internet/kubernetes.core
3
0
Fork 0
mirror of https://github.com/ansible-collections/kubernetes.core.git synced 2026-03-27 05:43:02 +00:00
Code Issues Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/main' into merge-upstream

Browse Source
This commit is contained in:
Shaun Smiley
2020-09-18 13:22:53 -07:00
parent 8d2a7e0d8d 51cadb7150
commit 46fdbe0eff
123 changed files with 3666 additions and 988 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
.github/stale.yml vendored Normal file
View File

@@ -0,0 +1,60 @@
---
# Configuration for probot-stale - https://github.com/probot/stale
# Number of days of inactivity before an Issue or Pull Request becomes stale
daysUntilStale: 90
# Number of days of inactivity before an Issue or Pull Request with the stale
# label is closed. Set to false to disable. If disabled, issues still need to be
# closed manually, but will remain marked as stale.
daysUntilClose: 30
# Only issues or pull requests with all of these labels are check if stale.
# Defaults to `[]` (disabled)
onlyLabels: []
# Issues or Pull Requests with these labels will never be considered stale. Set
# to `[]` to disable
exemptLabels:
- security
- planned
- priority/critical
- lifecycle/frozen
- verified
# Set to true to ignore issues in a project (defaults to false)
exemptProjects: false
# Set to true to ignore issues in a milestone (defaults to false)
exemptMilestones: true
# Set to true to ignore issues with an assignee (defaults to false)
exemptAssignees: false
# Label to use when marking as stale
staleLabel: lifecycle/stale
# Limit the number of actions per hour, from 1-30. Default is 30
limitPerRun: 30
pulls:
markComment: |-
PRs go stale after 90 days of inactivity.
If there is no further activity, the PR will be closed in another 30 days.
unmarkComment: >-
This pull request is no longer stale.
closeComment: >-
This pull request has been closed due to inactivity.
issues:
markComment: |-
Issues go stale after 90 days of inactivity.
If there is no further activity, the issue will be closed in another 30 days.
unmarkComment: >-
This issue is no longer stale.
closeComment: >-
This issue has been closed due to inactivity.

104
.github/workflows/ci.yml vendored
View File

@@ -3,7 +3,7 @@ name: CI
'on':
push:
branches:
- master
- main
pull_request:
schedule:
- cron: '0 6 * * *'
@@ -30,7 +30,7 @@ jobs:
run: pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check
- name: Run sanity tests on Python ${{ matrix.python_version }}
run: ansible-test sanity --docker -v --color --python ${{ matrix.python_version }}
run: make test-sanity PYTHON_VERSION=${{ matrix.python_version }}
working-directory: ./ansible_collections/community/kubernetes
integration:
@@ -53,7 +53,7 @@ jobs:
run: pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check
- name: Run integration tests on Python ${{ matrix.python_version }}
run: ansible-test integration --docker -v --color --retry-on-error --python ${{ matrix.python_version }} --continue-on-error --diff --coverage
run: make test-integration PYTHON_VERSION=${{ matrix.python_version }}
working-directory: ./ansible_collections/community/kubernetes
- name: Generate coverage report.
@@ -76,7 +76,7 @@ jobs:
path: ansible_collections/community/kubernetes
- name: Set up KinD cluster
uses: engineerd/setup-kind@v0.3.0
uses: engineerd/setup-kind@v0.4.0
- name: Set up Python ${{ matrix.python_version }}
uses: actions/setup-python@v1
@@ -84,10 +84,21 @@ jobs:
python-version: ${{ matrix.python_version }}
- name: Install molecule and openshift dependencies
run: pip install molecule yamllint openshift
run: pip install ansible molecule yamllint openshift flake8
- name: Install ansible base (devel branch)
run: pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check
# The latest release doesn't work with Molecule currently.
# See: https://github.com/ansible-community/molecule/issues/2757
# - name: Install ansible base, latest release.
# run: |
# pip uninstall -y ansible
# pip install --pre ansible-base
# The devel branch doesn't work with Molecule currently.
# See: https://github.com/ansible-community/molecule/issues/2757
# - name: Install ansible base (devel branch)
# run: |
# pip uninstall -y ansible
# pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check
- name: Create default collection path symlink
run: |
@@ -95,5 +106,82 @@ jobs:
ln -s /home/runner/work/kubernetes/kubernetes /home/runner/.ansible/collections
- name: Run molecule default test scenario
run: molecule test
run: make test-molecule
working-directory: ./ansible_collections/community/kubernetes
downstream-sanity-29:
runs-on: ubuntu-latest
strategy:
matrix:
python_version: ['3.6']
steps:
- name: Check out code
uses: actions/checkout@v2
with:
path: ansible_collections/community/kubernetes
- name: Set up Python ${{ matrix.python_version }}
uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python_version }}
- name: Install ansible base (devel branch)
run: pip install "ansible>=2.9.0,<2.10.0"
- name: Run sanity tests on Python ${{ matrix.python_version }}
run: make downstream-test-sanity
working-directory: ./ansible_collections/community/kubernetes
downstream-integration-29:
runs-on: ubuntu-latest
strategy:
matrix:
python_version: ['3.6']
steps:
- name: Check out code
uses: actions/checkout@v2
with:
path: ansible_collections/community/kubernetes
- name: Set up Python ${{ matrix.python_version }}
uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python_version }}
- name: Install ansible base (devel branch)
run: pip install "ansible>=2.9.0,<2.10.0"
- name: Run integration tests on Python ${{ matrix.python_version }}
run: make downstream-test-integration
working-directory: ./ansible_collections/community/kubernetes
downstream-molecule-29:
runs-on: ubuntu-latest
strategy:
matrix:
python_version: ['3.7']
steps:
- name: Check out code
uses: actions/checkout@v2
with:
path: ansible_collections/community/kubernetes
- name: Set up KinD cluster
uses: engineerd/setup-kind@v0.4.0
- name: Set up Python ${{ matrix.python_version }}
uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python_version }}
- name: Install molecule and openshift dependencies
run: pip install "ansible>=2.9.0,<2.10.0" molecule yamllint openshift flake8
- name: Create default collection path symlink
run: |
mkdir -p /home/runner/.ansible
ln -s /home/runner/work/kubernetes/kubernetes /home/runner/.ansible/collections
- name: Run molecule default test scenario
run: make downstream-test-molecule
working-directory: ./ansible_collections/community/kubernetes

3
.gitignore vendored
View File

@@ -6,6 +6,9 @@ __pycache__/
# Galaxy artifacts.
*.tar.gz
# Changelog cache files.
changelogs/.plugin-cache.yaml
# Temporary test files.
tests/output
tests/integration/cloud-config-*

4
.yamllint
View File

@@ -8,5 +8,9 @@ rules:
brackets:
max-spaces-inside: 1
level: error
document-start: disable
line-length: disable
truthy: disable
indentation:
spaces: 2
indent-sequences: consistent

54
CHANGELOG.md
View File

@@ -1,54 +0,0 @@
# Kubernetes Collection Changes
## 0.11.0
### New Features
- PR #61: Add `helm`, `helm_info`, and `helm_repository` modules.
- PR #81: Rename repository to `community.kubernetes`.
### Bug Fixes
- PR #78: Update GitHub Actions workflow for better CI stability.
- PR #69: k8s_log no longer attempts to parse log as JSON.
- PR #85: Make sure extra files are not included in built collection.
## 0.10.0
### New Features
- PR #14: Add `k8s_exec` module for executing commands on pods via Kubernetes API.
- PR #16: Add `k8s_log` module for retrieving pod logs.
- Issue #49, PR #55: Add `persist_config` option for persisting refreshed tokens.
### Security Fixes
- PR #51: Warn about disclosure when using options like `kubectl_password`, `kubectl_extra_args`, and `kubectl_token` to pass data through to the command line using the `kubectl` connection plugin.
### Bug Fixes
- Issue #13: Fix argspec for 'elements'.
- Issue #33, PR #34: Fix argspec in `k8s_service`.
- Issue #10, PR #22: Test collection in a Kind cluster in CI using Molecule.
- PR #52: Documentation fix in `kubectl.py`.
- PR #54: Add exception handling when retrieving k8s client.
- PR #56: Use from_yaml filter with lookup examples in `k8s` module documentation examples.
## 0.9.0
- Initial migration of Kubernetes content from Ansible core (2.9 / devel), including content:
- **Connection Plugins**:
- `kubectl`
- **Filter Plugins**:
- `k8s_config_resource_name`
- **Inventory Source**:
- `k8s`
- `openshift`
- **Lookup Plugins**:
- `k8s`
- **Modules**:
- `k8s`
- `k8s_auth`
- `k8s_info`
- `k8s_scale`
- `k8s_service`

167
CHANGELOG.rst Normal file
View File

@@ -0,0 +1,167 @@
===================================
Kubernetes Collection Release Notes
===================================
.. contents:: Topics
v1.0.0
======
Major Changes
-------------
- helm_plugin - new module to manage Helm plugins (https://github.com/ansible-collections/community.kubernetes/pull/154).
- helm_plugin_info - new modules to gather information about Helm plugins (https://github.com/ansible-collections/community.kubernetes/pull/154).
- k8s_exec - Return rc for the command executed (https://github.com/ansible-collections/community.kubernetes/pull/158).
Minor Changes
-------------
- Ensure check mode results are as expected (https://github.com/ansible-collections/community.kubernetes/pull/155).
- Update base branch to 'main' (https://github.com/ansible-collections/community.kubernetes/issues/148).
- helm - Add support for K8S_AUTH_CONTEXT, K8S_AUTH_KUBECONFIG env (https://github.com/ansible-collections/community.kubernetes/pull/141).
- helm - Allow creating namespaces with Helm (https://github.com/ansible-collections/community.kubernetes/pull/157).
- helm - add aliases context for kube_context (https://github.com/ansible-collections/community.kubernetes/pull/152).
- helm - add support for K8S_AUTH_KUBECONFIG and K8S_AUTH_CONTEXT environment variable (https://github.com/ansible-collections/community.kubernetes/issues/140).
- helm_info - add aliases context for kube_context (https://github.com/ansible-collections/community.kubernetes/pull/152).
- helm_info - add support for K8S_AUTH_KUBECONFIG and K8S_AUTH_CONTEXT environment variable (https://github.com/ansible-collections/community.kubernetes/issues/140).
- k8s_exec - return RC for the command executed (https://github.com/ansible-collections/community.kubernetes/issues/122).
- k8s_info - Update example using vars (https://github.com/ansible-collections/community.kubernetes/pull/156).
Security Fixes
--------------
- kubectl - connection plugin now redact kubectl_token and kubectl_password in console log (https://github.com/ansible-collections/community.kubernetes/issues/65).
- kubectl - redacted token and password from console log (https://github.com/ansible-collections/community.kubernetes/pull/159).
Bugfixes
--------
- Test against stable ansible branch so molecule tests work (https://github.com/ansible-collections/community.kubernetes/pull/168).
- Update openshift requirements in k8s module doc (https://github.com/ansible-collections/community.kubernetes/pull/153).
New Modules
-----------
- helm_plugin - Manage Helm plugins
- helm_plugin_info - Gather information about Helm plugins
v0.11.1
=======
Major Changes
-------------
- Add changelog and fragments and document changelog process (https://github.com/ansible-collections/community.kubernetes/pull/131).
Minor Changes
-------------
- Add action groups for playbooks with module_defaults (https://github.com/ansible-collections/community.kubernetes/pull/107).
- Add requires_ansible version constraints to runtime.yml (https://github.com/ansible-collections/community.kubernetes/pull/126).
- Add sanity test ignore file for Ansible 2.11 (https://github.com/ansible-collections/community.kubernetes/pull/130).
- Add test for openshift apply bug (https://github.com/ansible-collections/community.kubernetes/pull/94).
- Add version_added to each new collection module (https://github.com/ansible-collections/community.kubernetes/pull/98).
- Check Python code using flake8 (https://github.com/ansible-collections/community.kubernetes/pull/123).
- Don't require project coverage check on PRs (https://github.com/ansible-collections/community.kubernetes/pull/102).
- Improve k8s Deployment and Daemonset wait conditions (https://github.com/ansible-collections/community.kubernetes/pull/35).
- Minor documentation fixes and use of FQCN in some examples (https://github.com/ansible-collections/community.kubernetes/pull/114).
- Remove action_groups_redirection entry from meta/runtime.yml (https://github.com/ansible-collections/community.kubernetes/pull/127).
- Remove deprecated ANSIBLE_METADATA field (https://github.com/ansible-collections/community.kubernetes/pull/95).
- Use FQCN in module docs and plugin examples (https://github.com/ansible-collections/community.kubernetes/pull/146).
- Use improved kubernetes diffs where possible (https://github.com/ansible-collections/community.kubernetes/pull/105).
- helm - add 'atomic' option (https://github.com/ansible-collections/community.kubernetes/pull/115).
- helm - minor code refactoring (https://github.com/ansible-collections/community.kubernetes/pull/110).
- helm_info and helm_repository - minor code refactor (https://github.com/ansible-collections/community.kubernetes/pull/117).
- k8s - Handle set object retrieved from lookup plugin (https://github.com/ansible-collections/community.kubernetes/pull/118).
Bugfixes
--------
- Fix suboption docs structure for inventory plugins (https://github.com/ansible-collections/community.kubernetes/pull/103).
- Handle invalid kubeconfig parsing error (https://github.com/ansible-collections/community.kubernetes/pull/119).
- Make sure Service changes run correctly in check_mode (https://github.com/ansible-collections/community.kubernetes/pull/84).
- k8s_info - remove unneccessary k8s_facts deprecation notice (https://github.com/ansible-collections/community.kubernetes/pull/97).
- k8s_scale - Fix scale wait and add tests (https://github.com/ansible-collections/community.kubernetes/pull/100).
- raw - handle condition when definition is none (https://github.com/ansible-collections/community.kubernetes/pull/139).
v0.11.0
=======
Major Changes
-------------
- helm - New module for managing Helm charts (https://github.com/ansible-collections/community.kubernetes/pull/61).
- helm_info - New module for retrieving Helm chart information (https://github.com/ansible-collections/community.kubernetes/pull/61).
- helm_repository - New module for managing Helm repositories (https://github.com/ansible-collections/community.kubernetes/pull/61).
Minor Changes
-------------
- Rename repository to ``community.kubernetes`` (https://github.com/ansible-collections/community.kubernetes/pull/81).
Bugfixes
--------
- Make sure extra files are not included in built collection (https://github.com/ansible-collections/community.kubernetes/pull/85).
- Update GitHub Actions workflow for better CI stability (https://github.com/ansible-collections/community.kubernetes/pull/78).
- k8s_log - Module no longer attempts to parse log as JSON (https://github.com/ansible-collections/community.kubernetes/pull/69).
New Modules
-----------
- helm - Manages Kubernetes packages with the Helm package manager
- helm_info - Get information from Helm package deployed inside the cluster
- helm_repository - Add and remove Helm repository
v0.10.0
=======
Major Changes
-------------
- k8s_exec - New module for executing commands on pods via Kubernetes API (https://github.com/ansible-collections/community.kubernetes/pull/14).
- k8s_log - New module for retrieving pod logs (https://github.com/ansible-collections/community.kubernetes/pull/16).
Minor Changes
-------------
- k8s - Added ``persist_config`` option for persisting refreshed tokens (https://github.com/ansible-collections/community.kubernetes/issues/49).
Security Fixes
--------------
- kubectl - Warn about information disclosure when using options like ``kubectl_password``, ``kubectl_extra_args``, and ``kubectl_token`` to pass data through to the command line using the ``kubectl`` connection plugin (https://github.com/ansible-collections/community.kubernetes/pull/51).
Bugfixes
--------
- k8s - Add exception handling when retrieving k8s client (https://github.com/ansible-collections/community.kubernetes/pull/54).
- k8s - Fix argspec for 'elements' (https://github.com/ansible-collections/community.kubernetes/issues/13).
- k8s - Use ``from_yaml`` filter with lookup examples in ``k8s`` module documentation examples (https://github.com/ansible-collections/community.kubernetes/pull/56).
- k8s_service - Fix argspec (https://github.com/ansible-collections/community.kubernetes/issues/33).
- kubectl - Fix documentation in kubectl connection plugin (https://github.com/ansible-collections/community.kubernetes/pull/52).
New Modules
-----------
- k8s_exec - Execute command in Pod
- k8s_log - Fetch logs from Kubernetes resources
v0.9.0
======
Major Changes
-------------
- k8s - Inventory source migrated from Ansible 2.9 to Kubernetes collection.
- k8s - Lookup plugin migrated from Ansible 2.9 to Kubernetes collection.
- k8s - Module migrated from Ansible 2.9 to Kubernetes collection.
- k8s_auth - Module migrated from Ansible 2.9 to Kubernetes collection.
- k8s_config_resource_name - Filter plugin migrated from Ansible 2.9 to Kubernetes collection.
- k8s_info - Module migrated from Ansible 2.9 to Kubernetes collection.
- k8s_scale - Module migrated from Ansible 2.9 to Kubernetes collection.
- k8s_service - Module migrated from Ansible 2.9 to Kubernetes collection.
- kubectl - Connection plugin migrated from Ansible 2.9 to Kubernetes collection.
- openshift - Inventory source migrated from Ansible 2.9 to Kubernetes collection.

65
CONTRIBUTING.md Normal file
View File

@@ -0,0 +1,65 @@
# Contributing
## Getting Started
General information about setting up your Python environment, testing modules,
Ansible coding styles, and more can be found in the [Ansible Community Guide](
https://docs.ansible.com/ansible/latest/community/index.html).
## Kubernetes Collections
### community.kubernetes
This collection contains modules and plugins contributed and maintained by the Ansible Kubernetes
community.
New modules and plugins developed by the community should be proposed to `community.kubernetes`.
## Submitting Issues
All software has bugs, and the `community.kubernetes` collection is no exception. When you find a bug,
you can help tremendously by [telling us about it](https://github.com/ansible-collections/community.kubernetes/issues/new/choose).
If you should discover that the bug you're trying to file already exists in an issue,
you can help by verifying the behavior of the reported bug with a comment in that
issue, or by reporting any additional information.
## Pull Requests
All modules MUST have integration tests for new features.
Bug fixes for modules that currently have integration tests SHOULD have tests added.
New modules should be submitted to the [community.kubernetes](https://github.com/ansible-collections/community.kubernetes) collection and MUST have integration tests.
Expected test criteria:
* Resource creation under check mode
* Resource creation
* Resource creation again (idempotency) under check mode
* Resource creation again (idempotency)
* Resource modification under check mode
* Resource modification
* Resource modification again (idempotency) under check mode
* Resource modification again (idempotency)
* Resource deletion under check mode
* Resource deletion
* Resource deletion (of a non-existent resource) under check mode
* Resource deletion (of a non-existent resource)
Where modules have multiple parameters we recommend running through the 4-step modification cycle for each parameter the module accepts, as well as a modification cycle where as most, if not all, parameters are modified at the same time.
For general information on running the integration tests see the
[Integration Tests page of the Module Development Guide](https://docs.ansible.com/ansible/devel/dev_guide/testing_integration.html#testing-integration),
especially the section on configuration for cloud tests. For questions about writing tests the Ansible Kubernetes community can be found on Freenode IRC as detailed below.
### Code of Conduct
The `community.kubernetes` collection follows the Ansible project's
[Code of Conduct](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html).
Please read and familiarize yourself with this document.
### IRC
Our IRC channels may require you to register your nickname. If you receive an error when you connect, see
[Freenode's Nickname Registration guide](https://freenode.net/kb/answer/registration) for instructions.
The `#ansible-kubernetes` channel on Freenode IRC is the main and official place to discuss use and development of the `community.kubernetes` collection.
For more information about Ansible's Kubernetes integration, browse the resources in the [Kubernetes Working Group](https://github.com/ansible/community/wiki/Kubernetes) Community wiki page.

43
Makefile Normal file
View File

@@ -0,0 +1,43 @@
# Also needs to be updated in galaxy.yml
VERSION = 1.0.0
TEST_ARGS ?= ""
PYTHON_VERSION ?= `python -c 'import platform; print("{0}.{1}".format(platform.python_version_tuple()[0], platform.python_version_tuple()[1]))'`
clean:
rm -f community-kubernetes-${VERSION}.tar.gz
rm -rf ansible_collections
rm -rf tests/output
build: clean
ansible-galaxy collection build
release: build
ansible-galaxy collection publish community-kubernetes-${VERSION}.tar.gz
install: build
ansible-galaxy collection install -p ansible_collections community-kubernetes-${VERSION}.tar.gz
test-sanity:
ansible-test sanity --docker -v --color --python $(PYTHON_VERSION) $(?TEST_ARGS)
test-integration:
ansible-test integration --docker -v --color --retry-on-error --python $(PYTHON_VERSION) --continue-on-error --diff --coverage $(?TEST_ARGS)
test-molecule:
molecule test
downstream-test-sanity:
./utils/downstream.sh -s
downstream-test-integration:
./utils/downstream.sh -i
downstream-test-molecule:
./utils/downstream.sh -m
downstream-build:
./utils/downstream.sh -b
downstream-release:
./utils/downstream.sh -r

136
README.md
View File

@@ -11,31 +11,33 @@ The collection includes a variety of Ansible content to help automate the manage
Click on the name of a plugin or module to view that content's documentation:
- **Connection Plugins**:
- [kubectl](https://docs.ansible.com/ansible/latest/plugins/connection/kubectl.html)
- [kubectl](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/kubectl_connection.html)
- **Filter Plugins**:
- [k8s_config_resource_name](https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#kubernetes-filters)
- **Inventory Source**:
- [k8s](https://docs.ansible.com/ansible/latest/plugins/inventory/k8s.html)
- [openshift](https://docs.ansible.com/ansible/latest/plugins/inventory/openshift.html)
- [k8s](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/k8s_inventory.html)
- [openshift](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/openshift_inventory.html)
- **Lookup Plugins**:
- [k8s](https://docs.ansible.com/ansible/latest/plugins/lookup/k8s.html)
- [k8s](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/k8s_lookup.html)
- **Modules**:
- [k8s](https://docs.ansible.com/ansible/latest/modules/k8s_module.html)
- [k8s_auth](https://docs.ansible.com/ansible/latest/modules/k8s_auth_module.html)
- [k8s_exec](https://github.com/ansible-collections/community.kubernetes/blob/master/plugins/modules/k8s_exec.py)
- [k8s_log](https://github.com/ansible-collections/community.kubernetes/blob/master/plugins/modules/k8s_log.py)
- [k8s_info](https://docs.ansible.com/ansible/latest/modules/k8s_info_module.html)
- [k8s_scale](https://docs.ansible.com/ansible/latest/modules/k8s_scale_module.html)
- [k8s_service](https://docs.ansible.com/ansible/latest/modules/k8s_service_module.html)
- [helm](https://github.com/ansible-collections/community.kubernetes/blob/master/plugins/modules/helm.py)
- [helm_info](https://github.com/ansible-collections/community.kubernetes/blob/master/plugins/modules/helm_info.py)
- [helm_repository](https://github.com/ansible-collections/community.kubernetes/blob/master/plugins/modules/helm_repository.py)
- [k8s](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/k8s_module.html)
- [k8s_auth](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/k8s_auth_module.html)
- [k8s_exec](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/k8s_exec_module.html)
- [k8s_info](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/k8s_info_module.html)
- [k8s_log](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/k8s_log_module.html)
- [k8s_scale](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/k8s_scale_module.html)
- [k8s_service](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/k8s_service_module.html)
- [helm](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/helm_module.html)
- [helm_info](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/helm_info_module.html)
- [helm_plugin](https://github.com/ansible-collections/community.kubernetes/blob/main/plugins/modules/helm_plugin.py)
- [helm_plugin_info](https://github.com/ansible-collections/community.kubernetes/blob/main/plugins/modules/helm_plugin_info.py)
- [helm_repository](https://docs.ansible.com/ansible/2.10/collections/community/kubernetes/helm_repository_module.html)
## Installation and Usage
### Installing the Collection from Ansible Galaxy
Before using the Kuberentes collection, you need to install it with the Ansible Galaxy CLI:
Before using the Kubernetes collection, you need to install it with the Ansible Galaxy CLI:
ansible-galaxy collection install community.kubernetes
@@ -45,7 +47,7 @@ You can also include it in a `requirements.yml` file and install it via `ansible
---
collections:
- name: community.kubernetes
version: 0.11.0
version: 1.0.0
```
### Installing the OpenShift Python Library
@@ -56,7 +58,51 @@ Content in this collection requires the [OpenShift Python client](https://pypi.o
### Using modules from the Kubernetes Collection in your playbooks
You can either call modules by their Fully Qualified Collection Namespace (FQCN), like `community.kubernetes.k8s_info`, or you can call modules by their short name if you list the `community.kubernetes` collection in the playbook's `collections`, like so:
It's preferable to use content in this collection using their Fully Qualified Collection Namespace (FQCN), for example `community.kubernetes.k8s_info`:
```yaml
---
- hosts: localhost
gather_facts: false
connection: local
tasks:
- name: Ensure the myapp Namespace exists.
community.kubernetes.k8s:
api_version: v1
kind: Namespace
name: myapp
state: present
- name: Ensure the myapp Service exists in the myapp Namespace.
community.kubernetes.k8s:
state: present
definition:
apiVersion: v1
kind: Service
metadata:
name: myapp
namespace: myapp
spec:
type: LoadBalancer
ports:
- port: 8080
targetPort: 8080
selector:
app: myapp
- name: Get a list of all Services in the myapp namespace.
community.kubernetes.k8s_info:
kind: Service
namespace: myapp
register: myapp_services
- name: Display number of Services in the myapp namespace.
debug:
var: myapp_services.resources | count
```
If upgrading older playbooks which were built prior to Ansible 2.10 and this collection's existence, you can also define `collections` in your play and refer to this collection's modules as you did in Ansible 2.9 and below, as in this example:
```yaml
---
@@ -74,34 +120,6 @@ You can either call modules by their Fully Qualified Collection Namespace (FQCN)
kind: Namespace
name: myapp
state: present
- name: Ensure the myapp Service exists in the myapp Namespace.
k8s:
state: present
definition:
apiVersion: v1
kind: Service
metadata:
name: myapp
namespace: myapp
spec:
type: LoadBalancer
ports:
- port: 8080
targetPort: 8080
selector:
app: myapp
- name: Get a list of all Services in the myapp namespace.
k8s_info:
kind: Service
namespace: myapp
register: myapp_services
- name: Display number of Services in the myapp namespace.
debug:
var: myapp_services.resources | count
```
For documentation on how to use individual modules and other content included in this collection, please see the links in the 'Included content' section earlier in this README.
@@ -110,43 +128,41 @@ For documentation on how to use individual modules and other content included in
If you want to develop new content for this collection or improve what's already here, the easiest way to work on the collection is to clone it into one of the configured [`COLLECTIONS_PATHS`](https://docs.ansible.com/ansible/latest/reference_appendices/config.html#collections-paths), and work on it there.
See [Contributing to community.kubernetes](CONTRIBUTING.md).
### Testing with `ansible-test`
The `tests` directory contains configuration for running sanity and integration tests using [`ansible-test`](https://docs.ansible.com/ansible/latest/dev_guide/testing_integration.html).
You can run the collection's test suites with the commands:
ansible-test sanity --docker -v --color
ansible-test integration --docker -v --color
make test-sanity
make test-integration
### Testing with `molecule`
There are also integration tests in the `molecule` directory which are meant to be run against a local Kubernetes cluster, e.g. using [KinD](https://kind.sigs.k8s.io) or [Minikube](https://minikube.sigs.k8s.io). To run the tests, set up a local cluster, then run Molecule:
There are also integration tests in the `molecule` directory which are meant to be run against a local Kubernetes cluster, e.g. using [KinD](https://kind.sigs.k8s.io) or [Minikube](https://minikube.sigs.k8s.io). To setup a local cluster using KinD and run Molecule:
kind create cluster
molecule test
make test-molecule
## Publishing New Versions
The current process for publishing new versions of the Kubernetes Collection is manual, and requires a user who has access to the `community.kubernetes` namespace on Ansible Galaxy to publish the build artifact. See [Issue #43](https://github.com/ansible-collections/community.kubernetes/issues/43) for progress in automating this process.
Releases are automatically built and pushed to Ansible Galaxy for any new tag. Before tagging a release, make sure to do the following:
1. Ensure you're running Ansible from devel, so the [`build_ignore` key](https://github.com/ansible/ansible/issues/67130) in `galaxy.yml` is used.
1. Run `git clean -x -d -f` in this repository's directory to clean out any extra files which should not be included.
1. Ensure `CHANGELOG.md` contains all the latest changes.
1. Update `galaxy.yml` and this README's `requirements.yml` example with the new `version` for the collection.
1. Update the CHANGELOG:
1. Make sure you have [`antsibull-changelog`](https://pypi.org/project/antsibull-changelog/) installed.
1. Make sure there are fragments for all known changes in `changelogs/fragments`.
1. Run `antsibull-changelog release`.
1. Commit the changes and create a PR with the changes. Wait for tests to pass, then merge it once they have.
1. Tag the version in Git and push to GitHub.
1. Run the following commands to build and release the new version on Galaxy:
```
ansible-galaxy collection build
ansible-galaxy collection publish ./community-kubernetes-$VERSION_HERE.tar.gz
```
After the version is published, verify it exists on the [Kubernetes Collection Galaxy page](https://galaxy.ansible.com/community/kubernetes).
## More Information
For more information about Ansible's Kubernetes integration, join the `#ansible-community` channel on Freenode IRC, and browse the resources in the [Kubernetes Working Group](https://github.com/ansible/community/wiki/Kubernetes) Community wiki page.
For more information about Ansible's Kubernetes integration, join the `#ansible-kubernetes` channel on Freenode IRC, and browse the resources in the [Kubernetes Working Group](https://github.com/ansible/community/wiki/Kubernetes) Community wiki page.
## License

188
changelogs/changelog.yaml Normal file
View File

@@ -0,0 +1,188 @@
ancestor: null
releases:
0.10.0:
changes:
bugfixes:
- k8s - Add exception handling when retrieving k8s client (https://github.com/ansible-collections/community.kubernetes/pull/54).
- k8s - Fix argspec for 'elements' (https://github.com/ansible-collections/community.kubernetes/issues/13).
- k8s - Use ``from_yaml`` filter with lookup examples in ``k8s`` module documentation
examples (https://github.com/ansible-collections/community.kubernetes/pull/56).
- k8s_service - Fix argspec (https://github.com/ansible-collections/community.kubernetes/issues/33).
- kubectl - Fix documentation in kubectl connection plugin (https://github.com/ansible-collections/community.kubernetes/pull/52).
major_changes:
- k8s_exec - New module for executing commands on pods via Kubernetes API (https://github.com/ansible-collections/community.kubernetes/pull/14).
- k8s_log - New module for retrieving pod logs (https://github.com/ansible-collections/community.kubernetes/pull/16).
minor_changes:
- k8s - Added ``persist_config`` option for persisting refreshed tokens (https://github.com/ansible-collections/community.kubernetes/issues/49).
security_fixes:
- kubectl - Warn about information disclosure when using options like ``kubectl_password``,
``kubectl_extra_args``, and ``kubectl_token`` to pass data through to the
command line using the ``kubectl`` connection plugin (https://github.com/ansible-collections/community.kubernetes/pull/51).
fragments:
- 13-fix-elements-argspec.yaml
- 14-k8s_exec-new-module.yaml
- 16-k8s_log-new-module.yaml
- 33-k8s_service-fix-argspec.yaml
- 49-k8s-add-persist_config-option.yaml
- 51-kubectl-security-disclosure.yaml
- 52-kubectl-connection-docsfix.yaml
- 54-k8s-add-exception-handling.yaml
- 56-k8s-from_yaml-docs-examples.yaml
modules:
- description: Execute command in Pod
name: k8s_exec
namespace: ''
- description: Fetch logs from Kubernetes resources
name: k8s_log
namespace: ''
release_date: '2020-03-23'
0.11.0:
changes:
bugfixes:
- Make sure extra files are not included in built collection (https://github.com/ansible-collections/community.kubernetes/pull/85).
- Update GitHub Actions workflow for better CI stability (https://github.com/ansible-collections/community.kubernetes/pull/78).
- k8s_log - Module no longer attempts to parse log as JSON (https://github.com/ansible-collections/community.kubernetes/pull/69).
major_changes:
- helm - New module for managing Helm charts (https://github.com/ansible-collections/community.kubernetes/pull/61).
- helm_info - New module for retrieving Helm chart information (https://github.com/ansible-collections/community.kubernetes/pull/61).
- helm_repository - New module for managing Helm repositories (https://github.com/ansible-collections/community.kubernetes/pull/61).
minor_changes:
- Rename repository to ``community.kubernetes`` (https://github.com/ansible-collections/community.kubernetes/pull/81).
fragments:
- 61-helm-new-modules.yaml
- 69-k8s_log-dont-parse-as-json.yaml
- 78-github-actions-workflow.yaml
- 81-rename-repository.yaml
- 85-exclude-unnecessary-files-when-building.yaml
modules:
- description: Manages Kubernetes packages with the Helm package manager
name: helm
namespace: ''
- description: Get information from Helm package deployed inside the cluster
name: helm_info
namespace: ''
- description: Add and remove Helm repository
name: helm_repository
namespace: ''
release_date: '2020-05-04'
0.11.1:
changes:
bugfixes:
- Fix suboption docs structure for inventory plugins (https://github.com/ansible-collections/community.kubernetes/pull/103).
- Handle invalid kubeconfig parsing error (https://github.com/ansible-collections/community.kubernetes/pull/119).
- Make sure Service changes run correctly in check_mode (https://github.com/ansible-collections/community.kubernetes/pull/84).
- k8s_info - remove unneccessary k8s_facts deprecation notice (https://github.com/ansible-collections/community.kubernetes/pull/97).
- k8s_scale - Fix scale wait and add tests (https://github.com/ansible-collections/community.kubernetes/pull/100).
- raw - handle condition when definition is none (https://github.com/ansible-collections/community.kubernetes/pull/139).
major_changes:
- Add changelog and fragments and document changelog process (https://github.com/ansible-collections/community.kubernetes/pull/131).
minor_changes:
- Add action groups for playbooks with module_defaults (https://github.com/ansible-collections/community.kubernetes/pull/107).
- Add requires_ansible version constraints to runtime.yml (https://github.com/ansible-collections/community.kubernetes/pull/126).
- Add sanity test ignore file for Ansible 2.11 (https://github.com/ansible-collections/community.kubernetes/pull/130).
- Add test for openshift apply bug (https://github.com/ansible-collections/community.kubernetes/pull/94).
- Add version_added to each new collection module (https://github.com/ansible-collections/community.kubernetes/pull/98).
- Check Python code using flake8 (https://github.com/ansible-collections/community.kubernetes/pull/123).
- Don't require project coverage check on PRs (https://github.com/ansible-collections/community.kubernetes/pull/102).
- Improve k8s Deployment and Daemonset wait conditions (https://github.com/ansible-collections/community.kubernetes/pull/35).
- Minor documentation fixes and use of FQCN in some examples (https://github.com/ansible-collections/community.kubernetes/pull/114).
- Remove action_groups_redirection entry from meta/runtime.yml (https://github.com/ansible-collections/community.kubernetes/pull/127).
- Remove deprecated ANSIBLE_METADATA field (https://github.com/ansible-collections/community.kubernetes/pull/95).
- Use FQCN in module docs and plugin examples (https://github.com/ansible-collections/community.kubernetes/pull/146).
- Use improved kubernetes diffs where possible (https://github.com/ansible-collections/community.kubernetes/pull/105).
- helm - add 'atomic' option (https://github.com/ansible-collections/community.kubernetes/pull/115).
- helm - minor code refactoring (https://github.com/ansible-collections/community.kubernetes/pull/110).
- helm_info and helm_repository - minor code refactor (https://github.com/ansible-collections/community.kubernetes/pull/117).
- k8s - Handle set object retrieved from lookup plugin (https://github.com/ansible-collections/community.kubernetes/pull/118).
fragments:
- 100-k8s_scale-fix-wait.yaml
- 102-dont-require-codecov-check-prs.yaml
- 103-fix-inventory-docs-structure.yaml
- 105-improved-k8s-diffs.yaml
- 107-action-groups-module_defaults.yaml
- 110-helm-minor-refactor.yaml
- 114-minor-docs-fixes.yaml
- 115-helm-add-atomic.yaml
- 117-helm-minor-refactor.yaml
- 118-k8s-lookup-handle-set-object.yaml
- 119-handle-kubeconfig-error.yaml
- 123-flake8.yaml
- 126-requires_ansible-version-constraints.yaml
- 127-remove-action_groups_redirection.yaml
- 130-add-sanity-ignore-211.yaml
- 131-changelog-fragments.yaml
- 139-fix-manifest-ends-with-separator.yml
- 146-fqcn-in-docs.yaml
- 35-wait-conditions.yaml
- 84-check_mode-service-change.yaml
- 94-openshift-apply-test.yaml
- 95-remove-ANSIBLE_METADATA.yaml
- 97-remove-k8s_facts-deprecation.yaml
- 98-add-version_added.yaml
release_date: '2020-07-01'
0.9.0:
changes:
major_changes:
- k8s - Inventory source migrated from Ansible 2.9 to Kubernetes collection.
- k8s - Lookup plugin migrated from Ansible 2.9 to Kubernetes collection.
- k8s - Module migrated from Ansible 2.9 to Kubernetes collection.
- k8s_auth - Module migrated from Ansible 2.9 to Kubernetes collection.
- k8s_config_resource_name - Filter plugin migrated from Ansible 2.9 to Kubernetes
collection.
- k8s_info - Module migrated from Ansible 2.9 to Kubernetes collection.
- k8s_scale - Module migrated from Ansible 2.9 to Kubernetes collection.
- k8s_service - Module migrated from Ansible 2.9 to Kubernetes collection.
- kubectl - Connection plugin migrated from Ansible 2.9 to Kubernetes collection.
- openshift - Inventory source migrated from Ansible 2.9 to Kubernetes collection.
fragments:
- 4-k8s-prepare-collection-for-release.yaml
release_date: '2020-02-05'
1.0.0:
changes:
bugfixes:
- Test against stable ansible branch so molecule tests work (https://github.com/ansible-collections/community.kubernetes/pull/168).
- Update openshift requirements in k8s module doc (https://github.com/ansible-collections/community.kubernetes/pull/153).
major_changes:
- helm_plugin - new module to manage Helm plugins (https://github.com/ansible-collections/community.kubernetes/pull/154).
- helm_plugin_info - new modules to gather information about Helm plugins (https://github.com/ansible-collections/community.kubernetes/pull/154).
- k8s_exec - Return rc for the command executed (https://github.com/ansible-collections/community.kubernetes/pull/158).
minor_changes:
- Ensure check mode results are as expected (https://github.com/ansible-collections/community.kubernetes/pull/155).
- Update base branch to 'main' (https://github.com/ansible-collections/community.kubernetes/issues/148).
- helm - Add support for K8S_AUTH_CONTEXT, K8S_AUTH_KUBECONFIG env (https://github.com/ansible-collections/community.kubernetes/pull/141).
- helm - Allow creating namespaces with Helm (https://github.com/ansible-collections/community.kubernetes/pull/157).
- helm - add aliases context for kube_context (https://github.com/ansible-collections/community.kubernetes/pull/152).
- helm - add support for K8S_AUTH_KUBECONFIG and K8S_AUTH_CONTEXT environment
variable (https://github.com/ansible-collections/community.kubernetes/issues/140).
- helm_info - add aliases context for kube_context (https://github.com/ansible-collections/community.kubernetes/pull/152).
- helm_info - add support for K8S_AUTH_KUBECONFIG and K8S_AUTH_CONTEXT environment
variable (https://github.com/ansible-collections/community.kubernetes/issues/140).
- k8s_exec - return RC for the command executed (https://github.com/ansible-collections/community.kubernetes/issues/122).
- k8s_info - Update example using vars (https://github.com/ansible-collections/community.kubernetes/pull/156).
security_fixes:
- kubectl - connection plugin now redact kubectl_token and kubectl_password
in console log (https://github.com/ansible-collections/community.kubernetes/issues/65).
- kubectl - redacted token and password from console log (https://github.com/ansible-collections/community.kubernetes/pull/159).
fragments:
- 122_k8s_exec_rc.yml
- 140-kubeconfig-env.yaml
- 141-helm-add-k8s-env-vars.yaml
- 148-update-base-branch-main.yaml
- 152-helm-context-aliases.yml
- 153-update-openshift-requirements.yaml
- 154-helm_plugin-helm_plugin_info-new-modules.yaml
- 155-ensure-check-mode-waits.yaml
- 156-k8s_info-vars-example.yaml
- 157-helm-create-namespace.yaml
- 158-k8s_exec-return-rc.yaml
- 159-kubectl-redact-token-and-password.yaml
- 168-test-stable-ansible.yaml
- 65_kubectl.yml
modules:
- description: Manage Helm plugins
name: helm_plugin
namespace: ''
- description: Gather information about Helm plugins
name: helm_plugin_info
namespace: ''
release_date: '2020-07-28'

30
changelogs/config.yaml Normal file
View File

@@ -0,0 +1,30 @@
---
changelog_filename_template: ../CHANGELOG.rst
changelog_filename_version_depth: 0
changes_file: changelog.yaml
changes_format: combined
keep_fragments: true
mention_ancestor: true
new_plugins_after_name: removed_features
notesdir: fragments
prelude_section_name: release_summary
prelude_section_title: Release Summary
sections:
- - major_changes
- Major Changes
- - minor_changes
- Minor Changes
- - breaking_changes
- Breaking Changes / Porting Guide
- - deprecated_features
- Deprecated Features
- - removed_features
- Removed Features (previously deprecated)
- - security_fixes
- Security Fixes
- - bugfixes
- Bugfixes
- - known_issues
- Known Issues
title: Kubernetes Collection
trivial_section_name: trivial

3
changelogs/fragments/100-k8s_scale-fix-wait.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- k8s_scale - Fix scale wait and add tests (https://github.com/ansible-collections/community.kubernetes/pull/100).

3
changelogs/fragments/102-dont-require-codecov-check-prs.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Don't require project coverage check on PRs (https://github.com/ansible-collections/community.kubernetes/pull/102).

3
changelogs/fragments/103-fix-inventory-docs-structure.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- Fix suboption docs structure for inventory plugins (https://github.com/ansible-collections/community.kubernetes/pull/103).

3
changelogs/fragments/105-improved-k8s-diffs.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Use improved kubernetes diffs where possible (https://github.com/ansible-collections/community.kubernetes/pull/105).

2
changelogs/fragments/106-helm_replace.yml Normal file
View File

@@ -0,0 +1,2 @@
bugfixes:
- helm - add replace parameter (https://github.com/ansible-collections/community.kubernetes/issues/106).

3
changelogs/fragments/107-action-groups-module_defaults.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Add action groups for playbooks with module_defaults (https://github.com/ansible-collections/community.kubernetes/pull/107).

3
changelogs/fragments/110-helm-minor-refactor.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- helm - minor code refactoring (https://github.com/ansible-collections/community.kubernetes/pull/110).

3
changelogs/fragments/114-minor-docs-fixes.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Minor documentation fixes and use of FQCN in some examples (https://github.com/ansible-collections/community.kubernetes/pull/114).

3
changelogs/fragments/115-helm-add-atomic.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- helm - add 'atomic' option (https://github.com/ansible-collections/community.kubernetes/pull/115).

3
changelogs/fragments/117-helm-minor-refactor.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- helm_info and helm_repository - minor code refactor (https://github.com/ansible-collections/community.kubernetes/pull/117).

3
changelogs/fragments/118-k8s-lookup-handle-set-object.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- k8s - Handle set object retrieved from lookup plugin (https://github.com/ansible-collections/community.kubernetes/pull/118).

3
changelogs/fragments/119-handle-kubeconfig-error.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- Handle invalid kubeconfig parsing error (https://github.com/ansible-collections/community.kubernetes/pull/119).

2
changelogs/fragments/122_k8s_exec_rc.yml Normal file
View File

@@ -0,0 +1,2 @@
minor_changes:
- k8s_exec - return RC for the command executed (https://github.com/ansible-collections/community.kubernetes/issues/122).

3
changelogs/fragments/123-flake8.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Check Python code using flake8 (https://github.com/ansible-collections/community.kubernetes/pull/123).

3
changelogs/fragments/126-requires_ansible-version-constraints.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Add requires_ansible version constraints to runtime.yml (https://github.com/ansible-collections/community.kubernetes/pull/126).

3
changelogs/fragments/127-remove-action_groups_redirection.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Remove action_groups_redirection entry from meta/runtime.yml (https://github.com/ansible-collections/community.kubernetes/pull/127).

3
changelogs/fragments/13-fix-elements-argspec.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- k8s - Fix argspec for 'elements' (https://github.com/ansible-collections/community.kubernetes/issues/13).

3
changelogs/fragments/130-add-sanity-ignore-211.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Add sanity test ignore file for Ansible 2.11 (https://github.com/ansible-collections/community.kubernetes/pull/130).

3
changelogs/fragments/131-changelog-fragments.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
major_changes:
- Add changelog and fragments and document changelog process (https://github.com/ansible-collections/community.kubernetes/pull/131).

3
changelogs/fragments/139-fix-manifest-ends-with-separator.yml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- raw - handle condition when definition is none (https://github.com/ansible-collections/community.kubernetes/pull/139).

3
changelogs/fragments/14-k8s_exec-new-module.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
major_changes:
- k8s_exec - New module for executing commands on pods via Kubernetes API (https://github.com/ansible-collections/community.kubernetes/pull/14).

4
changelogs/fragments/140-kubeconfig-env.yaml Normal file
View File

@@ -0,0 +1,4 @@
---
minor_changes:
- helm - add support for K8S_AUTH_KUBECONFIG and K8S_AUTH_CONTEXT environment variable (https://github.com/ansible-collections/community.kubernetes/issues/140).
- helm_info - add support for K8S_AUTH_KUBECONFIG and K8S_AUTH_CONTEXT environment variable (https://github.com/ansible-collections/community.kubernetes/issues/140).

3
changelogs/fragments/141-helm-add-k8s-env-vars.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- helm - Add support for K8S_AUTH_CONTEXT, K8S_AUTH_KUBECONFIG env (https://github.com/ansible-collections/community.kubernetes/pull/141).

3
changelogs/fragments/146-fqcn-in-docs.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Use FQCN in module docs and plugin examples (https://github.com/ansible-collections/community.kubernetes/pull/146).

3
changelogs/fragments/148-update-base-branch-main.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Update base branch to 'main' (https://github.com/ansible-collections/community.kubernetes/issues/148).

4
changelogs/fragments/152-helm-context-aliases.yml Normal file
View File

@@ -0,0 +1,4 @@
---
minor_changes:
- helm - add aliases context for kube_context (https://github.com/ansible-collections/community.kubernetes/pull/152).
- helm_info - add aliases context for kube_context (https://github.com/ansible-collections/community.kubernetes/pull/152).

3
changelogs/fragments/153-update-openshift-requirements.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- Update openshift requirements in k8s module doc (https://github.com/ansible-collections/community.kubernetes/pull/153).

4
changelogs/fragments/154-helm_plugin-helm_plugin_info-new-modules.yaml Normal file
View File

@@ -0,0 +1,4 @@
---
major_changes:
- helm_plugin - new module to manage Helm plugins (https://github.com/ansible-collections/community.kubernetes/pull/154).
- helm_plugin_info - new modules to gather information about Helm plugins (https://github.com/ansible-collections/community.kubernetes/pull/154).

3
changelogs/fragments/155-ensure-check-mode-waits.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Ensure check mode results are as expected (https://github.com/ansible-collections/community.kubernetes/pull/155).

3
changelogs/fragments/156-k8s_info-vars-example.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- k8s_info - Update example using vars (https://github.com/ansible-collections/community.kubernetes/pull/156).

3
changelogs/fragments/157-helm-create-namespace.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- helm - Allow creating namespaces with Helm (https://github.com/ansible-collections/community.kubernetes/pull/157).

3
changelogs/fragments/158-k8s_exec-return-rc.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
major_changes:
- k8s_exec - Return rc for the command executed (https://github.com/ansible-collections/community.kubernetes/pull/158).

3
changelogs/fragments/159-kubectl-redact-token-and-password.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
security_fixes:
- kubectl - redacted token and password from console log (https://github.com/ansible-collections/community.kubernetes/pull/159).

3
changelogs/fragments/16-k8s_log-new-module.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
major_changes:
- k8s_log - New module for retrieving pod logs (https://github.com/ansible-collections/community.kubernetes/pull/16).

3
changelogs/fragments/168-test-stable-ansible.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- Test against stable ansible branch so molecule tests work (https://github.com/ansible-collections/community.kubernetes/pull/168).

2
changelogs/fragments/200_kubectl_fix.yml Normal file
View File

@@ -0,0 +1,2 @@
minor_changes:
- kubectl plugin - correct console log (https://github.com/ansible-collections/community.kubernetes/issues/200).

2
changelogs/fragments/202_k8s_info.yml Normal file
View File

@@ -0,0 +1,2 @@
minor_changes:
- k8s_info - update custom resource example (https://github.com/ansible-collections/community.kubernetes/issues/202).

3
changelogs/fragments/33-k8s_service-fix-argspec.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- k8s_service - Fix argspec (https://github.com/ansible-collections/community.kubernetes/issues/33).

3
changelogs/fragments/35-wait-conditions.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Improve k8s Deployment and Daemonset wait conditions (https://github.com/ansible-collections/community.kubernetes/pull/35).

12
changelogs/fragments/4-k8s-prepare-collection-for-release.yaml Normal file
View File

@@ -0,0 +1,12 @@
---
major_changes:
- k8s - Inventory source migrated from Ansible 2.9 to Kubernetes collection.
- k8s - Module migrated from Ansible 2.9 to Kubernetes collection.
- k8s - Lookup plugin migrated from Ansible 2.9 to Kubernetes collection.
- k8s_auth - Module migrated from Ansible 2.9 to Kubernetes collection.
- k8s_info - Module migrated from Ansible 2.9 to Kubernetes collection.
- k8s_scale - Module migrated from Ansible 2.9 to Kubernetes collection.
- k8s_service - Module migrated from Ansible 2.9 to Kubernetes collection.
- k8s_config_resource_name - Filter plugin migrated from Ansible 2.9 to Kubernetes collection.
- kubectl - Connection plugin migrated from Ansible 2.9 to Kubernetes collection.
- openshift - Inventory source migrated from Ansible 2.9 to Kubernetes collection.

3
changelogs/fragments/49-k8s-add-persist_config-option.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- k8s - Added ``persist_config`` option for persisting refreshed tokens (https://github.com/ansible-collections/community.kubernetes/issues/49).

3
changelogs/fragments/51-kubectl-security-disclosure.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
security_fixes:
- kubectl - Warn about information disclosure when using options like ``kubectl_password``, ``kubectl_extra_args``, and ``kubectl_token`` to pass data through to the command line using the ``kubectl`` connection plugin (https://github.com/ansible-collections/community.kubernetes/pull/51).

3
changelogs/fragments/52-kubectl-connection-docsfix.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- kubectl - Fix documentation in kubectl connection plugin (https://github.com/ansible-collections/community.kubernetes/pull/52).

3
changelogs/fragments/54-k8s-add-exception-handling.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- k8s - Add exception handling when retrieving k8s client (https://github.com/ansible-collections/community.kubernetes/pull/54).

3
changelogs/fragments/56-k8s-from_yaml-docs-examples.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- k8s - Use ``from_yaml`` filter with lookup examples in ``k8s`` module documentation examples (https://github.com/ansible-collections/community.kubernetes/pull/56).

5
changelogs/fragments/61-helm-new-modules.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
major_changes:
- helm - New module for managing Helm charts (https://github.com/ansible-collections/community.kubernetes/pull/61).
- helm_info - New module for retrieving Helm chart information (https://github.com/ansible-collections/community.kubernetes/pull/61).
- helm_repository - New module for managing Helm repositories (https://github.com/ansible-collections/community.kubernetes/pull/61).

2
changelogs/fragments/65_kubectl.yml Normal file
View File

@@ -0,0 +1,2 @@
security_fixes:
- kubectl - connection plugin now redact kubectl_token and kubectl_password in console log (https://github.com/ansible-collections/community.kubernetes/issues/65).

3
changelogs/fragments/69-k8s_log-dont-parse-as-json.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- k8s_log - Module no longer attempts to parse log as JSON (https://github.com/ansible-collections/community.kubernetes/pull/69).

3
changelogs/fragments/78-github-actions-workflow.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- Update GitHub Actions workflow for better CI stability (https://github.com/ansible-collections/community.kubernetes/pull/78).

3
changelogs/fragments/81-rename-repository.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Rename repository to ``community.kubernetes`` (https://github.com/ansible-collections/community.kubernetes/pull/81).

3
changelogs/fragments/84-check_mode-service-change.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- Make sure Service changes run correctly in check_mode (https://github.com/ansible-collections/community.kubernetes/pull/84).

3
changelogs/fragments/85-exclude-unnecessary-files-when-building.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- Make sure extra files are not included in built collection (https://github.com/ansible-collections/community.kubernetes/pull/85).

3
changelogs/fragments/94-openshift-apply-test.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Add test for openshift apply bug (https://github.com/ansible-collections/community.kubernetes/pull/94).

3
changelogs/fragments/95-remove-ANSIBLE_METADATA.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Remove deprecated ANSIBLE_METADATA field (https://github.com/ansible-collections/community.kubernetes/pull/95).

3
changelogs/fragments/97-remove-k8s_facts-deprecation.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
bugfixes:
- k8s_info - remove unneccessary k8s_facts deprecation notice (https://github.com/ansible-collections/community.kubernetes/pull/97).

3
changelogs/fragments/98-add-version_added.yaml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Add version_added to each new collection module (https://github.com/ansible-collections/community.kubernetes/pull/98).

3
codecov.yml
View File

@@ -3,3 +3,6 @@ coverage:
precision: 2
round: down
range: "70...100"
status:
project:
default: false

2
galaxy.yml
View File

@@ -26,7 +26,7 @@ tags:
- openshift
- okd
- cluster
version: 0.11.0
version: 1.0.0
build_ignore:
- .DS_Store
- '*.tar.gz'

43
meta/runtime.yml Normal file
View File

@@ -0,0 +1,43 @@
---
requires_ansible: '>=2.9'
action_groups:
helm:
- helm
- helm_info
- helm_repository
k8s:
- k8s
- k8s_auth
- k8s_exec
- k8s_facts
- k8s_info
- k8s_log
- k8s_scale
- k8s_service
plugin_routing:
modules:
# k8s_facts was originally slated for removal in Ansible 2.13.
k8s_facts:
redirect: community.kubernetes.k8s_info
deprecation:
removal_version: 2.0.0
warning_text: Use community.kubernetes.k8s_info instead.
k8s_raw:
tombstone:
removal_version: 0.1.0
warning_text: The k8s_raw module was slated for deprecation in Ansible 2.10 and has been removed. Use community.kubernetes.k8s instead.
openshift_raw:
tombstone:
removal_version: 0.1.0
warning_text: The openshift_raw module was slated for deprecation in Ansible 2.10 and has been removed. Use community.kubernetes.k8s instead.
openshift_scale:
tombstone:
removal_version: 0.1.0
warning_text: The openshift_scale module was slated for deprecation in Ansible 2.10 and has been removed. Use community.kubernetes.k8s_scale instead.
lookup:
openshift:
tombstone:
removal_version: 0.1.0
warning_text: The openshift lookup plugin was slated for deprecation in Ansible 2.10 and has been removed. Use community.kubernetes.k8s instead.

85
molecule/default/converge.yml
View File

@@ -21,6 +21,7 @@
that: (pod_list.resources | count) > 5
- include_tasks: tasks/delete.yml
- include_tasks: tasks/scale.yml
- include_tasks: tasks/apply.yml
- include_tasks: tasks/waiter.yml
- include_tasks: tasks/full.yml
@@ -29,3 +30,87 @@
roles:
- helm
post_tasks:
- name: Ensure namespace exists
k8s:
api_version: v1
kind: Namespace
name: inventory
- name: Add a deployment
k8s:
definition:
apiVersion: apps/v1
kind: Deployment
metadata:
name: inventory
namespace: inventory
spec:
replicas: 1
selector:
matchLabels:
app: "{{ k8s_pod_name }}"
template: "{{ k8s_pod_template }}"
wait: yes
wait_timeout: 120
vars:
k8s_pod_name: inventory
k8s_pod_image: python
k8s_pod_command:
- python
- '-m'
- http.server
k8s_pod_env:
- name: TEST
value: test
- meta: refresh_inventory
- name: Verify inventory and connection plugins
hosts: namespace_inventory_pods
gather_facts: no
vars:
file_content: |
Hello world
tasks:
- name: End play if host not running (TODO should we not add these to the inventory?)
meta: end_host
when: pod_phase != "Running"
- debug: var=hostvars
- setup:
- debug: var=ansible_facts
- name: Assert the TEST environment variable was retrieved
assert:
that: ansible_facts.env.TEST == 'test'
- name: Copy a file into the host
copy:
content: '{{ file_content }}'
dest: /tmp/test_file
- name: Retrieve the file from the host
slurp:
src: /tmp/test_file
register: slurped_file
- name: Assert the file content matches expectations
assert:
that: (slurped_file.content|b64decode) == file_content
- name: Delete inventory namespace
hosts: localhost
connection: local
gather_facts: no
tasks:
- name: Remove inventory namespace
k8s:
api_version: v1
kind: Namespace
name: inventory
state: absent

8
molecule/default/molecule.yml
View File

@@ -9,18 +9,26 @@ driver:
lint: |
set -e
yamllint .
flake8
platforms:
- name: instance-kind
provisioner:
name: ansible
log: true
config_options:
inventory:
enable_plugins: community.kubernetes.k8s
lint: {}
inventory:
hosts:
plugin: community.kubernetes.k8s
host_vars:
localhost:
ansible_python_interpreter: '{{ ansible_playbook_python }}'
env:
ANSIBLE_FORCE_COLOR: 'true'
options:
vvv: True
scenario:
name: default
test_sequence:

2
molecule/default/roles/helm/tasks/main.yml
View File

@@ -4,4 +4,4 @@
loop_control:
loop_var: helm_version
with_items:
- "v3.1.2"
- "v3.2.4"

3
molecule/default/roles/helm/tasks/run_test.yml
View File

@@ -24,6 +24,9 @@
- from_repository
- from_url
- name: Test helm plugin
include_tasks: tests_helm_plugin.yml
- name: Clean helm install
file:
path: "{{ item }}"

81
molecule/default/roles/helm/tasks/tests_chart.yml
View File

@@ -1,11 +1,4 @@
---
- name: Create helm namespace
k8s:
api_version: v1
kind: Namespace
name: "{{ helm_namespace }}"
wait: true
- name: Check helm_info empty
helm_info:
binary_path: "{{ helm_binary }}"
@@ -18,6 +11,22 @@
that:
- empty_info.status is undefined
- name: "Install fail {{ chart_test }} from {{ source }}"
helm:
binary_path: "{{ helm_binary }}"
name: test
chart_ref: "{{ chart_source }}"
chart_version: "{{ chart_source_version | default(omit) }}"
namespace: "{{ helm_namespace }}"
ignore_errors: yes
register: install_fail
- name: "Assert that Install fail {{ chart_test }} from {{ source }}"
assert:
that:
- install_fail is failed
- "'Error: create: failed to create: namespaces \"' + helm_namespace + '\" not found' in install_fail.stderr"
- name: "Install {{ chart_test }} from {{ source }}"
helm:
binary_path: "{{ helm_binary }}"
@@ -25,6 +34,7 @@
chart_ref: "{{ chart_source }}"
chart_version: "{{ chart_source_version | default(omit) }}"
namespace: "{{ helm_namespace }}"
create_namespace: true
register: install
- name: "Assert that {{ chart_test }} chart is installed from {{ source }}"
@@ -191,6 +201,63 @@
that:
- install is not changed
# Test --replace
- name: Install chart for replace option
helm:
binary_path: "{{ helm_binary }}"
name: test-0001
chart_ref: "{{ chart_source }}"
chart_version: "{{ chart_source_version | default(omit) }}"
namespace: "{{ helm_namespace }}"
register: install
- name: "Assert that {{ chart_test }} chart is installed from {{ source }}"
assert:
that:
- install is changed
- name: Remove {{ chart_test }} with --purge
helm:
binary_path: "{{ helm_binary }}"
state: absent
name: test-0001
purge: False
namespace: "{{ helm_namespace }}"
register: install
- name: Check if chart is removed
assert:
that:
- install is changed
- name: Install chart again with same name test-0001
helm:
binary_path: "{{ helm_binary }}"
name: test-0001
chart_ref: "{{ chart_source }}"
chart_version: "{{ chart_source_version | default(omit) }}"
namespace: "{{ helm_namespace }}"
replace: True
register: install
- name: "Assert that {{ chart_test }} chart is installed from {{ source }}"
assert:
that:
- install is changed
- name: Remove {{ chart_test }} (cleanup)
helm:
binary_path: "{{ helm_binary }}"
state: absent
name: test-0001
namespace: "{{ helm_namespace }}"
register: install
- name: Check if chart is removed
assert:
that:
- install is changed
- name: Remove helm namespace
k8s:
api_version: v1

84
molecule/default/roles/helm/tasks/tests_helm_plugin.yml Normal file
View File

@@ -0,0 +1,84 @@
---
- name: Install env plugin in check mode
helm_plugin:
binary_path: "{{ helm_binary }}"
namespace: "{{ helm_namespace }}"
state: present
plugin_path: https://github.com/adamreese/helm-env
register: check_install_env
check_mode: true
- assert:
that:
- check_install_env.changed
- name: Install env plugin
helm_plugin:
binary_path: "{{ helm_binary }}"
namespace: "{{ helm_namespace }}"
state: present
plugin_path: https://github.com/adamreese/helm-env
register: install_env
- assert:
that:
- install_env.changed
- name: Gather info about all plugin
helm_plugin_info:
binary_path: "{{ helm_binary }}"
namespace: "{{ helm_namespace }}"
register: plugin_info
- assert:
that:
- plugin_info.plugin_list is defined
- name: Install env plugin again
helm_plugin:
binary_path: "{{ helm_binary }}"
namespace: "{{ helm_namespace }}"
state: present
plugin_path: https://github.com/adamreese/helm-env
register: install_env
- assert:
that:
- not install_env.changed
- name: Uninstall env plugin in check mode
helm_plugin:
binary_path: "{{ helm_binary }}"
namespace: "{{ helm_namespace }}"
state: absent
plugin_name: env
register: check_uninstall_env
check_mode: true
- assert:
that:
- check_uninstall_env.changed
- name: Uninstall env plugin
helm_plugin:
binary_path: "{{ helm_binary }}"
namespace: "{{ helm_namespace }}"
state: absent
plugin_name: env
register: uninstall_env
- assert:
that:
- uninstall_env.changed
- name: Uninstall env plugin again
helm_plugin:
binary_path: "{{ helm_binary }}"
namespace: "{{ helm_namespace }}"
state: absent
plugin_name: env
register: uninstall_env
- assert:
that:
- not uninstall_env.changed

590
molecule/default/tasks/apply.yml
View File

@@ -154,6 +154,30 @@
that:
- k8s_service_2 is not changed
- name: Add exactly same service in check mode
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: apply-svc
namespace: "{{ apply_namespace }}"
spec:
selector:
app: whatever
ports:
- name: http
port: 8080
targetPort: 8080
apply: yes
register: k8s_service_3
check_mode: yes
- name: Check nothing changed
assert:
that:
- k8s_service_3 is not changed
- name: Change service ports
k8s:
definition:
@@ -170,14 +194,572 @@
port: 8081
targetPort: 8081
apply: yes
register: k8s_service_3
register: k8s_service_4
- name: Check ports are correct
assert:
that:
- k8s_service_3 is changed
- k8s_service_3.result.spec.ports | length == 1
- k8s_service_3.result.spec.ports[0].port == 8081
- k8s_service_4 is changed
- k8s_service_4.result.spec.ports | length == 1
- k8s_service_4.result.spec.ports[0].port == 8081
- name: Insert new service port
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: apply-svc
namespace: "{{ apply_namespace }}"
spec:
selector:
app: whatever
ports:
- name: mesh
port: 8080
targetPort: 8080
- name: http
port: 8081
targetPort: 8081
apply: yes
register: k8s_service_4
- name: Check ports are correct
assert:
that:
- k8s_service_4 is changed
- k8s_service_4.result.spec.ports | length == 2
- k8s_service_4.result.spec.ports[0].port == 8080
- k8s_service_4.result.spec.ports[1].port == 8081
- name: Remove new service port (check mode)
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: apply-svc
namespace: "{{ apply_namespace }}"
spec:
selector:
app: whatever
ports:
- name: http
port: 8081
targetPort: 8081
apply: yes
check_mode: yes
register: k8s_service_check
- name: Check ports are correct
assert:
that:
- k8s_service_check is changed
- k8s_service_check.result.spec.ports | length == 1
- k8s_service_check.result.spec.ports[0].port == 8081
- name: Remove new service port
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: apply-svc
namespace: "{{ apply_namespace }}"
spec:
selector:
app: whatever
ports:
- name: http
port: 8081
targetPort: 8081
apply: yes
register: k8s_service_5
- name: Check ports are correct
assert:
that:
- k8s_service_5 is changed
- k8s_service_5.result.spec.ports | length == 1
- k8s_service_5.result.spec.ports[0].port == 8081
- name: Add a serviceaccount
k8s:
definition:
apiVersion: v1
kind: ServiceAccount
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
- name: Add a deployment
k8s:
definition:
apiVersion: apps/v1
kind: Deployment
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
spec:
replicas: 1
selector:
matchLabels:
app: "{{ k8s_pod_name }}"
template: "{{ k8s_pod_template }}"
wait: yes
apply: yes
vars:
k8s_pod_name: apply-deploy
k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:v0.10.0-green
k8s_pod_service_account: apply-deploy
k8s_pod_ports:
- containerPort: 8080
name: http
protocol: TCP
k8s_pod_resources:
requests:
cpu: 100m
memory: 100Mi
limits:
cpu: 100m
memory: 100Mi
- name: Update the earlier deployment in check mode
k8s:
definition:
apiVersion: apps/v1
kind: Deployment
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
spec:
replicas: 1
selector:
matchLabels:
app: "{{ k8s_pod_name }}"
template: "{{ k8s_pod_template }}"
wait: yes
apply: yes
check_mode: yes
vars:
k8s_pod_name: apply-deploy
k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:v0.10.0-purple
k8s_pod_service_account: apply-deploy
k8s_pod_ports:
- containerPort: 8080
name: http
protocol: TCP
k8s_pod_resources:
requests:
cpu: 50m
limits:
cpu: 50m
memory: 50Mi
register: update_deploy_check_mode
- name: Ensure check mode change took
assert:
that:
- update_deploy_check_mode is changed
- "update_deploy_check_mode.result.spec.template.spec.containers[0].image == 'gcr.io/kuar-demo/kuard-amd64:v0.10.0-purple'"
- name: Update the earlier deployment
k8s:
definition:
apiVersion: apps/v1
kind: Deployment
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
spec:
replicas: 1
selector:
matchLabels:
app: "{{ k8s_pod_name }}"
template: "{{ k8s_pod_template }}"
wait: yes
apply: yes
vars:
k8s_pod_name: apply-deploy
k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:v0.10.0-purple
k8s_pod_service_account: apply-deploy
k8s_pod_ports:
- containerPort: 8080
name: http
protocol: TCP
k8s_pod_resources:
requests:
cpu: 50m
limits:
cpu: 50m
memory: 50Mi
register: update_deploy_for_real
- name: Ensure change took
assert:
that:
- update_deploy_for_real is changed
- "update_deploy_for_real.result.spec.template.spec.containers[0].image == 'gcr.io/kuar-demo/kuard-amd64:v0.10.0-purple'"
- name: Remove the serviceaccount
k8s:
state: absent
definition:
apiVersion: v1
kind: ServiceAccount
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
- name: Apply deployment after service account removed
k8s:
definition:
apiVersion: apps/v1
kind: Deployment
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
spec:
replicas: 1
selector:
matchLabels:
app: "{{ k8s_pod_name }}"
template: "{{ k8s_pod_template }}"
wait: yes
apply: yes
vars:
k8s_pod_name: apply-deploy
k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:v0.10.0-green
k8s_pod_service_account: apply-deploy
k8s_pod_ports:
- containerPort: 8080
name: http
protocol: TCP
k8s_pod_resources:
requests:
cpu: 50m
limits:
cpu: 50m
memory: 50Mi
register: deploy_after_serviceaccount_removal
ignore_errors: yes
- name: Ensure that updating deployment after service account removal failed
assert:
that:
- deploy_after_serviceaccount_removal is failed
- name: Insert new service port
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: apply-svc
namespace: "{{ apply_namespace }}"
spec:
selector:
app: whatever
ports:
- name: mesh
port: 8080
targetPort: 8080
- name: http
port: 8081
targetPort: 8081
apply: yes
register: k8s_service_4
- name: Check ports are correct
assert:
that:
- k8s_service_4 is changed
- k8s_service_4.result.spec.ports | length == 2
- k8s_service_4.result.spec.ports[0].port == 8080
- k8s_service_4.result.spec.ports[1].port == 8081
- name: Remove new service port (check mode)
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: apply-svc
namespace: "{{ apply_namespace }}"
spec:
selector:
app: whatever
ports:
- name: http
port: 8081
targetPort: 8081
apply: yes
check_mode: yes
register: k8s_service_check
- name: Check ports are correct
assert:
that:
- k8s_service_check is changed
- k8s_service_check.result.spec.ports | length == 1
- k8s_service_check.result.spec.ports[0].port == 8081
- name: Remove new service port
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: apply-svc
namespace: "{{ apply_namespace }}"
spec:
selector:
app: whatever
ports:
- name: http
port: 8081
targetPort: 8081
apply: yes
register: k8s_service_5
- name: Check ports are correct
assert:
that:
- k8s_service_5 is changed
- k8s_service_5.result.spec.ports | length == 1
- k8s_service_5.result.spec.ports[0].port == 8081
- name: Add a serviceaccount
k8s:
definition:
apiVersion: v1
kind: ServiceAccount
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
- name: Add a deployment
k8s:
definition:
apiVersion: apps/v1
kind: Deployment
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
spec:
replicas: 1
selector:
matchLabels:
app: "{{ k8s_pod_name }}"
template: "{{ k8s_pod_template }}"
wait: yes
apply: yes
vars:
k8s_pod_name: apply-deploy
k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:v0.10.0-green
k8s_pod_service_account: apply-deploy
k8s_pod_ports:
- containerPort: 8080
name: http
protocol: TCP
- name: Remove the serviceaccount
k8s:
state: absent
definition:
apiVersion: v1
kind: ServiceAccount
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
- name: Update the earlier deployment
k8s:
definition:
apiVersion: apps/v1
kind: Deployment
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
spec:
replicas: 2
selector:
matchLabels:
app: "{{ k8s_pod_name }}"
template: "{{ k8s_pod_template }}"
wait: yes
apply: yes
vars:
k8s_pod_name: apply-deploy
k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:v0.10.0-purple
k8s_pod_service_account: apply-deploy
k8s_pod_ports:
- containerPort: 8080
name: http
protocol: TCP
register: deploy_after_serviceaccount_removal
ignore_errors: yes
- name: Ensure that updating deployment after service account removal failed
assert:
that:
- deploy_after_serviceaccount_removal is failed
- name: Insert new service port
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: apply-svc
namespace: "{{ apply_namespace }}"
spec:
selector:
app: whatever
ports:
- name: mesh
port: 8080
targetPort: 8080
- name: http
port: 8081
targetPort: 8081
apply: yes
register: k8s_service_4
- name: Check ports are correct
assert:
that:
- k8s_service_4 is changed
- k8s_service_4.result.spec.ports | length == 2
- k8s_service_4.result.spec.ports[0].port == 8080
- k8s_service_4.result.spec.ports[1].port == 8081
- name: Remove new service port (check mode)
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: apply-svc
namespace: "{{ apply_namespace }}"
spec:
selector:
app: whatever
ports:
- name: http
port: 8081
targetPort: 8081
apply: yes
check_mode: yes
register: k8s_service_check
- name: Check ports are correct
assert:
that:
- k8s_service_check is changed
- k8s_service_check.result.spec.ports | length == 1
- k8s_service_check.result.spec.ports[0].port == 8081
- name: Remove new service port
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: apply-svc
namespace: "{{ apply_namespace }}"
spec:
selector:
app: whatever
ports:
- name: http
port: 8081
targetPort: 8081
apply: yes
register: k8s_service_5
- name: Check ports are correct
assert:
that:
- k8s_service_5 is changed
- k8s_service_5.result.spec.ports | length == 1
- k8s_service_5.result.spec.ports[0].port == 8081
- name: Add a serviceaccount
k8s:
definition:
apiVersion: v1
kind: ServiceAccount
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
- name: Add a deployment
k8s:
definition:
apiVersion: apps/v1
kind: Deployment
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
spec:
replicas: 1
selector:
matchLabels:
app: "{{ k8s_pod_name }}"
template: "{{ k8s_pod_template }}"
wait: yes
apply: yes
vars:
k8s_pod_name: apply-deploy
k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:v0.10.0-green
k8s_pod_service_account: apply-deploy
k8s_pod_ports:
- containerPort: 8080
name: http
protocol: TCP
- name: Remove the serviceaccount
k8s:
state: absent
definition:
apiVersion: v1
kind: ServiceAccount
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
- name: Update the earlier deployment
k8s:
definition:
apiVersion: apps/v1
kind: Deployment
metadata:
name: apply-deploy
namespace: "{{ apply_namespace }}"
spec:
replicas: 2
selector:
matchLabels:
app: "{{ k8s_pod_name }}"
template: "{{ k8s_pod_template }}"
wait: yes
apply: yes
vars:
k8s_pod_name: apply-deploy
k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:v0.10.0-purple
k8s_pod_service_account: apply-deploy
k8s_pod_ports:
- containerPort: 8080
name: http
protocol: TCP
register: deploy_after_serviceaccount_removal
ignore_errors: yes
- name: Ensure that updating deployment after service account removal failed
assert:
that:
- deploy_after_serviceaccount_removal is failed
always:
- name: Remove namespace

13
molecule/default/tasks/exec.yml
View File

@@ -43,6 +43,19 @@
that:
- "'nameserver' in output.stdout"
- name: Check if rc is returned for the given command
k8s_exec:
namespace: "{{ exec_namespace }}"
pod: "{{ pod }}"
command: 'false'
register: command_status
ignore_errors: True
- name: Check last command status
assert:
that:
- command_status.return_code != 0
always:
- name: "Cleanup namespace"
k8s:

7
molecule/default/tasks/full.yml
View File

@@ -185,6 +185,13 @@
metadata:
name: testing1
### https://github.com/ansible-collections/community.kubernetes/issues/111
- set_fact:
api_groups: "{{ lookup('k8s', cluster_info='api_groups') }}"
- debug:
var: api_groups
- name: Namespace should exist
k8s_info:
kind: Namespace

210
molecule/default/tasks/scale.yml Normal file
View File

@@ -0,0 +1,210 @@
---
- block:
- set_fact:
scale_namespace: scale
- name: Ensure namespace exists
k8s:
definition:
apiVersion: v1
kind: Namespace
metadata:
name: "{{ scale_namespace }}"
- name: Add a deployment
k8s:
definition:
apiVersion: apps/v1
kind: Deployment
metadata:
name: scale-deploy
namespace: "{{ scale_namespace }}"
spec:
replicas: 1
selector:
matchLabels:
app: "{{ k8s_pod_name }}"
template: "{{ k8s_pod_template }}"
wait: yes
wait_timeout: 60
apply: yes
vars:
k8s_pod_name: scale-deploy
k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:v0.10.0-green
k8s_pod_ports:
- containerPort: 8080
name: http
protocol: TCP
- name: Get pods in scale-deploy
k8s_info:
kind: Pod
label_selectors:
- app=scale-deploy
namespace: "{{ scale_namespace }}"
field_selectors:
- status.phase=Running
- name: Scale the deployment
k8s_scale:
api_version: apps/v1
kind: Deployment
name: scale-deploy
namespace: "{{ scale_namespace }}"
replicas: 0
wait: yes
register: scale_down
- name: Get pods in scale-deploy
k8s_info:
kind: Pod
label_selectors:
- app=scale-deploy
namespace: "{{ scale_namespace }}"
field_selectors:
- status.phase=Running
register: scale_down_deploy_pods
until: "{{ scale_down_deploy_pods.resources | length == 0 }}"
retries: 6
delay: 5
- name: Ensure that scale down took effect
assert:
that:
- scale_down is changed
- '"duration" in scale_down'
- scale_down.diff
- name: Reapply the earlier deployment
k8s:
definition:
api_version: apps/v1
kind: Deployment
metadata:
name: scale-deploy
namespace: "{{ scale_namespace }}"
spec:
replicas: 1
selector:
matchLabels:
app: "{{ k8s_pod_name }}"
template: "{{ k8s_pod_template }}"
wait: yes
wait_timeout: 60
apply: yes
vars:
k8s_pod_name: scale-deploy
k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:v0.10.0-green
k8s_pod_ports:
- containerPort: 8080
name: http
protocol: TCP
register: reapply_after_scale
- name: Get pods in scale-deploy
k8s_info:
kind: Pod
label_selectors:
- app=scale-deploy
namespace: "{{ scale_namespace }}"
field_selectors:
- status.phase=Running
register: scale_up_deploy_pods
- name: Ensure that reapply after scale worked
assert:
that:
- reapply_after_scale is changed
- scale_up_deploy_pods.resources | length == 1
- name: Scale the deployment up
k8s_scale:
api_version: apps/v1
kind: Deployment
name: scale-deploy
namespace: "{{ scale_namespace }}"
replicas: 2
wait: yes
wait_timeout: 60
register: scale_up
- name: Get pods in scale-deploy
k8s_info:
kind: Pod
label_selectors:
- app=scale-deploy
field_selectors:
- status.phase=Running
namespace: "{{ scale_namespace }}"
register: scale_up_further_deploy_pods
- name: Ensure that scale up worked
assert:
that:
- scale_up is changed
- '"duration" in scale_up'
- scale_up.diff
- scale_up_further_deploy_pods.resources | length == 2
- name: Don't scale the deployment up
k8s_scale:
api_version: apps/v1
kind: Deployment
name: scale-deploy
namespace: "{{ scale_namespace }}"
replicas: 2
wait: yes
register: scale_up_noop
- name: Get pods in scale-deploy
k8s_info:
kind: Pod
label_selectors:
- app=scale-deploy
field_selectors:
- status.phase=Running
namespace: "{{ scale_namespace }}"
register: scale_up_noop_pods
- name: Ensure that no-op scale up worked
assert:
that:
- scale_up_noop is not changed
- not scale_up_noop.diff
- scale_up_noop_pods.resources | length == 2
- '"duration" in scale_up_noop'
- name: Scale deployment down without wait
k8s_scale:
api_version: apps/v1
kind: Deployment
name: scale-deploy
namespace: "{{ scale_namespace }}"
replicas: 1
wait: no
register: scale_down_no_wait
- name: Ensure that scale down succeeds
k8s_info:
kind: Pod
label_selectors:
- app=scale-deploy
namespace: "{{ scale_namespace }}"
register: scale_down_no_wait_pods
retries: 6
delay: 5
until: "{{ scale_down_no_wait_pods.resources | length == 1 }}"
- name: Ensure that scale down without wait worked
assert:
that:
- scale_down_no_wait is changed
- scale_down_no_wait.diff
- scale_down_no_wait_pods.resources | length == 1
always:
- name: Remove namespace
k8s:
kind: Namespace
name: "{{ scale_namespace }}"
state: absent

18
molecule/default/tasks/waiter.yml
View File

@@ -83,11 +83,13 @@
k8s_pod_name: wait-ds
k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:2
register: update_ds_check_mode
check_mode: yes
- name: Check that check_mode returned changed
- name: Check that check_mode result contains the changes
assert:
that:
- update_ds_check_mode is changed
- "update_ds_check_mode.result.spec.template.spec.containers[0].image == 'gcr.io/kuar-demo/kuard-amd64:2'"
- name: Update a daemonset
k8s:
@@ -119,6 +121,8 @@
namespace: "{{ wait_namespace }}"
label_selectors:
- app=wait-ds
field_selectors:
- status.phase=Running
register: updated_ds_pods
- name: Check that daemonset wait worked
@@ -229,6 +233,12 @@
protocol: TCP
register: update_deploy
# It looks like the Deployment is updated to have the desired state *before* the pods are terminated
# Wait a couple of seconds to allow the old pods to at least get to Terminating state
- name: Avoid race condition
pause:
seconds: 2
- name: Get updated pods
k8s_info:
api_version: v1
@@ -236,13 +246,17 @@
namespace: "{{ wait_namespace }}"
label_selectors:
- app=wait-deploy
field_selectors:
- status.phase=Running
register: updated_deploy_pods
until: "{{ updated_deploy_pods.resources[0].spec.containers[0].image.endswith(':2') }}"
retries: 6
delay: 5
- name: Check that deployment wait worked
assert:
that:
- deploy.result.status.availableReplicas == deploy.result.status.replicas
- updated_deploy_pods.resources[0].spec.containers[0].image.endswith(":2")
- name: Pause a deployment
k8s:

17
molecule/default/vars/main.yml
View File

@@ -4,6 +4,7 @@ k8s_pod_metadata:
app: "{{ k8s_pod_name }}"
k8s_pod_spec:
serviceAccount: "{{ k8s_pod_service_account }}"
containers:
- image: "{{ k8s_pod_image }}"
imagePullPolicy: Always
@@ -14,16 +15,24 @@ k8s_pod_spec:
exec:
command:
- /bin/true
resources:
limits:
cpu: "100m"
memory: "100Mi"
resources: "{{ k8s_pod_resources }}"
ports: "{{ k8s_pod_ports }}"
env: "{{ k8s_pod_env }}"
k8s_pod_service_account: default
k8s_pod_resources:
limits:
cpu: "100m"
memory: "100Mi"
k8s_pod_command: []
k8s_pod_ports: []
k8s_pod_env: []
k8s_pod_template:
metadata: "{{ k8s_pod_metadata }}"
spec: "{{ k8s_pod_spec }}"

1
plugins/action/helm.py Symbolic link
View File

@@ -0,0 +1 @@
k8s_info.py

1
plugins/action/helm_info.py Symbolic link
View File

@@ -0,0 +1 @@
k8s_info.py

1
plugins/action/helm_plugin.py Symbolic link
View File

@@ -0,0 +1 @@
k8s_info.py

1
plugins/action/helm_plugin_info.py Symbolic link
View File

@@ -0,0 +1 @@
k8s_info.py

1
plugins/action/helm_repository.py Symbolic link
View File

@@ -0,0 +1 @@
k8s_info.py

1
plugins/action/k8s.py Symbolic link
View File

@@ -0,0 +1 @@
k8s_info.py

1
plugins/action/k8s_auth.py Symbolic link
View File

@@ -0,0 +1 @@
k8s_info.py

1
plugins/action/k8s_exec.py Symbolic link
View File

@@ -0,0 +1 @@
k8s_info.py

82
plugins/action/k8s_info.py Normal file
View File

@@ -0,0 +1,82 @@
# Copyright (c) 2012-2014, Michael DeHaan <michael.dehaan@gmail.com>
# Copyright (c) 2017, Toshio Kuratomi <tkuraotmi@ansible.com>
# Copyright (c) 2020, Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
import copy
import traceback
from ansible.module_utils._text import to_text
from ansible.plugins.action import ActionBase
from ansible.errors import AnsibleError
class ActionModule(ActionBase):
TRANSFERS_FILES = True
def _ensure_invocation(self, result):
# NOTE: adding invocation arguments here needs to be kept in sync with
# any no_log specified in the argument_spec in the module.
if 'invocation' not in result:
if self._play_context.no_log:
result['invocation'] = "CENSORED: no_log is set"
else:
result['invocation'] = self._task.args.copy()
result['invocation']['module_args'] = self._task.args.copy()
return result
def run(self, tmp=None, task_vars=None):
''' handler for k8s options '''
if task_vars is None:
task_vars = dict()
result = super(ActionModule, self).run(tmp, task_vars)
del tmp # tmp no longer has any effect
new_module_args = copy.deepcopy(self._task.args)
kubeconfig = self._task.args.get('kubeconfig', None)
# find the file in the expected search path
if kubeconfig:
try:
# find in expected paths
kubeconfig = self._find_needle('files', kubeconfig)
except AnsibleError as e:
result['failed'] = True
result['msg'] = to_text(e)
result['exception'] = traceback.format_exc()
return result
if kubeconfig:
# decrypt kubeconfig found
actual_file = self._loader.get_real_file(kubeconfig, decrypt=True)
new_module_args['kubeconfig'] = actual_file
# find the file in the expected search path
src = self._task.args.get('src', None)
if src:
try:
# find in expected paths
src = self._find_needle('files', src)
except AnsibleError as e:
result['failed'] = True
result['msg'] = to_text(e)
result['exception'] = traceback.format_exc()
return result
if src:
new_module_args['src'] = src
# Execute the k8s_* module.
module_return = self._execute_module(module_name=self._task.action, module_args=new_module_args, task_vars=task_vars)
# Delete tmp path
self._remove_tmp_path(self._connection._shell.tmpdir)
result.update(module_return)
return self._ensure_invocation(result)

1
plugins/action/k8s_log.py Symbolic link
View File

@@ -0,0 +1 @@
k8s_info.py

1
plugins/action/k8s_scale.py Symbolic link
View File

@@ -0,0 +1 @@
k8s_info.py

1
plugins/action/k8s_service.py Symbolic link
View File

@@ -0,0 +1 @@
k8s_info.py

28
plugins/connection/kubectl.py
View File

@@ -20,7 +20,7 @@
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
DOCUMENTATION = """
DOCUMENTATION = r"""
author:
- xuxinkun
@@ -38,7 +38,8 @@ DOCUMENTATION = """
options:
kubectl_pod:
description:
- Pod name. Required when the host name does not match pod name.
- Pod name.
- Required when the host name does not match pod name.
default: ''
vars:
- name: ansible_kubectl_pod
@@ -46,7 +47,8 @@ DOCUMENTATION = """
- name: K8S_AUTH_POD
kubectl_container:
description:
- Container name. Required when a pod contains more than one container.
- Container name.
- Required when a pod contains more than one container.
default: ''
vars:
- name: ansible_kubectl_container
@@ -173,7 +175,6 @@ import os
import os.path
import subprocess
import ansible.constants as C
from ansible.parsing.yaml.loader import AnsibleLoader
from ansible.errors import AnsibleError, AnsibleFileNotFound
from ansible.module_utils.six.moves import shlex_quote
@@ -228,6 +229,7 @@ class Connection(ConnectionBase):
""" Build the local kubectl exec command to run cmd on remote_host
"""
local_cmd = [self.transport_cmd]
censored_local_cmd = [self.transport_cmd]
# Build command options based on doc string
doc_yaml = AnsibleLoader(self.documentation).get_single_data()
@@ -236,28 +238,36 @@ class Connection(ConnectionBase):
# Translate verify_ssl to skip_verify_ssl, and output as string
skip_verify_ssl = not self.get_option(key)
local_cmd.append(u'{0}={1}'.format(self.connection_options[key], str(skip_verify_ssl).lower()))
censored_local_cmd.append(u'{0}={1}'.format(self.connection_options[key], str(skip_verify_ssl).lower()))
elif not key.endswith('container') and self.get_option(key) and self.connection_options.get(key):
cmd_arg = self.connection_options[key]
local_cmd += [cmd_arg, self.get_option(key)]
# Redact password and token from console log
if key.endswith(('_token', '_password')):
censored_local_cmd += [cmd_arg, '********']
extra_args_name = u'{0}_extra_args'.format(self.transport)
if self.get_option(extra_args_name):
local_cmd += self.get_option(extra_args_name).split(' ')
censored_local_cmd += self.get_option(extra_args_name).split(' ')
pod = self.get_option(u'{0}_pod'.format(self.transport))
if not pod:
pod = self._play_context.remote_addr
# -i is needed to keep stdin open which allows pipelining to work
local_cmd += ['exec', '-i', pod]
censored_local_cmd += ['exec', '-i', pod]
# if the pod has more than one container, then container is required
container_arg_name = u'{0}_container'.format(self.transport)
if self.get_option(container_arg_name):
local_cmd += ['-c', self.get_option(container_arg_name)]
censored_local_cmd += ['-c', self.get_option(container_arg_name)]
local_cmd += ['--'] + cmd
censored_local_cmd += ['--'] + cmd
return local_cmd
return local_cmd, censored_local_cmd
def _connect(self, port=None):
""" Connect to the container. Nothing to do """
@@ -270,9 +280,9 @@ class Connection(ConnectionBase):
""" Run a command in the container """
super(Connection, self).exec_command(cmd, in_data=in_data, sudoable=sudoable)
local_cmd = self._build_exec_cmd([self._play_context.executable, '-c', cmd])
local_cmd, censored_local_cmd = self._build_exec_cmd([self._play_context.executable, '-c', cmd])
display.vvv("EXEC %s" % (local_cmd,), host=self._play_context.remote_addr)
display.vvv("EXEC %s" % (censored_local_cmd,), host=self._play_context.remote_addr)
local_cmd = [to_bytes(i, errors='surrogate_or_strict') for i in local_cmd]
p = subprocess.Popen(local_cmd, shell=False, stdin=subprocess.PIPE,
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
@@ -312,7 +322,7 @@ class Connection(ConnectionBase):
count = ' count=0'
else:
count = ''
args = self._build_exec_cmd([self._play_context.executable, "-c", "dd of=%s bs=%s%s" % (out_path, BUFSIZE, count)])
args, dummy = self._build_exec_cmd([self._play_context.executable, "-c", "dd of=%s bs=%s%s" % (out_path, BUFSIZE, count)])
args = [to_bytes(i, errors='surrogate_or_strict') for i in args]
try:
p = subprocess.Popen(args, stdin=in_file,
@@ -334,7 +344,7 @@ class Connection(ConnectionBase):
# kubectl doesn't have native support for fetching files from
# running containers, so we use kubectl exec to implement this
args = self._build_exec_cmd([self._play_context.executable, "-c", "dd if=%s bs=%s" % (in_path, BUFSIZE)])
args, dummy = self._build_exec_cmd([self._play_context.executable, "-c", "dd if=%s bs=%s" % (in_path, BUFSIZE)])
args = [to_bytes(i, errors='surrogate_or_strict') for i in args]
actual_out_path = os.path.join(out_dir, os.path.basename(in_path))
with open(to_bytes(actual_out_path, errors='surrogate_or_strict'), 'wb') as out_file:

34
plugins/doc_fragments/helm_common_options.py Normal file
View File

@@ -0,0 +1,34 @@
# -*- coding: utf-8 -*-
# Copyright: (c) 2020, Ansible Project
# Copyright: (c) 2020, Red Hat Inc.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
# Options for common Helm modules
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
class ModuleDocFragment(object):
DOCUMENTATION = r'''
options:
binary_path:
description:
- The path of a helm binary to use.
required: false
type: path
context:
description:
- Helm option to specify which kubeconfig context to use.
- If the value is not specified in the task, the value of environment variable C(K8S_AUTH_CONTEXT) will be used instead.
type: str
aliases: [ kube_context ]
kubeconfig:
description:
- Helm option to specify kubeconfig path to use.
- If the value is not specified in the task, the value of environment variable C(K8S_AUTH_KUBECONFIG) will be used instead.
type: path
aliases: [ kubeconfig_path ]
'''

32
plugins/doc_fragments/k8s_name_options.py
View File

@@ -15,9 +15,10 @@ class ModuleDocFragment(object):
options:
api_version:
description:
- Use to specify the API version. Use to create, delete, or discover an object without providing a full
resource definition. Use in conjunction with I(kind), I(name), and I(namespace) to identify a
specific object. If I(resource definition) is provided, the I(apiVersion) from the I(resource_definition)
- Use to specify the API version.
- Use to create, delete, or discover an object without providing a full resource definition.
- Use in conjunction with I(kind), I(name), and I(namespace) to identify a specific object.
- If I(resource definition) is provided, the I(apiVersion) value from the I(resource_definition)
will override this option.
type: str
default: v1
@@ -26,23 +27,26 @@ options:
- version
kind:
description:
- Use to specify an object model. Use to create, delete, or discover an object without providing a full
resource definition. Use in conjunction with I(api_version), I(name), and I(namespace) to identify a
specific object. If I(resource definition) is provided, the I(kind) from the I(resource_definition)
- Use to specify an object model.
- Use to create, delete, or discover an object without providing a full resource definition.
- Use in conjunction with I(api_version), I(name), and I(namespace) to identify a specific object.
- If I(resource definition) is provided, the I(kind) value from the I(resource_definition)
will override this option.
type: str
name:
description:
- Use to specify an object name. Use to create, delete, or discover an object without providing a full
resource definition. Use in conjunction with I(api_version), I(kind) and I(namespace) to identify a
specific object. If I(resource definition) is provided, the I(metadata.name) value from the
I(resource_definition) will override this option.
- Use to specify an object name.
- Use to create, delete, or discover an object without providing a full resource definition.
- Use in conjunction with I(api_version), I(kind) and I(namespace) to identify a specific object.
- If I(resource definition) is provided, the I(metadata.name) value from the I(resource_definition)
will override this option.
type: str
namespace:
description:
- Use to specify an object namespace. Useful when creating, deleting, or discovering an object without
providing a full resource definition. Use in conjunction with I(api_version), I(kind), and I(name)
to identify a specfic object. If I(resource definition) is provided, the I(metadata.namespace) value
from the I(resource_definition) will override this option.
- Use to specify an object namespace.
- Useful when creating, deleting, or discovering an object without providing a full resource definition.
- Use in conjunction with I(api_version), I(kind), and I(name) to identify a specific object.
- If I(resource definition) is provided, the I(metadata.namespace) value from the I(resource_definition)
will override this option.
type: str
'''

4
plugins/doc_fragments/k8s_resource_options.py
View File

@@ -15,8 +15,8 @@ class ModuleDocFragment(object):
options:
resource_definition:
description:
- "Provide a valid YAML definition (either as a string, list, or dict) for an object when creating or updating. NOTE: I(kind), I(api_version), I(name),
and I(namespace) will be overwritten by corresponding values found in the provided I(resource_definition)."
- Provide a valid YAML definition (either as a string, list, or dict) for an object when creating or updating.
- "NOTE: I(kind), I(api_version), I(name), and I(namespace) will be overwritten by corresponding values found in the provided I(resource_definition)."
aliases:
- definition
- inline

7
plugins/filter/k8s.py
View File

@@ -6,13 +6,6 @@ from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
try:
from openshift.helper.hashes import generate_hash
HAS_GENERATE_HASH = True

122
plugins/inventory/k8s.py
View File

@@ -28,60 +28,61 @@ DOCUMENTATION = '''
- Optional list of cluster connection settings. If no connections are provided, the default
I(~/.kube/config) and active context will be used, and objects will be returned for all namespaces
the active user is authorized to access.
name:
description:
- Optional name to assign to the cluster. If not provided, a name is constructed from the server
and port.
kubeconfig:
description:
- Path to an existing Kubernetes config file. If not provided, and no other connection
options are provided, the OpenShift client will attempt to load the default
configuration file from I(~/.kube/config.json). Can also be specified via K8S_AUTH_KUBECONFIG
environment variable.
context:
description:
- The name of a context found in the config file. Can also be specified via K8S_AUTH_CONTEXT environment
variable.
host:
description:
- Provide a URL for accessing the API. Can also be specified via K8S_AUTH_HOST environment variable.
api_key:
description:
- Token used to authenticate with the API. Can also be specified via K8S_AUTH_API_KEY environment
variable.
username:
description:
- Provide a username for authenticating with the API. Can also be specified via K8S_AUTH_USERNAME
environment variable.
password:
description:
- Provide a password for authenticating with the API. Can also be specified via K8S_AUTH_PASSWORD
environment variable.
client_cert:
description:
- Path to a certificate used to authenticate with the API. Can also be specified via K8S_AUTH_CERT_FILE
environment variable.
aliases: [ cert_file ]
client_key:
description:
- Path to a key file used to authenticate with the API. Can also be specified via K8S_AUTH_KEY_FILE
environment variable.
aliases: [ key_file ]
ca_cert:
description:
- Path to a CA certificate used to authenticate with the API. Can also be specified via
K8S_AUTH_SSL_CA_CERT environment variable.
aliases: [ ssl_ca_cert ]
validate_certs:
description:
- "Whether or not to verify the API server's SSL certificates. Can also be specified via
K8S_AUTH_VERIFY_SSL environment variable."
type: bool
aliases: [ verify_ssl ]
namespaces:
description:
- List of namespaces. If not specified, will fetch all containers for all namespaces user is authorized
to access.
suboptions:
name:
description:
- Optional name to assign to the cluster. If not provided, a name is constructed from the server
and port.
kubeconfig:
description:
- Path to an existing Kubernetes config file. If not provided, and no other connection
options are provided, the OpenShift client will attempt to load the default
configuration file from I(~/.kube/config.json). Can also be specified via K8S_AUTH_KUBECONFIG
environment variable.
context:
description:
- The name of a context found in the config file. Can also be specified via K8S_AUTH_CONTEXT environment
variable.
host:
description:
- Provide a URL for accessing the API. Can also be specified via K8S_AUTH_HOST environment variable.
api_key:
description:
- Token used to authenticate with the API. Can also be specified via K8S_AUTH_API_KEY environment
variable.
username:
description:
- Provide a username for authenticating with the API. Can also be specified via K8S_AUTH_USERNAME
environment variable.
password:
description:
- Provide a password for authenticating with the API. Can also be specified via K8S_AUTH_PASSWORD
environment variable.
client_cert:
description:
- Path to a certificate used to authenticate with the API. Can also be specified via K8S_AUTH_CERT_FILE
environment variable.
aliases: [ cert_file ]
client_key:
description:
- Path to a key file used to authenticate with the API. Can also be specified via K8S_AUTH_KEY_FILE
environment variable.
aliases: [ key_file ]
ca_cert:
description:
- Path to a CA certificate used to authenticate with the API. Can also be specified via
K8S_AUTH_SSL_CA_CERT environment variable.
aliases: [ ssl_ca_cert ]
validate_certs:
description:
- "Whether or not to verify the API server's SSL certificates. Can also be specified via
K8S_AUTH_VERIFY_SSL environment variable."
type: bool
aliases: [ verify_ssl ]
namespaces:
description:
- List of namespaces. If not specified, will fetch all containers for all namespaces user is authorized
to access.
requirements:
- "python >= 2.7"
@@ -93,20 +94,20 @@ EXAMPLES = '''
# File must be named k8s.yaml or k8s.yml
# Authenticate with token, and return all pods and services for all namespaces
plugin: k8s
plugin: community.kubernetes.k8s
connections:
- host: https://192.168.64.4:8443
token: xxxxxxxxxxxxxxxx
api_key: xxxxxxxxxxxxxxxx
validate_certs: false
# Use default config (~/.kube/config) file and active context, and return objects for a specific namespace
plugin: k8s
plugin: community.kubernetes.k8s
connections:
- namespaces:
- testing
# Use a custom config file, and a specific context.
plugin: k8s
plugin: community.kubernetes.k8s
connections:
- kubeconfig: /path/to/config
context: 'awx/192-168-64-4:8443/developer'
@@ -142,6 +143,7 @@ class K8sInventoryException(Exception):
class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable, K8sAnsibleMixin):
NAME = 'community.kubernetes.k8s'
connection_plugin = 'kubectl'
transport = 'kubectl'
def parse(self, inventory, loader, path, cache=True):
@@ -275,7 +277,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable, K8sAnsibleM
self.inventory.set_variable(container_name, 'container_state', 'Waiting')
self.inventory.set_variable(container_name, 'container_ready', container.ready)
self.inventory.set_variable(container_name, 'ansible_remote_tmp', '/tmp/')
self.inventory.set_variable(container_name, 'ansible_connection', self.transport)
self.inventory.set_variable(container_name, 'ansible_connection', self.connection_plugin)
self.inventory.set_variable(container_name, 'ansible_{0}_pod'.format(self.transport),
pod_name)
self.inventory.set_variable(container_name, 'ansible_{0}_container'.format(self.transport),
@@ -316,7 +318,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable, K8sAnsibleM
try:
self.inventory.add_child(namespace_services_group, service_name)
except AnsibleError as e:
except AnsibleError:
raise
ports = [{'name': port.name,

Some files were not shown because too many files have changed in this diff Show More