            env_value = os.getenv('K8S_AUTH_{0}'.format(arg_name.upper()), None) or os.getenv('K8S_AUTH_{0}'.format(true_name.upper()), None)
+            if env_value is not None:
+                if AUTH_ARG_SPEC[arg_name].get('type') == 'bool':
+                    env_value = env_value.lower() not in ['0', 'false', 'no']
+                auth[true_name] = env_value

-NAME_ARG_SPEC = {
-    'kind': {},
-    'name': {},
-    'namespace': {},
-    'api_version': {
-        'default': 'v1',
-        'aliases': ['api', 'version'],
-    },
-}
+    def auth_set(*names):
+        return all([auth.get(name) for name in names])

-AUTH_ARG_SPEC = {
-    'kubeconfig': {
-        'type': 'path',
-    },
-    'context': {},
-    'host': {},
-    'api_key': {
-        'no_log': True,
-    },
-    'username': {},
-    'password': {
-        'no_log': True,
-    },
-    'validate_certs': {
-        'type': 'bool',
-        'aliases': ['verify_ssl'],
-    },
-    'ca_cert': {
-        'type': 'path',
-        'aliases': ['ssl_ca_cert'],
-    },
-    'client_cert': {
-        'type': 'path',
-        'aliases': ['cert_file'],
-    },
-    'client_key': {
-        'type': 'path',
-        'aliases': ['key_file'],
-    },
-    'proxy': {
-        'type': 'str',
-    },
-    'persist_config': {
-        'type': 'bool',
-    },
-}
+    if auth_set('username', 'password', 'host') or auth_set('api_key', 'host'):
+        # We have enough in the parameters to authenticate, no need to load incluster or kubeconfig
+        pass
+    elif auth_set('kubeconfig') or auth_set('context'):
+        try:
+            kubernetes.config.load_kube_config(auth.get('kubeconfig'), auth.get('context'), persist_config=auth.get('persist_config'))
+        except Exception as err:
+            _raise_or_fail(err, 'Failed to load kubeconfig due to %s')

-WAIT_ARG_SPEC = dict(
-    wait=dict(type='bool', default=False),
-    wait_sleep=dict(type='int', default=5),
-    wait_timeout=dict(type='int', default=120),
-    wait_condition=dict(
-        type='dict',
-        default=None,
-        options=dict(
-            type=dict(),
-            status=dict(type='str', default="True", choices=["True", "False", "Unknown"]),
-            reason=dict()
-        )
-    )
-)
+    else:
+        # First try to do incluster config, then kubeconfig
+        try:
+            kubernetes.config.load_incluster_config()
+        except kubernetes.config.ConfigException:
+            try:
+                kubernetes.config.load_kube_config(auth.get('kubeconfig'), auth.get('context'), persist_config=auth.get('persist_config'))
+            except Exception as err:
+                _raise_or_fail(err, 'Failed to load kubeconfig due to %s')

-DELETE_OPTS_ARG_SPEC = {
-    'propagationPolicy': {
-        'choices': ['Foreground', 'Background', 'Orphan'],
-    },
-    'gracePeriodSeconds': {
-        'type': 'int',
-    },
-    'preconditions': {
-        'type': 'dict',
-        'options': {
-            'resourceVersion': {
-                'type': 'str',
-            },
-            'uid': {
-                'type': 'str',
-            }
-        }
-    }
-}
+    # Override any values in the default configuration with Ansible parameters
+    # As of kubernetes-client v12.0.0, get_default_copy() is required here
+    try:
+        configuration = kubernetes.client.Configuration().get_default_copy()
+    except AttributeError:
+        configuration = kubernetes.client.Configuration()
+
+    for key, value in iteritems(auth):
+        if key in AUTH_ARG_MAP.keys() and value is not None:
+            if key == 'api_key':
+                setattr(configuration, key, {'authorization': "Bearer {0}".format(value)})
+            else:
+                setattr(configuration, key, value)
+
+    digest = configuration_digest(configuration)
+    if digest in get_api_client._pool:
+        client = get_api_client._pool[digest]
+        return client
+
+    try:
+        client = DynamicClient(kubernetes.client.ApiClient(configuration))
+    except Exception as err:
+        _raise_or_fail(err, 'Failed to get client due to %s')
+
+    get_api_client._pool[digest] = client
+    return client


-# Map kubernetes-client parameters to ansible parameters
-AUTH_ARG_MAP = {
-    'kubeconfig': 'kubeconfig',
-    'context': 'context',
-    'host': 'host',
-    'api_key': 'api_key',
-    'username': 'username',
-    'password': 'password',
-    'verify_ssl': 'validate_certs',
-    'ssl_ca_cert': 'ca_cert',
-    'cert_file': 'client_cert',
-    'key_file': 'client_key',
-    'proxy': 'proxy',
-    'persist_config': 'persist_config',
-}
+get_api_client._pool = {}


 class K8sAnsibleMixin(object):

-    def __init__(self, *args, **kwargs):
+    def __init__(self, module, *args, **kwargs):
        if not HAS_K8S_MODULE_HELPER:
-            self.fail_json(msg=missing_required_lib('openshift'), exception=K8S_IMP_ERR,
-                           error=to_native(k8s_import_exception))
+            module.fail_json(msg=missing_required_lib('openshift'), exception=K8S_IMP_ERR,
+                             error=to_native(k8s_import_exception))
        self.openshift_version = openshift.__version__

        if not HAS_YAML:
-            self.fail_json(msg=missing_required_lib("PyYAML"), exception=YAML_IMP_ERR)
-
-    def get_api_client(self, **auth_params):
-        auth_params = auth_params or getattr(self, 'params', {})
-        auth = {}
-
-        # If authorization variables aren't defined, look for them in environment variables
-        for true_name, arg_name in AUTH_ARG_MAP.items():
-            if auth_params.get(arg_name) is None:
-                env_value = os.getenv('K8S_AUTH_{0}'.format(arg_name.upper()), None) or os.getenv('K8S_AUTH_{0}'.format(true_name.upper()), None)
-                if env_value is not None:
-                    if AUTH_ARG_SPEC[arg_name].get('type') == 'bool':
-                        env_value = env_value.lower() not in ['0', 'false', 'no']
-                    auth[true_name] = env_value
-            else:
-                auth[true_name] = auth_params[arg_name]
-
-        def auth_set(*names):
-            return all([auth.get(name) for name in names])
-
-        if auth_set('username', 'password', 'host') or auth_set('api_key', 'host'):
-            # We have enough in the parameters to authenticate, no need to load incluster or kubeconfig
-            pass
-        elif auth_set('kubeconfig') or auth_set('context'):
-            try:
-                kubernetes.config.load_kube_config(auth.get('kubeconfig'), auth.get('context'), persist_config=auth.get('persist_config'))
-            except Exception as err:
-                self.fail(msg='Failed to load kubeconfig due to %s' % to_native(err))
-        else:
-            # First try to do incluster config, then kubeconfig
-            try:
-                kubernetes.config.load_incluster_config()
-            except kubernetes.config.ConfigException:
-                try:
-                    kubernetes.config.load_kube_config(auth.get('kubeconfig'), auth.get('context'), persist_config=auth.get('persist_config'))
-                except Exception as err:
-                    self.fail(msg='Failed to load kubeconfig due to %s' % to_native(err))
-
-        # Override any values in the default configuration with Ansible parameters
-        # As of kubernetes-client v12.0.0, get_default_copy() is required here
-        try:
-            configuration = kubernetes.client.Configuration().get_default_copy()
-        except AttributeError:
-            configuration = kubernetes.client.Configuration()
-
-        for key, value in iteritems(auth):
-            if key in AUTH_ARG_MAP.keys() and value is not None:
-                if key == 'api_key':
-                    setattr(configuration, key, {'authorization': "Bearer {0}".format(value)})
-                else:
-                    setattr(configuration, key, value)
-
-        kubernetes.client.Configuration.set_default(configuration)
-        try:
-            return DynamicClient(kubernetes.client.ApiClient(configuration))
-        except Exception as err:
-            self.fail(msg='Failed to get client due to %s' % to_native(err))
+            module.fail_json(msg=missing_required_lib("PyYAML"), exception=YAML_IMP_ERR)

    def find_resource(self, kind, api_version, fail=False):
        for attribute in ['kind', 'name', 'singular_name']:
@@ -513,8 +420,8 @@ class K8sAnsibleMixin(object):
            predicate = _resource_absent
        return self._wait_for(resource, definition['metadata']['name'], definition['metadata'].get('namespace'), predicate, sleep, timeout, state)

-    def set_resource_definitions(self):
-        resource_definition = self.params.get('resource_definition')
+    def set_resource_definitions(self, module):
+        resource_definition = module.params.get('resource_definition')

        self.resource_definitions = []

@@ -529,7 +436,7 @@ class K8sAnsibleMixin(object):
            else:
                self.resource_definitions = [resource_definition]

-        src = self.params.get('src')
+        src = module.params.get('src')
        if src:
            self.resource_definitions = self.load_resource_definitions(src)
        try:
@@ -539,12 +446,12 @@ class K8sAnsibleMixin(object):

        if not resource_definition and not src:
            implicit_definition = dict(
-                kind=self.kind,
-                apiVersion=self.api_version,
-                metadata=dict(name=self.name)
+                kind=module.params['kind'],
+                apiVersion=module.params['api_version'],
+                metadata=dict(name=module.params['name'])
            )
-            if self.namespace:
-                implicit_definition['metadata']['namespace'] = self.namespace
+            if module.params.get('namespace'):
+                implicit_definition['metadata']['namespace'] = module.params.get('namespace')
            self.resource_definitions = [implicit_definition]

    def check_library_version(self):
@@ -577,7 +484,7 @@ class K8sAnsibleMixin(object):
        changed = False
        results = []
        try:
-            self.client = self.get_api_client()
+            self.client = get_api_client()
        # Hopefully the kubernetes client will provide its own exception class one day
        except (urllib3.exceptions.RequestError) as e:
            self.fail_json(msg="Couldn't connect to Kubernetes: %s" % str(e))