From 4b6fdb1615f20d58e44c3e562f43cbd72dd30e0c Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 30 Jan 2020 10:50:44 -0600 Subject: [PATCH] Issue #1: Restructure role into collection using content_collector. --- .tito/packages/.readme | 3 - .tito/packages/ansible-kubernetes-modules | 1 - .tito/releasers.conf | 30 - .tito/tito.props | 5 - .travis.yml | 34 - LICENSE | 811 ++++++++++++---- README.md | 4 +- ansible-kubernetes-modules.spec | 71 -- defaults/main.yml | 3 - galaxy.yml | 20 + library/k8s_apps_v1beta1_deployment.py | 580 ------------ library/k8s_apps_v1beta1_deployment_list.py | 165 ---- library/k8s_apps_v1beta1_scale.py | 148 --- library/k8s_extensions_v1beta1_deployment.py | 582 ------------ .../k8s_extensions_v1beta1_deployment_list.py | 165 ---- library/k8s_extensions_v1beta1_scale.py | 148 --- library/k8s_v1_binding.py | 175 ---- library/k8s_v1_cluster_role.py | 202 ---- library/k8s_v1_cluster_role_binding.py | 207 ----- library/k8s_v1_cluster_role_binding_list.py | 189 ---- library/k8s_v1_cluster_role_list.py | 197 ---- library/k8s_v1_component_status.py | 162 ---- library/k8s_v1_component_status_list.py | 157 ---- library/k8s_v1_config_map.py | 169 ---- library/k8s_v1_config_map_list.py | 163 ---- library/k8s_v1_endpoints.py | 250 ----- library/k8s_v1_endpoints_list.py | 241 ----- library/k8s_v1_event.py | 261 ------ library/k8s_v1_event_list.py | 195 ---- library/k8s_v1_horizontal_pod_autoscaler.py | 211 ----- .../k8s_v1_horizontal_pod_autoscaler_list.py | 165 ---- library/k8s_v1_job.py | 547 ----------- library/k8s_v1_job_list.py | 165 ---- library/k8s_v1_limit_range.py | 168 ---- library/k8s_v1_limit_range_list.py | 161 ---- library/k8s_v1_local_subject_access_review.py | 218 ----- library/k8s_v1_namespace.py | 224 ----- library/k8s_v1_namespace_list.py | 165 ---- library/k8s_v1_network_policy.py | 217 ----- library/k8s_v1_network_policy_list.py | 161 ---- library/k8s_v1_node.py | 250 ----- library/k8s_v1_node_list.py | 165 ---- library/k8s_v1_persistent_volume.py | 867 ------------------ library/k8s_v1_persistent_volume_claim.py | 222 ----- .../k8s_v1_persistent_volume_claim_list.py | 167 ---- library/k8s_v1_persistent_volume_list.py | 167 ---- library/k8s_v1_pod.py | 466 ---------- library/k8s_v1_pod_list.py | 166 ---- library/k8s_v1_pod_template.py | 484 ---------- library/k8s_v1_pod_template_list.py | 161 ---- library/k8s_v1_replication_controller.py | 517 ----------- library/k8s_v1_replication_controller_list.py | 170 ---- library/k8s_v1_resource_quota.py | 179 ---- library/k8s_v1_resource_quota_list.py | 165 ---- library/k8s_v1_role.py | 202 ---- library/k8s_v1_role_binding.py | 208 ----- library/k8s_v1_role_binding_list.py | 190 ---- library/k8s_v1_role_list.py | 197 ---- library/k8s_v1_scale.py | 148 --- library/k8s_v1_secret.py | 195 ---- library/k8s_v1_secret_list.py | 177 ---- library/k8s_v1_self_subject_access_review.py | 194 ---- library/k8s_v1_self_subject_rules_review.py | 145 --- library/k8s_v1_service.py | 360 -------- library/k8s_v1_service_account.py | 235 ----- library/k8s_v1_service_account_list.py | 217 ----- library/k8s_v1_service_list.py | 166 ---- library/k8s_v1_status.py | 184 ---- library/k8s_v1_storage_class.py | 206 ----- library/k8s_v1_storage_class_list.py | 183 ---- library/k8s_v1_subject_access_review.py | 217 ----- library/k8s_v1_token_review.py | 147 --- library/k8s_v1alpha1_cluster_role.py | 204 ----- library/k8s_v1alpha1_cluster_role_binding.py | 207 ----- .../k8s_v1alpha1_cluster_role_binding_list.py | 189 ---- library/k8s_v1alpha1_cluster_role_list.py | 199 ---- ...1_external_admission_hook_configuration.py | 223 ----- ...ernal_admission_hook_configuration_list.py | 218 ----- .../k8s_v1alpha1_initializer_configuration.py | 212 ----- ...v1alpha1_initializer_configuration_list.py | 207 ----- library/k8s_v1alpha1_pod_preset.py | 200 ---- library/k8s_v1alpha1_pod_preset_list.py | 159 ---- library/k8s_v1alpha1_priority_class.py | 187 ---- library/k8s_v1alpha1_priority_class_list.py | 172 ---- library/k8s_v1alpha1_role.py | 204 ----- library/k8s_v1alpha1_role_binding.py | 208 ----- library/k8s_v1alpha1_role_binding_list.py | 190 ---- library/k8s_v1alpha1_role_list.py | 199 ---- library/k8s_v1beta1_api_service.py | 223 ----- library/k8s_v1beta1_api_service_list.py | 162 ---- ...k8s_v1beta1_certificate_signing_request.py | 197 ---- ...1beta1_certificate_signing_request_list.py | 162 ---- library/k8s_v1beta1_cluster_role.py | 202 ---- library/k8s_v1beta1_cluster_role_binding.py | 207 ----- .../k8s_v1beta1_cluster_role_binding_list.py | 189 ---- library/k8s_v1beta1_cluster_role_list.py | 197 ---- library/k8s_v1beta1_controller_revision.py | 175 ---- .../k8s_v1beta1_controller_revision_list.py | 165 ---- library/k8s_v1beta1_cron_job.py | 616 ------------- library/k8s_v1beta1_cron_job_list.py | 165 ---- .../k8s_v1beta1_custom_resource_definition.py | 283 ------ ...v1beta1_custom_resource_definition_list.py | 163 ---- library/k8s_v1beta1_daemon_set.py | 549 ----------- library/k8s_v1beta1_daemon_set_list.py | 166 ---- library/k8s_v1beta1_eviction.py | 182 ---- library/k8s_v1beta1_ingress.py | 193 ---- library/k8s_v1beta1_ingress_list.py | 165 ---- ...k8s_v1beta1_local_subject_access_review.py | 218 ----- library/k8s_v1beta1_network_policy.py | 216 ----- library/k8s_v1beta1_network_policy_list.py | 161 ---- library/k8s_v1beta1_pod_disruption_budget.py | 199 ---- .../k8s_v1beta1_pod_disruption_budget_list.py | 162 ---- library/k8s_v1beta1_pod_security_policy.py | 317 ------- .../k8s_v1beta1_pod_security_policy_list.py | 161 ---- library/k8s_v1beta1_replica_set.py | 532 ----------- library/k8s_v1beta1_replica_set_list.py | 167 ---- library/k8s_v1beta1_role.py | 202 ---- library/k8s_v1beta1_role_binding.py | 219 ----- library/k8s_v1beta1_role_binding_list.py | 190 ---- library/k8s_v1beta1_role_list.py | 197 ---- .../k8s_v1beta1_self_subject_access_review.py | 194 ---- .../k8s_v1beta1_self_subject_rules_review.py | 145 --- library/k8s_v1beta1_stateful_set.py | 579 ------------ library/k8s_v1beta1_stateful_set_list.py | 163 ---- library/k8s_v1beta1_storage_class.py | 206 ----- library/k8s_v1beta1_storage_class_list.py | 183 ---- library/k8s_v1beta1_subject_access_review.py | 217 ----- library/k8s_v1beta1_token_review.py | 147 --- library/k8s_v1beta2_controller_revision.py | 175 ---- .../k8s_v1beta2_controller_revision_list.py | 165 ---- library/k8s_v1beta2_daemon_set.py | 542 ----------- library/k8s_v1beta2_daemon_set_list.py | 166 ---- library/k8s_v1beta2_deployment.py | 574 ------------ library/k8s_v1beta2_deployment_list.py | 165 ---- library/k8s_v1beta2_replica_set.py | 521 ----------- library/k8s_v1beta2_replica_set_list.py | 167 ---- library/k8s_v1beta2_scale.py | 148 --- library/k8s_v1beta2_stateful_set.py | 564 ------------ library/k8s_v1beta2_stateful_set_list.py | 163 ---- library/k8s_v2alpha1_cron_job.py | 616 ------------- library/k8s_v2alpha1_cron_job_list.py | 165 ---- .../k8s_v2beta1_horizontal_pod_autoscaler.py | 207 ----- ..._v2beta1_horizontal_pod_autoscaler_list.py | 165 ---- ...shift_v1_applied_cluster_resource_quota.py | 177 ---- ..._v1_applied_cluster_resource_quota_list.py | 141 --- .../openshift_v1_broker_template_instance.py | 251 ----- ...nshift_v1_broker_template_instance_list.py | 161 ---- library/openshift_v1_build.py | 673 -------------- library/openshift_v1_build_config.py | 696 -------------- library/openshift_v1_build_config_list.py | 166 ---- library/openshift_v1_build_list.py | 165 ---- library/openshift_v1_build_request.py | 363 -------- library/openshift_v1_cluster_network.py | 214 ----- library/openshift_v1_cluster_network_list.py | 193 ---- .../openshift_v1_cluster_resource_quota.py | 201 ---- ...penshift_v1_cluster_resource_quota_list.py | 165 ---- library/openshift_v1_cluster_role.py | 222 ----- library/openshift_v1_cluster_role_binding.py | 281 ------ .../openshift_v1_cluster_role_binding_list.py | 224 ----- library/openshift_v1_cluster_role_list.py | 210 ----- library/openshift_v1_controller_revision.py | 175 ---- .../openshift_v1_controller_revision_list.py | 165 ---- library/openshift_v1_daemon_set.py | 542 ----------- library/openshift_v1_daemon_set_list.py | 166 ---- library/openshift_v1_deployment.py | 606 ------------ library/openshift_v1_deployment_config.py | 687 -------------- .../openshift_v1_deployment_config_list.py | 165 ---- ...openshift_v1_deployment_config_rollback.py | 200 ---- library/openshift_v1_deployment_list.py | 165 ---- library/openshift_v1_egress_network_policy.py | 168 ---- ...openshift_v1_egress_network_policy_list.py | 161 ---- library/openshift_v1_group.py | 167 ---- library/openshift_v1_group_list.py | 162 ---- library/openshift_v1_host_subnet.py | 193 ---- library/openshift_v1_host_subnet_list.py | 178 ---- library/openshift_v1_identity.py | 223 ----- library/openshift_v1_identity_list.py | 176 ---- library/openshift_v1_image.py | 332 ------- library/openshift_v1_image_list.py | 294 ------ library/openshift_v1_image_signature.py | 268 ------ library/openshift_v1_image_stream.py | 190 ---- library/openshift_v1_image_stream_image.py | 228 ----- library/openshift_v1_image_stream_import.py | 231 ----- library/openshift_v1_image_stream_list.py | 165 ---- library/openshift_v1_image_stream_mapping.py | 235 ----- library/openshift_v1_image_stream_tag.py | 410 --------- library/openshift_v1_image_stream_tag_list.py | 212 ----- library/openshift_v1_net_namespace.py | 191 ---- library/openshift_v1_net_namespace_list.py | 175 ---- library/openshift_v1_o_auth_access_token.py | 229 ----- .../openshift_v1_o_auth_access_token_list.py | 196 ---- .../openshift_v1_o_auth_authorize_token.py | 216 ----- ...penshift_v1_o_auth_authorize_token_list.py | 197 ---- library/openshift_v1_o_auth_client.py | 268 ------ ...penshift_v1_o_auth_client_authorization.py | 190 ---- ...ift_v1_o_auth_client_authorization_list.py | 175 ---- library/openshift_v1_o_auth_client_list.py | 221 ----- ...openshift_v1_pod_security_policy_review.py | 446 --------- ...pod_security_policy_self_subject_review.py | 437 --------- ...t_v1_pod_security_policy_subject_review.py | 451 --------- library/openshift_v1_project.py | 188 ---- library/openshift_v1_project_list.py | 165 ---- library/openshift_v1_replica_set.py | 521 ----------- library/openshift_v1_replica_set_list.py | 167 ---- library/openshift_v1_role.py | 208 ----- library/openshift_v1_role_binding.py | 281 ------ library/openshift_v1_role_binding_list.py | 224 ----- .../openshift_v1_role_binding_restriction.py | 206 ----- ...nshift_v1_role_binding_restriction_list.py | 161 ---- library/openshift_v1_role_list.py | 204 ----- library/openshift_v1_route.py | 304 ------ library/openshift_v1_route_list.py | 165 ---- ...enshift_v1_security_context_constraints.py | 434 --------- ...ft_v1_security_context_constraints_list.py | 280 ------ .../openshift_v1_self_subject_rules_review.py | 122 --- library/openshift_v1_stateful_set.py | 564 ------------ library/openshift_v1_stateful_set_list.py | 163 ---- library/openshift_v1_subject_rules_review.py | 134 --- library/openshift_v1_template.py | 250 ----- library/openshift_v1_template_instance.py | 263 ------ .../openshift_v1_template_instance_list.py | 165 ---- library/openshift_v1_template_list.py | 230 ----- library/openshift_v1_user.py | 187 ---- library/openshift_v1_user_identity_mapping.py | 230 ----- library/openshift_v1_user_list.py | 173 ---- library/openshift_v1beta1_event.py | 341 ------- library/openshift_v1beta1_event_list.py | 223 ----- ..._v1beta1_mutating_webhook_configuration.py | 238 ----- ...ta1_mutating_webhook_configuration_list.py | 234 ----- ...1beta1_validating_webhook_configuration.py | 238 ----- ...1_validating_webhook_configuration_list.py | 234 ----- meta/main.yml | 52 -- module_utils/README.md | 3 - module_utils/k8s_common.py | 313 ------- module_utils/openshift_common.py | 69 -- plugins/modules/__init__.py | 0 plugins/modules/_kubernetes.py | 18 + plugins/modules/k8s.py | 279 ++++++ plugins/modules/k8s_auth.py | 336 +++++++ plugins/modules/k8s_info.py | 179 ++++ plugins/modules/k8s_scale.py | 129 +++ plugins/modules/k8s_service.py | 267 ++++++ requirements.txt | 1 - tasks/main.yml | 10 - test/integration/targets/k8s/k8s/README.md | 23 + test/integration/targets/k8s/k8s/aliases | 2 + .../targets/k8s/k8s/defaults/main.yml | 32 + .../targets/k8s/k8s/files/crd-resource.yml | 20 + .../k8s/k8s/files/kuard-extra-property.yml | 21 + .../k8s/k8s/files/kuard-invalid-type.yml | 20 + .../targets/k8s/k8s/files/setup-crd.yml | 14 + .../integration/targets/k8s/k8s/meta/main.yml | 2 + .../targets/k8s/k8s/tasks/append_hash.yml | 68 ++ .../targets/k8s/k8s/tasks/apply.yml | 191 ++++ .../integration/targets/k8s/k8s/tasks/crd.yml | 71 ++ .../targets/k8s/k8s/tasks/delete.yml | 101 ++ .../targets/k8s/k8s/tasks/full_test.yml | 375 ++++++++ .../targets/k8s/k8s/tasks/lists.yml | 140 +++ .../targets/k8s/k8s/tasks/main.yml | 92 ++ .../k8s/k8s/tasks/older_openshift_fail.yml | 69 ++ .../targets/k8s/k8s/tasks/openshift.yml | 61 ++ .../k8s/k8s/tasks/validate_installed.yml | 125 +++ .../k8s/k8s/tasks/validate_not_installed.yml | 23 + .../targets/k8s/k8s/tasks/waiter.yml | 355 +++++++ tests/ansible.cfg | 4 - tests/inventory | 1 - .../hello-templates/files/deployment.yml | 43 - tests/roles/hello-templates/tasks/main.yml | 60 -- tests/roles/hello-world/tasks/main.yml | 96 -- tests/test.yml | 12 - 270 files changed, 3676 insertions(+), 54531 deletions(-) delete mode 100644 .tito/packages/.readme delete mode 100644 .tito/packages/ansible-kubernetes-modules delete mode 100644 .tito/releasers.conf delete mode 100644 .tito/tito.props delete mode 100644 .travis.yml delete mode 100644 ansible-kubernetes-modules.spec delete mode 100644 defaults/main.yml create mode 100644 galaxy.yml delete mode 100644 library/k8s_apps_v1beta1_deployment.py delete mode 100644 library/k8s_apps_v1beta1_deployment_list.py delete mode 100644 library/k8s_apps_v1beta1_scale.py delete mode 100644 library/k8s_extensions_v1beta1_deployment.py delete mode 100644 library/k8s_extensions_v1beta1_deployment_list.py delete mode 100644 library/k8s_extensions_v1beta1_scale.py delete mode 100644 library/k8s_v1_binding.py delete mode 100644 library/k8s_v1_cluster_role.py delete mode 100644 library/k8s_v1_cluster_role_binding.py delete mode 100644 library/k8s_v1_cluster_role_binding_list.py delete mode 100644 library/k8s_v1_cluster_role_list.py delete mode 100644 library/k8s_v1_component_status.py delete mode 100644 library/k8s_v1_component_status_list.py delete mode 100644 library/k8s_v1_config_map.py delete mode 100644 library/k8s_v1_config_map_list.py delete mode 100644 library/k8s_v1_endpoints.py delete mode 100644 library/k8s_v1_endpoints_list.py delete mode 100644 library/k8s_v1_event.py delete mode 100644 library/k8s_v1_event_list.py delete mode 100644 library/k8s_v1_horizontal_pod_autoscaler.py delete mode 100644 library/k8s_v1_horizontal_pod_autoscaler_list.py delete mode 100644 library/k8s_v1_job.py delete mode 100644 library/k8s_v1_job_list.py delete mode 100644 library/k8s_v1_limit_range.py delete mode 100644 library/k8s_v1_limit_range_list.py delete mode 100644 library/k8s_v1_local_subject_access_review.py delete mode 100644 library/k8s_v1_namespace.py delete mode 100644 library/k8s_v1_namespace_list.py delete mode 100644 library/k8s_v1_network_policy.py delete mode 100644 library/k8s_v1_network_policy_list.py delete mode 100644 library/k8s_v1_node.py delete mode 100644 library/k8s_v1_node_list.py delete mode 100644 library/k8s_v1_persistent_volume.py delete mode 100644 library/k8s_v1_persistent_volume_claim.py delete mode 100644 library/k8s_v1_persistent_volume_claim_list.py delete mode 100644 library/k8s_v1_persistent_volume_list.py delete mode 100644 library/k8s_v1_pod.py delete mode 100644 library/k8s_v1_pod_list.py delete mode 100644 library/k8s_v1_pod_template.py delete mode 100644 library/k8s_v1_pod_template_list.py delete mode 100644 library/k8s_v1_replication_controller.py delete mode 100644 library/k8s_v1_replication_controller_list.py delete mode 100644 library/k8s_v1_resource_quota.py delete mode 100644 library/k8s_v1_resource_quota_list.py delete mode 100644 library/k8s_v1_role.py delete mode 100644 library/k8s_v1_role_binding.py delete mode 100644 library/k8s_v1_role_binding_list.py delete mode 100644 library/k8s_v1_role_list.py delete mode 100644 library/k8s_v1_scale.py delete mode 100644 library/k8s_v1_secret.py delete mode 100644 library/k8s_v1_secret_list.py delete mode 100644 library/k8s_v1_self_subject_access_review.py delete mode 100644 library/k8s_v1_self_subject_rules_review.py delete mode 100644 library/k8s_v1_service.py delete mode 100644 library/k8s_v1_service_account.py delete mode 100644 library/k8s_v1_service_account_list.py delete mode 100644 library/k8s_v1_service_list.py delete mode 100644 library/k8s_v1_status.py delete mode 100644 library/k8s_v1_storage_class.py delete mode 100644 library/k8s_v1_storage_class_list.py delete mode 100644 library/k8s_v1_subject_access_review.py delete mode 100644 library/k8s_v1_token_review.py delete mode 100644 library/k8s_v1alpha1_cluster_role.py delete mode 100644 library/k8s_v1alpha1_cluster_role_binding.py delete mode 100644 library/k8s_v1alpha1_cluster_role_binding_list.py delete mode 100644 library/k8s_v1alpha1_cluster_role_list.py delete mode 100644 library/k8s_v1alpha1_external_admission_hook_configuration.py delete mode 100644 library/k8s_v1alpha1_external_admission_hook_configuration_list.py delete mode 100644 library/k8s_v1alpha1_initializer_configuration.py delete mode 100644 library/k8s_v1alpha1_initializer_configuration_list.py delete mode 100644 library/k8s_v1alpha1_pod_preset.py delete mode 100644 library/k8s_v1alpha1_pod_preset_list.py delete mode 100644 library/k8s_v1alpha1_priority_class.py delete mode 100644 library/k8s_v1alpha1_priority_class_list.py delete mode 100644 library/k8s_v1alpha1_role.py delete mode 100644 library/k8s_v1alpha1_role_binding.py delete mode 100644 library/k8s_v1alpha1_role_binding_list.py delete mode 100644 library/k8s_v1alpha1_role_list.py delete mode 100644 library/k8s_v1beta1_api_service.py delete mode 100644 library/k8s_v1beta1_api_service_list.py delete mode 100644 library/k8s_v1beta1_certificate_signing_request.py delete mode 100644 library/k8s_v1beta1_certificate_signing_request_list.py delete mode 100644 library/k8s_v1beta1_cluster_role.py delete mode 100644 library/k8s_v1beta1_cluster_role_binding.py delete mode 100644 library/k8s_v1beta1_cluster_role_binding_list.py delete mode 100644 library/k8s_v1beta1_cluster_role_list.py delete mode 100644 library/k8s_v1beta1_controller_revision.py delete mode 100644 library/k8s_v1beta1_controller_revision_list.py delete mode 100644 library/k8s_v1beta1_cron_job.py delete mode 100644 library/k8s_v1beta1_cron_job_list.py delete mode 100644 library/k8s_v1beta1_custom_resource_definition.py delete mode 100644 library/k8s_v1beta1_custom_resource_definition_list.py delete mode 100644 library/k8s_v1beta1_daemon_set.py delete mode 100644 library/k8s_v1beta1_daemon_set_list.py delete mode 100644 library/k8s_v1beta1_eviction.py delete mode 100644 library/k8s_v1beta1_ingress.py delete mode 100644 library/k8s_v1beta1_ingress_list.py delete mode 100644 library/k8s_v1beta1_local_subject_access_review.py delete mode 100644 library/k8s_v1beta1_network_policy.py delete mode 100644 library/k8s_v1beta1_network_policy_list.py delete mode 100644 library/k8s_v1beta1_pod_disruption_budget.py delete mode 100644 library/k8s_v1beta1_pod_disruption_budget_list.py delete mode 100644 library/k8s_v1beta1_pod_security_policy.py delete mode 100644 library/k8s_v1beta1_pod_security_policy_list.py delete mode 100644 library/k8s_v1beta1_replica_set.py delete mode 100644 library/k8s_v1beta1_replica_set_list.py delete mode 100644 library/k8s_v1beta1_role.py delete mode 100644 library/k8s_v1beta1_role_binding.py delete mode 100644 library/k8s_v1beta1_role_binding_list.py delete mode 100644 library/k8s_v1beta1_role_list.py delete mode 100644 library/k8s_v1beta1_self_subject_access_review.py delete mode 100644 library/k8s_v1beta1_self_subject_rules_review.py delete mode 100644 library/k8s_v1beta1_stateful_set.py delete mode 100644 library/k8s_v1beta1_stateful_set_list.py delete mode 100644 library/k8s_v1beta1_storage_class.py delete mode 100644 library/k8s_v1beta1_storage_class_list.py delete mode 100644 library/k8s_v1beta1_subject_access_review.py delete mode 100644 library/k8s_v1beta1_token_review.py delete mode 100644 library/k8s_v1beta2_controller_revision.py delete mode 100644 library/k8s_v1beta2_controller_revision_list.py delete mode 100644 library/k8s_v1beta2_daemon_set.py delete mode 100644 library/k8s_v1beta2_daemon_set_list.py delete mode 100644 library/k8s_v1beta2_deployment.py delete mode 100644 library/k8s_v1beta2_deployment_list.py delete mode 100644 library/k8s_v1beta2_replica_set.py delete mode 100644 library/k8s_v1beta2_replica_set_list.py delete mode 100644 library/k8s_v1beta2_scale.py delete mode 100644 library/k8s_v1beta2_stateful_set.py delete mode 100644 library/k8s_v1beta2_stateful_set_list.py delete mode 100644 library/k8s_v2alpha1_cron_job.py delete mode 100644 library/k8s_v2alpha1_cron_job_list.py delete mode 100644 library/k8s_v2beta1_horizontal_pod_autoscaler.py delete mode 100644 library/k8s_v2beta1_horizontal_pod_autoscaler_list.py delete mode 100644 library/openshift_v1_applied_cluster_resource_quota.py delete mode 100644 library/openshift_v1_applied_cluster_resource_quota_list.py delete mode 100644 library/openshift_v1_broker_template_instance.py delete mode 100644 library/openshift_v1_broker_template_instance_list.py delete mode 100644 library/openshift_v1_build.py delete mode 100644 library/openshift_v1_build_config.py delete mode 100644 library/openshift_v1_build_config_list.py delete mode 100644 library/openshift_v1_build_list.py delete mode 100644 library/openshift_v1_build_request.py delete mode 100644 library/openshift_v1_cluster_network.py delete mode 100644 library/openshift_v1_cluster_network_list.py delete mode 100644 library/openshift_v1_cluster_resource_quota.py delete mode 100644 library/openshift_v1_cluster_resource_quota_list.py delete mode 100644 library/openshift_v1_cluster_role.py delete mode 100644 library/openshift_v1_cluster_role_binding.py delete mode 100644 library/openshift_v1_cluster_role_binding_list.py delete mode 100644 library/openshift_v1_cluster_role_list.py delete mode 100644 library/openshift_v1_controller_revision.py delete mode 100644 library/openshift_v1_controller_revision_list.py delete mode 100644 library/openshift_v1_daemon_set.py delete mode 100644 library/openshift_v1_daemon_set_list.py delete mode 100644 library/openshift_v1_deployment.py delete mode 100644 library/openshift_v1_deployment_config.py delete mode 100644 library/openshift_v1_deployment_config_list.py delete mode 100644 library/openshift_v1_deployment_config_rollback.py delete mode 100644 library/openshift_v1_deployment_list.py delete mode 100644 library/openshift_v1_egress_network_policy.py delete mode 100644 library/openshift_v1_egress_network_policy_list.py delete mode 100644 library/openshift_v1_group.py delete mode 100644 library/openshift_v1_group_list.py delete mode 100644 library/openshift_v1_host_subnet.py delete mode 100644 library/openshift_v1_host_subnet_list.py delete mode 100644 library/openshift_v1_identity.py delete mode 100644 library/openshift_v1_identity_list.py delete mode 100644 library/openshift_v1_image.py delete mode 100644 library/openshift_v1_image_list.py delete mode 100644 library/openshift_v1_image_signature.py delete mode 100644 library/openshift_v1_image_stream.py delete mode 100644 library/openshift_v1_image_stream_image.py delete mode 100644 library/openshift_v1_image_stream_import.py delete mode 100644 library/openshift_v1_image_stream_list.py delete mode 100644 library/openshift_v1_image_stream_mapping.py delete mode 100644 library/openshift_v1_image_stream_tag.py delete mode 100644 library/openshift_v1_image_stream_tag_list.py delete mode 100644 library/openshift_v1_net_namespace.py delete mode 100644 library/openshift_v1_net_namespace_list.py delete mode 100644 library/openshift_v1_o_auth_access_token.py delete mode 100644 library/openshift_v1_o_auth_access_token_list.py delete mode 100644 library/openshift_v1_o_auth_authorize_token.py delete mode 100644 library/openshift_v1_o_auth_authorize_token_list.py delete mode 100644 library/openshift_v1_o_auth_client.py delete mode 100644 library/openshift_v1_o_auth_client_authorization.py delete mode 100644 library/openshift_v1_o_auth_client_authorization_list.py delete mode 100644 library/openshift_v1_o_auth_client_list.py delete mode 100644 library/openshift_v1_pod_security_policy_review.py delete mode 100644 library/openshift_v1_pod_security_policy_self_subject_review.py delete mode 100644 library/openshift_v1_pod_security_policy_subject_review.py delete mode 100644 library/openshift_v1_project.py delete mode 100644 library/openshift_v1_project_list.py delete mode 100644 library/openshift_v1_replica_set.py delete mode 100644 library/openshift_v1_replica_set_list.py delete mode 100644 library/openshift_v1_role.py delete mode 100644 library/openshift_v1_role_binding.py delete mode 100644 library/openshift_v1_role_binding_list.py delete mode 100644 library/openshift_v1_role_binding_restriction.py delete mode 100644 library/openshift_v1_role_binding_restriction_list.py delete mode 100644 library/openshift_v1_role_list.py delete mode 100644 library/openshift_v1_route.py delete mode 100644 library/openshift_v1_route_list.py delete mode 100644 library/openshift_v1_security_context_constraints.py delete mode 100644 library/openshift_v1_security_context_constraints_list.py delete mode 100644 library/openshift_v1_self_subject_rules_review.py delete mode 100644 library/openshift_v1_stateful_set.py delete mode 100644 library/openshift_v1_stateful_set_list.py delete mode 100644 library/openshift_v1_subject_rules_review.py delete mode 100644 library/openshift_v1_template.py delete mode 100644 library/openshift_v1_template_instance.py delete mode 100644 library/openshift_v1_template_instance_list.py delete mode 100644 library/openshift_v1_template_list.py delete mode 100644 library/openshift_v1_user.py delete mode 100644 library/openshift_v1_user_identity_mapping.py delete mode 100644 library/openshift_v1_user_list.py delete mode 100644 library/openshift_v1beta1_event.py delete mode 100644 library/openshift_v1beta1_event_list.py delete mode 100644 library/openshift_v1beta1_mutating_webhook_configuration.py delete mode 100644 library/openshift_v1beta1_mutating_webhook_configuration_list.py delete mode 100644 library/openshift_v1beta1_validating_webhook_configuration.py delete mode 100644 library/openshift_v1beta1_validating_webhook_configuration_list.py delete mode 100644 meta/main.yml delete mode 100644 module_utils/README.md delete mode 100644 module_utils/k8s_common.py delete mode 100644 module_utils/openshift_common.py create mode 100644 plugins/modules/__init__.py create mode 100644 plugins/modules/_kubernetes.py create mode 100644 plugins/modules/k8s.py create mode 100644 plugins/modules/k8s_auth.py create mode 100644 plugins/modules/k8s_info.py create mode 100644 plugins/modules/k8s_scale.py create mode 100644 plugins/modules/k8s_service.py delete mode 100644 requirements.txt delete mode 100644 tasks/main.yml create mode 100644 test/integration/targets/k8s/k8s/README.md create mode 100644 test/integration/targets/k8s/k8s/aliases create mode 100644 test/integration/targets/k8s/k8s/defaults/main.yml create mode 100644 test/integration/targets/k8s/k8s/files/crd-resource.yml create mode 100644 test/integration/targets/k8s/k8s/files/kuard-extra-property.yml create mode 100644 test/integration/targets/k8s/k8s/files/kuard-invalid-type.yml create mode 100644 test/integration/targets/k8s/k8s/files/setup-crd.yml create mode 100644 test/integration/targets/k8s/k8s/meta/main.yml create mode 100644 test/integration/targets/k8s/k8s/tasks/append_hash.yml create mode 100644 test/integration/targets/k8s/k8s/tasks/apply.yml create mode 100644 test/integration/targets/k8s/k8s/tasks/crd.yml create mode 100644 test/integration/targets/k8s/k8s/tasks/delete.yml create mode 100644 test/integration/targets/k8s/k8s/tasks/full_test.yml create mode 100644 test/integration/targets/k8s/k8s/tasks/lists.yml create mode 100644 test/integration/targets/k8s/k8s/tasks/main.yml create mode 100644 test/integration/targets/k8s/k8s/tasks/older_openshift_fail.yml create mode 100644 test/integration/targets/k8s/k8s/tasks/openshift.yml create mode 100644 test/integration/targets/k8s/k8s/tasks/validate_installed.yml create mode 100644 test/integration/targets/k8s/k8s/tasks/validate_not_installed.yml create mode 100644 test/integration/targets/k8s/k8s/tasks/waiter.yml delete mode 100644 tests/ansible.cfg delete mode 100644 tests/inventory delete mode 100644 tests/roles/hello-templates/files/deployment.yml delete mode 100644 tests/roles/hello-templates/tasks/main.yml delete mode 100644 tests/roles/hello-world/tasks/main.yml delete mode 100644 tests/test.yml diff --git a/.tito/packages/.readme b/.tito/packages/.readme deleted file mode 100644 index b9411e2d..00000000 --- a/.tito/packages/.readme +++ /dev/null @@ -1,3 +0,0 @@ -the .tito/packages directory contains metadata files -named after their packages. Each file has the latest tagged -version and the project's relative directory. diff --git a/.tito/packages/ansible-kubernetes-modules b/.tito/packages/ansible-kubernetes-modules deleted file mode 100644 index 1f6d26a5..00000000 --- a/.tito/packages/ansible-kubernetes-modules +++ /dev/null @@ -1 +0,0 @@ -0.4.0-8 ./ diff --git a/.tito/releasers.conf b/.tito/releasers.conf deleted file mode 100644 index 66358882..00000000 --- a/.tito/releasers.conf +++ /dev/null @@ -1,30 +0,0 @@ -[asb-copr] -releaser = tito.release.CoprReleaser -project_name = @ansible-service-broker/ansible-service-broker-latest -upload_command = scp -4 %(srpm)s $fas_username@fedorapeople.org:/srv/repos/asb -remote_location = http://repos.fedorapeople.org/asb/ -copr_options = --timeout 600 - -[asb-copr-test] -releaser = tito.release.CoprReleaser -project_name = @ansible-service-broker/ansible-service-broker-nightly -upload_command = scp -4 %(srpm)s $fas_username@fedorapeople.org:/srv/repos/asb -remote_location = http://repos.fedorapeople.org/asb/ -copr_options = --timeout 600 -builder.test = 1 - -[asb-brew-36] -releaser = tito.release.DistGitReleaser -branches = rhaos-3.6-asb-rhel-7 - -[asb-brew-37] -releaser = tito.release.DistGitReleaser -branches = rhaos-3.7-asb-rhel-7 - -[asb-brew-38] -releaser = tito.release.DistGitReleaser -branches = rhaos-3.8-asb-rhel-7 - -[asb-brew-39] -releaser = tito.release.DistGitReleaser -branches = rhaos-3.9-asb-rhel-7 diff --git a/.tito/tito.props b/.tito/tito.props deleted file mode 100644 index 80fe6528..00000000 --- a/.tito/tito.props +++ /dev/null @@ -1,5 +0,0 @@ -[buildconfig] -builder = tito.builder.Builder -tagger = tito.tagger.ReleaseTagger -changelog_do_not_remove_cherrypick = 0 -changelog_format = %s (%ae) diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index f8ed9547..00000000 --- a/.travis.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -language: python -python: "2.7" - -# Use the new container infrastructure -sudo: false - -# Install ansible -addons: - apt: - packages: - - python-pip - -install: - # Install prereqs - - pip install https://github.com/ansible/ansible/archive/devel.tar.gz - - pip install openshift - - pip list | grep openshift - - # Start OpenShift - - docker run --publish 8443:8443 -d --name openshift openshift/origin:v3.7.1 start master --listen https://0.0.0.0:8443 - - sleep 15 - - # Fetch a copy of the kube config file - - docker exec -it openshift cat /var/lib/origin/openshift.local.config/master/admin.kubeconfig >tests/konfig.json - - - printf '[defaults]\nroles_path=../' >ansible.cfg - - echo "localhost ansible_connection=local ansible_python_interpreter=$(which python)">tests/inventory - -script: - - ansible-playbook -i tests/inventory -vvv tests/test.yml - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/LICENSE b/LICENSE index 8dada3ed..e72bfdda 100644 --- a/LICENSE +++ b/LICENSE @@ -1,201 +1,674 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. - 1. Definitions. + Preamble - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. + The GNU General Public License is a free, copyleft license for +software and other kinds of works. - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. + The precise terms and conditions for copying, distribution and +modification follow. - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. + TERMS AND CONDITIONS - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. + 0. Definitions. - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: + "This License" refers to version 3 of the GNU General Public License. - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. + A "covered work" means either the unmodified Program or a work based +on the Program. - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. + 1. Source Code. - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. - END OF TERMS AND CONDITIONS + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. - APPENDIX: How to apply the Apache License to your work. + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. - Copyright {yyyy} {name of copyright owner} + The Corresponding Source for a work in source code form is that +same work. - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at + 2. Basic Permissions. - http://www.apache.org/licenses/LICENSE-2.0 + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. \ No newline at end of file diff --git a/README.md b/README.md index 2a808334..4279bf2b 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,5 @@ # Kubernetes Collection for Ansible -[![Build Status](https://travis-ci.org/ansible-collections/kubernetes.svg?branch=master)](https://travis-ci.org/ansible-collections/kubernetes) - This repo hosts the `community.kubernetes` Ansible Collection. As this is an independent Collection, it can be released on its own release cadence. @@ -16,4 +14,4 @@ For more information see `#ansible-community` on Freenode IRC, or the [Kubernete GNU General Public License v3.0 or later -See LICENCING to see the full text. +See LICENCE to see the full text. diff --git a/ansible-kubernetes-modules.spec b/ansible-kubernetes-modules.spec deleted file mode 100644 index 1234f0af..00000000 --- a/ansible-kubernetes-modules.spec +++ /dev/null @@ -1,71 +0,0 @@ -Name: ansible-kubernetes-modules -Version: 0.4.0 -Release: 8%{?dist} -Summary: Ansible role containing pre-release K8s modules -License: ASL 2.0 -URL: https://github.com/ansible/%{name} -Source0: https://github.com/ansible/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz - -BuildArch: noarch - -Requires: ansible >= 2.3.0.0 -Requires: python-openshift >= 0.4 - -%description -%{summary} - -%prep -%autosetup -p1 - -%build - -%install -mkdir -p %{buildroot}%{_sysconfdir}/ansible/roles/ansible.kubernetes-modules -mv * %{buildroot}%{_sysconfdir}/ansible/roles/ansible.kubernetes-modules - -%check - -%files -%{_sysconfdir}/ansible/roles/ansible.kubernetes-modules - -%changelog -* Fri Jan 19 2018 David Zager 0.4.0-8 -- when in checkmode _create returns None and cannot have to_dict() called (#27) - (trbs@users.noreply.github.com) -- Show openshift version (chousekn@redhat.com) -- Unpin openshift (chousekn@redhat.com) -- regen modules (fabian@fabianism.us) -- Pin openshift. Trying Origin 3.6.7. (chousekn@redhat.com) - -* Wed Jan 17 2018 David Zager 0.4.0-7 -- Bump package version for 4.x (david.j.zager@gmail.com) -- Update releasers (david.j.zager@gmail.com) -- update generated modules (#26) (fabian@fabianism.us) - -* Mon Oct 16 2017 Jason Montleon 0.3.1-6 -- Update to latest k8s_common (chousekn@redhat.com) - -* Fri Oct 13 2017 Jason Montleon 0.3.1-5 -- increment release - -* Fri Oct 13 2017 Jason Montleon 0.3.1-4 -- Bump version - -* Fri Oct 13 2017 Jason Montleon 0.3.1-3 -- add python-openshift rpm dependency (jmontleo@redhat.com) -- Travis file cleanup (#13) (chousekn@redhat.com) -- Removes -i inventory (chousekn@redhat.com) -- Removes ansible-galaxy install (chousekn@redhat.com) -- Regen modules. Add tests. (chousekn@redhat.com) -- Add Travis button (chousekn@redhat.com) -- Add simple module test (chousekn@redhat.com) -- Adds latest generated modules (chousekn@redhat.com) - -* Fri Oct 06 2017 Jason Montleon 0.3.1-2 -- new package built with tito - -* Fri Oct 06 2017 Jason Montleon -- new package built with tito - -* Fri May 12 2017 Jason Montleon - 0.0.1-1 -- initial package diff --git a/defaults/main.yml b/defaults/main.yml deleted file mode 100644 index b7836bc7..00000000 --- a/defaults/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -install_python_requirements: no -virtualenv: diff --git a/galaxy.yml b/galaxy.yml new file mode 100644 index 00000000..31382a5c --- /dev/null +++ b/galaxy.yml @@ -0,0 +1,20 @@ +authors: [] +dependencies: {} +description: Kubernetes Collection for Ansible. +documentation: '' +homepage: '' +issues: https://github.com/ansible-collections/kubernetes/issues +license_file: LICENSE +name: kubernetes +namespace: community +readme: README.md +repository: https://github.com/ansible-collections/kubernetes +tags: + - kubernetes + - k8s + - cloud + - infrastructure + - openshift + - okd + - cluster +version: 0.9.0 diff --git a/library/k8s_apps_v1beta1_deployment.py b/library/k8s_apps_v1beta1_deployment.py deleted file mode 100644 index 2482a9cc..00000000 --- a/library/k8s_apps_v1beta1_deployment.py +++ /dev/null @@ -1,580 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_apps_v1beta1_deployment -short_description: Kubernetes Deployment -description: -- Manage the lifecycle of a deployment object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_paused: - description: - - Indicates that the deployment is paused. - aliases: - - paused - type: bool - spec_progress_deadline_seconds: - description: - - The maximum time in seconds for a deployment to make progress before it is considered - to be failed. The deployment controller will continue to process failed deployments - and a condition with a ProgressDeadlineExceeded reason will be surfaced in the - deployment status. Note that progress will not be estimated during the time - a deployment is paused. Defaults to 600s. - aliases: - - progress_deadline_seconds - type: int - spec_replicas: - description: - - Number of desired pods. This is a pointer to distinguish between explicit zero - and not specified. Defaults to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - The number of old ReplicaSets to retain to allow rollback. This is a pointer - to distinguish between explicit zero and not specified. Defaults to 2. - aliases: - - revision_history_limit - type: int - spec_rollback_to_revision: - description: - - The revision to rollback to. If set to 0, rollback to the last revision. - aliases: - - rollback_to_revision - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_strategy_rolling_update_max_surge: - description: - - 'The maximum number of pods that can be scheduled above the desired number of - pods. Value can be an absolute number (ex: 5) or a percentage of desired pods - (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated - from percentage by rounding up. Defaults to 25%. Example: when this is set to - 30%, the new RC can be scaled up immediately when the rolling update starts, - such that the total number of old and new pods do not exceed 130% of desired - pods. Once old pods have been killed, new RC can be scaled up further, ensuring - that total number of pods running at any time during the update is atmost 130% - of desired pods.' - aliases: - - strategy_rolling_update_max_surge - type: object - spec_strategy_rolling_update_max_unavailable: - description: - - 'The maximum number of pods that can be unavailable during the update. Value - can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. This can not - be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the - old RC can be scaled down to 70% of desired pods immediately when the rolling - update starts. Once new pods are ready, old RC can be scaled down further, followed - by scaling up the new RC, ensuring that the total number of pods available at - all times during the update is at least 70% of desired pods.' - aliases: - - strategy_rolling_update_max_unavailable - type: object - spec_strategy_type: - description: - - Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. - aliases: - - strategy_type - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('deployment', 'apps_v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_apps_v1beta1_deployment_list.py b/library/k8s_apps_v1beta1_deployment_list.py deleted file mode 100644 index 31eb457c..00000000 --- a/library/k8s_apps_v1beta1_deployment_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_apps_v1beta1_deployment_list -short_description: Kubernetes DeploymentList -description: -- Retrieve a list of deployments. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of Deployments. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('deployment_list', 'apps_v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_apps_v1beta1_scale.py b/library/k8s_apps_v1beta1_scale.py deleted file mode 100644 index 68320514..00000000 --- a/library/k8s_apps_v1beta1_scale.py +++ /dev/null @@ -1,148 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_apps_v1beta1_scale -short_description: Kubernetes Scale -description: -- Manage the lifecycle of a scale object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_replicas: - description: - - desired number of instances for the scaled object. - aliases: - - replicas - type: int - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -scale: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - spec: - description: - - defines the behavior of the scale. - type: complex - status: - description: - - current status of the scale. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('scale', 'apps_v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_extensions_v1beta1_deployment.py b/library/k8s_extensions_v1beta1_deployment.py deleted file mode 100644 index 130d67a8..00000000 --- a/library/k8s_extensions_v1beta1_deployment.py +++ /dev/null @@ -1,582 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_extensions_v1beta1_deployment -short_description: Kubernetes Deployment -description: -- Manage the lifecycle of a deployment object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_paused: - description: - - Indicates that the deployment is paused and will not be processed by the deployment - controller. - aliases: - - paused - type: bool - spec_progress_deadline_seconds: - description: - - The maximum time in seconds for a deployment to make progress before it is considered - to be failed. The deployment controller will continue to process failed deployments - and a condition with a ProgressDeadlineExceeded reason will be surfaced in the - deployment status. Note that progress will not be estimated during the time - a deployment is paused. This is not set by default. - aliases: - - progress_deadline_seconds - type: int - spec_replicas: - description: - - Number of desired pods. This is a pointer to distinguish between explicit zero - and not specified. Defaults to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - The number of old ReplicaSets to retain to allow rollback. This is a pointer - to distinguish between explicit zero and not specified. - aliases: - - revision_history_limit - type: int - spec_rollback_to_revision: - description: - - The revision to rollback to. If set to 0, rollback to the last revision. - aliases: - - rollback_to_revision - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_strategy_rolling_update_max_surge: - description: - - 'The maximum number of pods that can be scheduled above the desired number of - pods. Value can be an absolute number (ex: 5) or a percentage of desired pods - (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated - from percentage by rounding up. By default, a value of 1 is used. Example: when - this is set to 30%, the new RC can be scaled up immediately when the rolling - update starts, such that the total number of old and new pods do not exceed - 130% of desired pods. Once old pods have been killed, new RC can be scaled up - further, ensuring that total number of pods running at any time during the update - is atmost 130% of desired pods.' - aliases: - - strategy_rolling_update_max_surge - type: object - spec_strategy_rolling_update_max_unavailable: - description: - - 'The maximum number of pods that can be unavailable during the update. Value - can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. This can not - be 0 if MaxSurge is 0. By default, a fixed value of 1 is used. Example: when - this is set to 30%, the old RC can be scaled down to 70% of desired pods immediately - when the rolling update starts. Once new pods are ready, old RC can be scaled - down further, followed by scaling up the new RC, ensuring that the total number - of pods available at all times during the update is at least 70% of desired - pods.' - aliases: - - strategy_rolling_update_max_unavailable - type: object - spec_strategy_type: - description: - - Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. - aliases: - - strategy_type - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('deployment', 'extensions_v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_extensions_v1beta1_deployment_list.py b/library/k8s_extensions_v1beta1_deployment_list.py deleted file mode 100644 index 99f56b89..00000000 --- a/library/k8s_extensions_v1beta1_deployment_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_extensions_v1beta1_deployment_list -short_description: Kubernetes DeploymentList -description: -- Retrieve a list of deployments. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of Deployments. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('deployment_list', 'extensions_v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_extensions_v1beta1_scale.py b/library/k8s_extensions_v1beta1_scale.py deleted file mode 100644 index 910cfdd8..00000000 --- a/library/k8s_extensions_v1beta1_scale.py +++ /dev/null @@ -1,148 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_extensions_v1beta1_scale -short_description: Kubernetes Scale -description: -- Manage the lifecycle of a scale object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_replicas: - description: - - desired number of instances for the scaled object. - aliases: - - replicas - type: int - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -scale: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - spec: - description: - - defines the behavior of the scale. - type: complex - status: - description: - - current status of the scale. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('scale', 'extensions_v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_binding.py b/library/k8s_v1_binding.py deleted file mode 100644 index dd7fea0b..00000000 --- a/library/k8s_v1_binding.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_binding -short_description: Kubernetes Binding -description: -- Manage the lifecycle of a binding object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - target_api_version: - description: - - API version of the referent. - aliases: - - api_version - target_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - target_kind: - description: - - Kind of the referent. - aliases: - - kind - target_name: - description: - - Name of the referent. - target_namespace: - description: - - Namespace of the referent. - target_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - target_uid: - description: - - UID of the referent. - aliases: - - uid - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -binding: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - target: - description: - - The target object that you want to bind to the standard object. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('binding', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_cluster_role.py b/library/k8s_v1_cluster_role.py deleted file mode 100644 index 92cc733f..00000000 --- a/library/k8s_v1_cluster_role.py +++ /dev/null @@ -1,202 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_cluster_role -short_description: Kubernetes ClusterRole -description: -- Manage the lifecycle of a cluster_role object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable for - ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply - to API resources (such as "pods" or "secrets") or non-resource URL paths - (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_cluster_role_binding.py b/library/k8s_v1_cluster_role_binding.py deleted file mode 100644 index f260e0f4..00000000 --- a/library/k8s_v1_cluster_role_binding.py +++ /dev/null @@ -1,207 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_cluster_role_binding -short_description: Kubernetes ClusterRoleBinding -description: -- Manage the lifecycle of a cluster_role_binding object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_group: - description: - - APIGroup is the group for the resource being referenced - aliases: - - api_group - role_ref_kind: - description: - - Kind is the type of resource being referenced - aliases: - - kind - role_ref_name: - description: - - Name is the name of resource being referenced - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef - cannot be resolved, the Authorizer must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to "" - for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for - User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group are - "User", "Group", and "ServiceAccount". If the Authorizer does not recognized - the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_binding', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_cluster_role_binding_list.py b/library/k8s_v1_cluster_role_binding_list.py deleted file mode 100644 index 0e105a81..00000000 --- a/library/k8s_v1_cluster_role_binding_list.py +++ /dev/null @@ -1,189 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_cluster_role_binding_list -short_description: Kubernetes ClusterRoleBindingList -description: -- Retrieve a list of cluster_role_bindings. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference a ClusterRole in the global namespace. If the - RoleRef cannot be resolved, the Authorizer must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to - "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group - are "User", "Group", and "ServiceAccount". If the Authorizer does - not recognized the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_binding_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_cluster_role_list.py b/library/k8s_v1_cluster_role_list.py deleted file mode 100644 index 7e59be6b..00000000 --- a/library/k8s_v1_cluster_role_list.py +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_cluster_role_list -short_description: Kubernetes ClusterRoleList -description: -- Retrieve a list of cluster_roles. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If multiple API groups are specified, any action requested against - one of the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable - for ClusterRoles referenced from a ClusterRoleBinding. Rules can either - apply to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_component_status.py b/library/k8s_v1_component_status.py deleted file mode 100644 index 0e90b161..00000000 --- a/library/k8s_v1_component_status.py +++ /dev/null @@ -1,162 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_component_status -short_description: Kubernetes ComponentStatus -description: -- Manage the lifecycle of a component_status object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - conditions: - description: - - List of component conditions observed - type: list - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -component_status: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - conditions: - description: - - List of component conditions observed - type: list - contains: - error: - description: - - Condition error code for a component. For example, a health check error - code. - type: str - message: - description: - - Message about the condition for a component. For example, information - about a health check. - type: str - status: - description: - - 'Status of the condition for a component. Valid values for "Healthy": - "True", "False", or "Unknown".' - type: str - type: - description: - - 'Type of condition for a component. Valid value: "Healthy"' - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('component_status', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_component_status_list.py b/library/k8s_v1_component_status_list.py deleted file mode 100644 index 4c0809bf..00000000 --- a/library/k8s_v1_component_status_list.py +++ /dev/null @@ -1,157 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_component_status_list -short_description: Kubernetes ComponentStatusList -description: -- Retrieve a list of component_status. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -component_status_list: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ComponentStatus objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - conditions: - description: - - List of component conditions observed - type: list - contains: - error: - description: - - Condition error code for a component. For example, a health check - error code. - type: str - message: - description: - - Message about the condition for a component. For example, information - about a health check. - type: str - status: - description: - - 'Status of the condition for a component. Valid values for "Healthy": - "True", "False", or "Unknown".' - type: str - type: - description: - - 'Type of condition for a component. Valid value: "Healthy"' - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('component_status_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_config_map.py b/library/k8s_v1_config_map.py deleted file mode 100644 index e9a2d97b..00000000 --- a/library/k8s_v1_config_map.py +++ /dev/null @@ -1,169 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_config_map -short_description: Kubernetes ConfigMap -description: -- Manage the lifecycle of a config_map object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - data: - description: - - Data contains the configuration data. Each key must consist of alphanumeric - characters, '-', '_' or '.'. - type: dict - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -config_map: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - data: - description: - - Data contains the configuration data. Each key must consist of alphanumeric - characters, '-', '_' or '.'. - type: complex - contains: str, str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('config_map', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_config_map_list.py b/library/k8s_v1_config_map_list.py deleted file mode 100644 index a0a8b18b..00000000 --- a/library/k8s_v1_config_map_list.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_config_map_list -short_description: Kubernetes ConfigMapList -description: -- Retrieve a list of config_maps. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -config_map_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of ConfigMaps. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - data: - description: - - Data contains the configuration data. Each key must consist of alphanumeric - characters, '-', '_' or '.'. - type: complex - contains: str, str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - '' - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('config_map_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_endpoints.py b/library/k8s_v1_endpoints.py deleted file mode 100644 index ce296dc4..00000000 --- a/library/k8s_v1_endpoints.py +++ /dev/null @@ -1,250 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_endpoints -short_description: Kubernetes Endpoints -description: -- Manage the lifecycle of a endpoints object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subsets: - description: - - The set of all endpoints is the union of all subsets. Addresses are placed into - subsets according to the IPs they share. A single address with multiple ports, - some of which are ready and some of which are not (because they come from different - containers) will result in the address being displayed in different subsets - for the different ports. No address will appear in both Addresses and NotReadyAddresses - in the same subset. Sets of addresses and ports that comprise a service. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -endpoints: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - subsets: - description: - - The set of all endpoints is the union of all subsets. Addresses are placed - into subsets according to the IPs they share. A single address with multiple - ports, some of which are ready and some of which are not (because they come - from different containers) will result in the address being displayed in different - subsets for the different ports. No address will appear in both Addresses - and NotReadyAddresses in the same subset. Sets of addresses and ports that - comprise a service. - type: list - contains: - addresses: - description: - - IP addresses which offer the related ports that are marked as ready. These - endpoints should be considered safe for load balancers and clients to - utilize. - type: list - contains: - hostname: - description: - - The Hostname of this endpoint - type: str - ip: - description: - - The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local - (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is - also accepted but not fully supported on all platforms. Also, certain - kubernetes components, like kube-proxy, are not IPv6 ready. - type: str - node_name: - description: - - 'Optional: Node hosting this endpoint. This can be used to determine - endpoints local to a node.' - type: str - target_ref: - description: - - Reference to object providing the endpoint. - type: complex - not_ready_addresses: - description: - - IP addresses which offer the related ports but are not currently marked - as ready because they have not yet finished starting, have recently failed - a readiness check, or have recently failed a liveness check. - type: list - contains: - hostname: - description: - - The Hostname of this endpoint - type: str - ip: - description: - - The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local - (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is - also accepted but not fully supported on all platforms. Also, certain - kubernetes components, like kube-proxy, are not IPv6 ready. - type: str - node_name: - description: - - 'Optional: Node hosting this endpoint. This can be used to determine - endpoints local to a node.' - type: str - target_ref: - description: - - Reference to object providing the endpoint. - type: complex - ports: - description: - - Port numbers available on the related IP addresses. - type: list - contains: - name: - description: - - The name of this port (corresponds to ServicePort.Name). Must be a - DNS_LABEL. Optional only if one port is defined. - type: str - port: - description: - - The port number of the endpoint. - type: int - protocol: - description: - - The IP protocol for this port. Must be UDP or TCP. Default is TCP. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('endpoints', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_endpoints_list.py b/library/k8s_v1_endpoints_list.py deleted file mode 100644 index 1a032c3a..00000000 --- a/library/k8s_v1_endpoints_list.py +++ /dev/null @@ -1,241 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_endpoints_list -short_description: Kubernetes EndpointsList -description: -- Retrieve a list of endpoints. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -endpoints_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of endpoints. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - subsets: - description: - - The set of all endpoints is the union of all subsets. Addresses are placed - into subsets according to the IPs they share. A single address with multiple - ports, some of which are ready and some of which are not (because they - come from different containers) will result in the address being displayed - in different subsets for the different ports. No address will appear in - both Addresses and NotReadyAddresses in the same subset. Sets of addresses - and ports that comprise a service. - type: list - contains: - addresses: - description: - - IP addresses which offer the related ports that are marked as ready. - These endpoints should be considered safe for load balancers and clients - to utilize. - type: list - contains: - hostname: - description: - - The Hostname of this endpoint - type: str - ip: - description: - - The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local - (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 - is also accepted but not fully supported on all platforms. Also, - certain kubernetes components, like kube-proxy, are not IPv6 ready. - type: str - node_name: - description: - - 'Optional: Node hosting this endpoint. This can be used to determine - endpoints local to a node.' - type: str - target_ref: - description: - - Reference to object providing the endpoint. - type: complex - not_ready_addresses: - description: - - IP addresses which offer the related ports but are not currently marked - as ready because they have not yet finished starting, have recently - failed a readiness check, or have recently failed a liveness check. - type: list - contains: - hostname: - description: - - The Hostname of this endpoint - type: str - ip: - description: - - The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local - (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 - is also accepted but not fully supported on all platforms. Also, - certain kubernetes components, like kube-proxy, are not IPv6 ready. - type: str - node_name: - description: - - 'Optional: Node hosting this endpoint. This can be used to determine - endpoints local to a node.' - type: str - target_ref: - description: - - Reference to object providing the endpoint. - type: complex - ports: - description: - - Port numbers available on the related IP addresses. - type: list - contains: - name: - description: - - The name of this port (corresponds to ServicePort.Name). Must - be a DNS_LABEL. Optional only if one port is defined. - type: str - port: - description: - - The port number of the endpoint. - type: int - protocol: - description: - - The IP protocol for this port. Must be UDP or TCP. Default is - TCP. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('endpoints_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_event.py b/library/k8s_v1_event.py deleted file mode 100644 index 93e5296f..00000000 --- a/library/k8s_v1_event.py +++ /dev/null @@ -1,261 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_event -short_description: Kubernetes Event -description: -- Manage the lifecycle of a event object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - count: - description: - - The number of times this event has occurred. - type: int - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - first_timestamp: - description: - - The time at which the event was first recorded. (Time of server receipt is in - TypeMeta.) - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - involved_object_api_version: - description: - - API version of the referent. - aliases: - - api_version - involved_object_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - involved_object_kind: - description: - - Kind of the referent. - aliases: - - kind - involved_object_name: - description: - - Name of the referent. - involved_object_namespace: - description: - - Namespace of the referent. - involved_object_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - involved_object_uid: - description: - - UID of the referent. - aliases: - - uid - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - last_timestamp: - description: - - The time at which the most recent occurrence of this event was recorded. - message: - description: - - A human-readable description of the status of this operation. - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - reason: - description: - - This should be a short, machine understandable string that gives the reason - for the transition into the object's current status. - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - source_component: - description: - - Component from which the event is generated. - aliases: - - component - source_host: - description: - - Node name on which the event is generated. - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - type: - description: - - Type of this event (Normal, Warning), new types could be added in the future - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -event: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - count: - description: - - The number of times this event has occurred. - type: int - first_timestamp: - description: - - The time at which the event was first recorded. (Time of server receipt is - in TypeMeta.) - type: complex - contains: {} - involved_object: - description: - - The object that this event is about. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - last_timestamp: - description: - - The time at which the most recent occurrence of this event was recorded. - type: complex - contains: {} - message: - description: - - A human-readable description of the status of this operation. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - reason: - description: - - This should be a short, machine understandable string that gives the reason - for the transition into the object's current status. - type: str - source: - description: - - The component reporting this event. Should be a short machine understandable - string. - type: complex - type: - description: - - Type of this event (Normal, Warning), new types could be added in the future - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('event', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_event_list.py b/library/k8s_v1_event_list.py deleted file mode 100644 index 717b2033..00000000 --- a/library/k8s_v1_event_list.py +++ /dev/null @@ -1,195 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_event_list -short_description: Kubernetes EventList -description: -- Retrieve a list of events. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -event_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of events - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - count: - description: - - The number of times this event has occurred. - type: int - first_timestamp: - description: - - The time at which the event was first recorded. (Time of server receipt - is in TypeMeta.) - type: complex - contains: {} - involved_object: - description: - - The object that this event is about. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - last_timestamp: - description: - - The time at which the most recent occurrence of this event was recorded. - type: complex - contains: {} - message: - description: - - A human-readable description of the status of this operation. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - reason: - description: - - This should be a short, machine understandable string that gives the reason - for the transition into the object's current status. - type: str - source: - description: - - The component reporting this event. Should be a short machine understandable - string. - type: complex - type: - description: - - Type of this event (Normal, Warning), new types could be added in the - future - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('event_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_horizontal_pod_autoscaler.py b/library/k8s_v1_horizontal_pod_autoscaler.py deleted file mode 100644 index 32d78042..00000000 --- a/library/k8s_v1_horizontal_pod_autoscaler.py +++ /dev/null @@ -1,211 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_horizontal_pod_autoscaler -short_description: Kubernetes HorizontalPodAutoscaler -description: -- Manage the lifecycle of a horizontal_pod_autoscaler object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_max_replicas: - description: - - upper limit for the number of pods that can be set by the autoscaler; cannot - be smaller than MinReplicas. - aliases: - - max_replicas - type: int - spec_min_replicas: - description: - - lower limit for the number of pods that can be set by the autoscaler, default - 1. - aliases: - - min_replicas - type: int - spec_scale_target_ref_api_version: - description: - - API version of the referent - aliases: - - scale_target_ref_api_version - spec_scale_target_ref_kind: - description: - - Kind of the referent; - aliases: - - scale_target_ref_kind - spec_scale_target_ref_name: - description: - - Name of the referent; - aliases: - - scale_target_ref_name - spec_target_cpu_utilization_percentage: - description: - - target average CPU utilization (represented as a percentage of requested CPU) - over all the pods; if not specified the default autoscaling policy will be used. - aliases: - - target_cpu_utilization_percentage - type: int - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create replica set - k8s_v1_horizontal_pod_autoscaler.yml: - name: test-scaler - namespace: test - state: present - scale_target_ref_kind: ReplicaSet - scale_target_ref_name: test - min_replicas: 2 - max_replicas: 5 -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -horizontal_pod_autoscaler: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - behaviour of autoscaler. - type: complex - status: - description: - - current information about the autoscaler. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('horizontal_pod_autoscaler', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_horizontal_pod_autoscaler_list.py b/library/k8s_v1_horizontal_pod_autoscaler_list.py deleted file mode 100644 index e2264057..00000000 --- a/library/k8s_v1_horizontal_pod_autoscaler_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_horizontal_pod_autoscaler_list -short_description: Kubernetes HorizontalPodAutoscalerList -description: -- Retrieve a list of horizontal_pod_autoscalers. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -horizontal_pod_autoscaler_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - list of horizontal pod autoscaler objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - behaviour of autoscaler. - type: complex - status: - description: - - current information about the autoscaler. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('horizontal_pod_autoscaler_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_job.py b/library/k8s_v1_job.py deleted file mode 100644 index ff6dc77d..00000000 --- a/library/k8s_v1_job.py +++ /dev/null @@ -1,547 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_job -short_description: Kubernetes Job -description: -- Manage the lifecycle of a job object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_active_deadline_seconds: - description: - - Specifies the duration in seconds relative to the startTime that the job may - be active before the system tries to terminate it; value must be positive integer - aliases: - - active_deadline_seconds - type: int - spec_backoff_limit: - description: - - Specifies the number of retries before marking this job failed. Defaults to - 6 - aliases: - - backoff_limit - type: int - spec_completions: - description: - - Specifies the desired number of successfully finished pods the job should be - run with. Setting to nil means that the success of any pod signals the success - of all pods, and allows parallelism to have any positive value. Setting to 1 - means that parallelism is limited to 1 and the success of that pod signals the - success of the job. - aliases: - - completions - type: int - spec_manual_selector: - description: - - manualSelector controls generation of pod labels and pod selectors. Leave `manualSelector` - unset unless you are certain what you are doing. When false or unset, the system - pick labels unique to this job and appends those labels to the pod template. - When true, the user is responsible for picking unique labels and specifying - the selector. Failure to pick a unique label may cause this and other jobs to - not function correctly. However, You may see `manualSelector=true` in jobs that - were created with the old `extensions/v1beta1` API. - aliases: - - manual_selector - type: bool - spec_parallelism: - description: - - Specifies the maximum desired number of pods the job should run at any given - time. The actual number of pods running in steady state will be less than this - number when ((.spec.completions - .status.successful) < .spec.parallelism), - i.e. when the work left to do is less than max parallelism. - aliases: - - parallelism - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -job: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of a job. - type: complex - status: - description: - - Current status of a job. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('job', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_job_list.py b/library/k8s_v1_job_list.py deleted file mode 100644 index 7776e7d1..00000000 --- a/library/k8s_v1_job_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_job_list -short_description: Kubernetes JobList -description: -- Retrieve a list of jobs. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -job_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is the list of Jobs. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of a job. - type: complex - status: - description: - - Current status of a job. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('job_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_limit_range.py b/library/k8s_v1_limit_range.py deleted file mode 100644 index dbb4a749..00000000 --- a/library/k8s_v1_limit_range.py +++ /dev/null @@ -1,168 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_limit_range -short_description: Kubernetes LimitRange -description: -- Manage the lifecycle of a limit_range object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_limits: - description: - - Limits is the list of LimitRangeItem objects that are enforced. - aliases: - - limits - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -limit_range: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the limits enforced. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('limit_range', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_limit_range_list.py b/library/k8s_v1_limit_range_list.py deleted file mode 100644 index b00e29b5..00000000 --- a/library/k8s_v1_limit_range_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_limit_range_list -short_description: Kubernetes LimitRangeList -description: -- Retrieve a list of limit_ranges. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -limit_range_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of LimitRange objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the limits enforced. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('limit_range_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_local_subject_access_review.py b/library/k8s_v1_local_subject_access_review.py deleted file mode 100644 index c919e650..00000000 --- a/library/k8s_v1_local_subject_access_review.py +++ /dev/null @@ -1,218 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_local_subject_access_review -short_description: Kubernetes LocalSubjectAccessReview -description: -- Manage the lifecycle of a local_subject_access_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_extra: - description: - - Extra corresponds to the user.Info.GetExtra() method from the authenticator. - Since that is input to the authorizer it needs a reflection here. - aliases: - - extra - type: dict - spec_groups: - description: - - Groups is the groups you're testing for. - aliases: - - groups - type: list - spec_non_resource_attributes_path: - description: - - Path is the URL path of the request - aliases: - - non_resource_attributes_path - spec_non_resource_attributes_verb: - description: - - Verb is the standard HTTP verb - aliases: - - non_resource_attributes_verb - spec_resource_attributes_group: - description: - - Group is the API Group of the Resource. "*" means all. - aliases: - - resource_attributes_group - spec_resource_attributes_name: - description: - - Name is the name of the resource being requested for a "get" or deleted for - a "delete". "" (empty) means all. - aliases: - - resource_attributes_name - spec_resource_attributes_namespace: - description: - - Namespace is the namespace of the action being requested. Currently, there is - no distinction between no namespace and all namespaces "" (empty) is defaulted - for LocalSubjectAccessReviews "" (empty) is empty for cluster-scoped resources - "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview - or SelfSubjectAccessReview - aliases: - - resource_attributes_namespace - spec_resource_attributes_resource: - description: - - Resource is one of the existing resource types. "*" means all. - aliases: - - resource_attributes_resource - spec_resource_attributes_subresource: - description: - - Subresource is one of the existing resource types. "" means none. - aliases: - - resource_attributes_subresource - spec_resource_attributes_verb: - description: - - 'Verb is a kubernetes resource API verb, like: get, list, watch, create, update, - delete, proxy. "*" means all.' - aliases: - - resource_attributes_verb - spec_resource_attributes_version: - description: - - Version is the API Version of the Resource. "*" means all. - aliases: - - resource_attributes_version - spec_uid: - description: - - UID information about the requesting user. - aliases: - - uid - spec_user: - description: - - User is the user you're testing for. If you specify "User" but not "Groups", - then is it interpreted as "What if User were not a member of any groups - aliases: - - user - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -local_subject_access_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated. spec.namespace must - be equal to the namespace you made the request against. If empty, it is defaulted. - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request is allowed - or not - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('local_subject_access_review', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_namespace.py b/library/k8s_v1_namespace.py deleted file mode 100644 index 895760e8..00000000 --- a/library/k8s_v1_namespace.py +++ /dev/null @@ -1,224 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_namespace -short_description: Kubernetes Namespace -description: -- Manage the lifecycle of a namespace object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_finalizers: - description: - - Finalizers is an opaque list of values that must be empty to permanently remove - object from storage. - aliases: - - finalizers - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create a namespace - k8s_v1_namespace.yml: - name: k8s-namespace - state: present - -- name: Add labels and annotations - k8s_v1_namespace.yml: - name: k8s-namespace - state: present - labels: - app_env: production - app_class: '3' - annotations: - domain: namespace.com.acmecorp - -- name: Update labels and annotations - k8s_v1_namespace.yml: - name: k8s-namespace - state: present - labels: - app_env: production - app_class: '4' - app_group: '2' - annotations: - domain: namespace.app.com.acmecorp - monitoring_group: '1' - -- name: Create a namespace - k8s_v1_namespace.yml: - name: search-namespace - state: present - labels: - app: web - level: '1' - annotations: - company: acme.com - -- name: Replace namespace - k8s_v1_namespace.yml: - name: search-namespace - state: replaced - labels: - app: web_app - level: '3' - annotations: - company: acme.com - -- name: Remove namespace - k8s_v1_namespace.yml: - name: search-namespace - state: absent -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -namespace: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of the Namespace. - type: complex - status: - description: - - Status describes the current status of a Namespace. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('namespace', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_namespace_list.py b/library/k8s_v1_namespace_list.py deleted file mode 100644 index fb05ddb6..00000000 --- a/library/k8s_v1_namespace_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_namespace_list -short_description: Kubernetes NamespaceList -description: -- Retrieve a list of namespaces. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -namespace_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of Namespace objects in the list. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of the Namespace. - type: complex - status: - description: - - Status describes the current status of a Namespace. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('namespace_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_network_policy.py b/library/k8s_v1_network_policy.py deleted file mode 100644 index 9bd5f813..00000000 --- a/library/k8s_v1_network_policy.py +++ /dev/null @@ -1,217 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_network_policy -short_description: Kubernetes NetworkPolicy -description: -- Manage the lifecycle of a network_policy object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_egress: - description: - - List of egress rules to be applied to the selected pods. Outgoing traffic is - allowed if there are no NetworkPolicies selecting the pod (and cluster policy - otherwise allows the traffic), OR if the traffic matches at least one egress - rule across all of the NetworkPolicy objects whose podSelector matches the pod. - If this field is empty then this NetworkPolicy limits all outgoing traffic (and - serves solely to ensure that the pods it selects are isolated by default). This - field is beta-level in 1.8 - aliases: - - egress - type: list - spec_ingress: - description: - - List of ingress rules to be applied to the selected pods. Traffic is allowed - to a pod if there are no NetworkPolicies selecting the pod (and cluster policy - otherwise allows the traffic), OR if the traffic source is the pod's local node, - OR if the traffic matches at least one ingress rule across all of the NetworkPolicy - objects whose podSelector matches the pod. If this field is empty then this - NetworkPolicy does not allow any traffic (and serves solely to ensure that the - pods it selects are isolated by default) - aliases: - - ingress - type: list - spec_pod_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - pod_selector_match_expressions - type: list - spec_pod_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - pod_selector_match_labels - type: dict - spec_policy_types: - description: - - List of rule types that the NetworkPolicy relates to. Valid options are Ingress, - Egress, or Ingress,Egress. If this field is not specified, it will default based - on the existence of Ingress or Egress rules; policies that contain an Egress - section are assumed to affect Egress, and all policies (whether or not they - contain an Ingress section) are assumed to affect Ingress. If you want to write - an egress-only policy, you must explicitly specify policyTypes [ "Egress" ]. - Likewise, if you want to write a policy that specifies that no egress is allowed, - you must specify a policyTypes value that include "Egress" (since such a policy - would not include an Egress section and would otherwise default to just [ "Ingress" - ]). This field is beta-level in 1.8 - aliases: - - policy_types - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -network_policy: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior for this NetworkPolicy. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('network_policy', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_network_policy_list.py b/library/k8s_v1_network_policy_list.py deleted file mode 100644 index 70148432..00000000 --- a/library/k8s_v1_network_policy_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_network_policy_list -short_description: Kubernetes NetworkPolicyList -description: -- Retrieve a list of network_policys. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -network_policy_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of schema objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior for this NetworkPolicy. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('network_policy_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_node.py b/library/k8s_v1_node.py deleted file mode 100644 index d54cc265..00000000 --- a/library/k8s_v1_node.py +++ /dev/null @@ -1,250 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_node -short_description: Kubernetes Node -description: -- Manage the lifecycle of a node object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_config_source_api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - aliases: - - _source_api_version - spec_config_source_config_map_ref_api_version: - description: - - API version of the referent. - aliases: - - _source__map_ref_api_version - spec_config_source_config_map_ref_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - _source__map_ref_field_path - spec_config_source_config_map_ref_kind: - description: - - Kind of the referent. - aliases: - - _source__map_ref_kind - spec_config_source_config_map_ref_name: - description: - - Name of the referent. - aliases: - - _source__map_ref_name - spec_config_source_config_map_ref_namespace: - description: - - Namespace of the referent. - aliases: - - _source__map_ref_namespace - spec_config_source_config_map_ref_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - _source__map_ref_resource_version - spec_config_source_config_map_ref_uid: - description: - - UID of the referent. - aliases: - - _source__map_ref_uid - spec_config_source_kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - aliases: - - _source_kind - spec_external_id: - description: - - External ID of the node assigned by some machine database (e.g. a cloud provider). - Deprecated. - aliases: - - external_id - spec_pod_cidr: - description: - - PodCIDR represents the pod IP range assigned to the node. - aliases: - - pod_cidr - spec_provider_id: - description: - - 'ID of the node assigned by the cloud provider in the format: ://' - aliases: - - provider_id - spec_taints: - description: - - If specified, the node's taints. - aliases: - - taints - type: list - spec_unschedulable: - description: - - Unschedulable controls node schedulability of new pods. By default, node is - schedulable. - aliases: - - unschedulable - type: bool - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -node: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of a node. - type: complex - status: - description: - - Most recently observed status of the node. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('node', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_node_list.py b/library/k8s_v1_node_list.py deleted file mode 100644 index 97d419e0..00000000 --- a/library/k8s_v1_node_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_node_list -short_description: Kubernetes NodeList -description: -- Retrieve a list of nodes. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -node_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of nodes - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of a node. - type: complex - status: - description: - - Most recently observed status of the node. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('node_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_persistent_volume.py b/library/k8s_v1_persistent_volume.py deleted file mode 100644 index 44ad9b37..00000000 --- a/library/k8s_v1_persistent_volume.py +++ /dev/null @@ -1,867 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_persistent_volume -short_description: Kubernetes PersistentVolume -description: -- Manage the lifecycle of a persistent_volume object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_access_modes: - description: - - AccessModes contains all ways the volume can be mounted. - aliases: - - access_modes - type: list - spec_aws_elastic_block_store_fs_type: - description: - - 'Filesystem type of the volume that you want to mount. Tip: Ensure that the - filesystem type is supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.' - aliases: - - aws_elastic_block_store_fs_type - spec_aws_elastic_block_store_partition: - description: - - 'The partition in the volume that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume /dev/sda1, you specify the - partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you - can leave the property empty).' - aliases: - - aws_elastic_block_store_partition - type: int - spec_aws_elastic_block_store_read_only: - description: - - Specify "true" to force and set the ReadOnly property in VolumeMounts to "true". - If omitted, the default is "false". - aliases: - - aws_elastic_block_store_read_only - type: bool - spec_aws_elastic_block_store_volume_id: - description: - - Unique ID of the persistent disk resource in AWS (Amazon EBS volume). - aliases: - - aws_elastic_block_store_volume_id - spec_azure_disk_caching_mode: - description: - - 'Host Caching mode: None, Read Only, Read Write.' - aliases: - - azure_disk_caching_mode - spec_azure_disk_disk_name: - description: - - The Name of the data disk in the blob storage - aliases: - - azure_disk_disk_name - spec_azure_disk_disk_uri: - description: - - The URI the data disk in the blob storage - aliases: - - azure_disk_disk_uri - spec_azure_disk_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - aliases: - - azure_disk_fs_type - spec_azure_disk_kind: - description: - - 'Expected values Shared: mulitple blob disks per storage account Dedicated: - single blob disk per storage account Managed: azure managed data disk (only - in managed availability set). defaults to shared' - aliases: - - azure_disk_kind - spec_azure_disk_read_only: - description: - - Defaults to false (read/write). ReadOnly here will force the ReadOnly setting - in VolumeMounts. - aliases: - - azure_disk_read_only - type: bool - spec_azure_file_read_only: - description: - - Defaults to false (read/write). ReadOnly here will force the ReadOnly setting - in VolumeMounts. - aliases: - - azure_file_read_only - type: bool - spec_azure_file_secret_name: - description: - - the name of secret that contains Azure Storage Account Name and Key - aliases: - - azure_file_secret_name - spec_azure_file_secret_namespace: - description: - - the namespace of the secret that contains Azure Storage Account Name and Key - default is the same as the Pod - aliases: - - azure_file_secret_namespace - spec_azure_file_share_name: - description: - - Share Name - aliases: - - azure_file_share_name - spec_capacity: - description: - - A description of the persistent volume's resources and capacity. - aliases: - - capacity - type: dict - spec_cephfs_monitors: - description: - - 'Required: Monitors is a collection of Ceph monitors' - aliases: - - cephfs_monitors - type: list - spec_cephfs_path: - description: - - 'Optional: Used as the mounted root, rather than the full Ceph tree, default - is /' - aliases: - - cephfs_path - spec_cephfs_read_only: - description: - - 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' - aliases: - - cephfs_read_only - type: bool - spec_cephfs_secret_file: - description: - - 'Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret' - aliases: - - cephfs_secret_file - spec_cephfs_secret_ref_name: - description: - - Name is unique within a namespace to reference a secret resource. - aliases: - - cephfs_secret_ref_name - spec_cephfs_secret_ref_namespace: - description: - - Namespace defines the space within which the secret name must be unique. - aliases: - - cephfs_secret_ref_namespace - spec_cephfs_user: - description: - - 'Optional: User is the rados user name, default is admin' - aliases: - - cephfs_user - spec_cinder_fs_type: - description: - - 'Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if - unspecified.' - aliases: - - cinder_fs_type - spec_cinder_read_only: - description: - - 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' - aliases: - - cinder_read_only - type: bool - spec_cinder_volume_id: - description: - - volume id used to identify the volume in cinder - aliases: - - cinder_volume_id - spec_claim_ref_api_version: - description: - - API version of the referent. - aliases: - - claim_ref_api_version - spec_claim_ref_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - claim_ref_field_path - spec_claim_ref_kind: - description: - - Kind of the referent. - aliases: - - claim_ref_kind - spec_claim_ref_name: - description: - - Name of the referent. - aliases: - - claim_ref_name - spec_claim_ref_namespace: - description: - - Namespace of the referent. - aliases: - - claim_ref_namespace - spec_claim_ref_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - claim_ref_resource_version - spec_claim_ref_uid: - description: - - UID of the referent. - aliases: - - claim_ref_uid - spec_fc_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - aliases: - - fc_fs_type - spec_fc_lun: - description: - - 'Optional: FC target lun number' - aliases: - - fc_lun - type: int - spec_fc_read_only: - description: - - 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' - aliases: - - fc_read_only - type: bool - spec_fc_target_ww_ns: - description: - - 'Optional: FC target worldwide names (WWNs)' - aliases: - - fc_target_ww_ns - type: list - spec_fc_wwids: - description: - - 'Optional: FC volume world wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both simultaneously.' - aliases: - - fc_wwids - type: list - spec_flex_volume_driver: - description: - - Driver is the name of the driver to use for this volume. - aliases: - - flex_volume_driver - spec_flex_volume_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume - script. - aliases: - - flex_volume_fs_type - spec_flex_volume_options: - description: - - 'Optional: Extra command options if any.' - aliases: - - flex_volume_options - type: dict - spec_flex_volume_read_only: - description: - - 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' - aliases: - - flex_volume_read_only - type: bool - spec_flex_volume_secret_ref_name: - description: - - Name of the referent. - aliases: - - flex_volume_secret_ref_name - spec_flocker_dataset_name: - description: - - Name of the dataset stored as metadata -> name on the dataset for Flocker should - be considered as deprecated - aliases: - - flocker_dataset_name - spec_flocker_dataset_uuid: - description: - - UUID of the dataset. This is unique identifier of a Flocker dataset - aliases: - - flocker_dataset_uuid - spec_gce_persistent_disk_fs_type: - description: - - 'Filesystem type of the volume that you want to mount. Tip: Ensure that the - filesystem type is supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.' - aliases: - - gce_persistent_disk_fs_type - spec_gce_persistent_disk_partition: - description: - - 'The partition in the volume that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume /dev/sda1, you specify the - partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you - can leave the property empty).' - aliases: - - gce_persistent_disk_partition - type: int - spec_gce_persistent_disk_pd_name: - description: - - Unique name of the PD resource in GCE. Used to identify the disk in GCE. - aliases: - - gce_persistent_disk_pd_name - spec_gce_persistent_disk_read_only: - description: - - ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. - aliases: - - gce_persistent_disk_read_only - type: bool - spec_glusterfs_endpoints: - description: - - EndpointsName is the endpoint name that details Glusterfs topology. - aliases: - - glusterfs_endpoints - spec_glusterfs_path: - description: - - Path is the Glusterfs volume path. - aliases: - - glusterfs_path - spec_glusterfs_read_only: - description: - - ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. - Defaults to false. - aliases: - - glusterfs_read_only - type: bool - spec_host_path_path: - description: - - Path of the directory on the host. If the path is a symlink, it will follow - the link to the real path. - aliases: - - host_path_path - spec_host_path_type: - description: - - Type for HostPath Volume Defaults to "" - aliases: - - host_path_type - spec_iscsi_chap_auth_discovery: - description: - - whether support iSCSI Discovery CHAP authentication - aliases: - - iscsi_chap_auth_discovery - type: bool - spec_iscsi_chap_auth_session: - description: - - whether support iSCSI Session CHAP authentication - aliases: - - iscsi_chap_auth_session - type: bool - spec_iscsi_fs_type: - description: - - 'Filesystem type of the volume that you want to mount. Tip: Ensure that the - filesystem type is supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.' - aliases: - - iscsi_fs_type - spec_iscsi_initiator_name: - description: - - Custom iSCSI initiator name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created - for the connection. - aliases: - - iscsi_initiator_name - spec_iscsi_iqn: - description: - - Target iSCSI Qualified Name. - aliases: - - iscsi_iqn - spec_iscsi_iscsi_interface: - description: - - "Optional: Defaults to 'default' (tcp). iSCSI interface name that uses an iSCSI\ - \ transport." - aliases: - - iscsi_iscsi_interface - spec_iscsi_lun: - description: - - iSCSI target lun number. - aliases: - - iscsi_lun - type: int - spec_iscsi_portals: - description: - - iSCSI target portal List. The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports 860 and 3260). - aliases: - - iscsi_portals - type: list - spec_iscsi_read_only: - description: - - ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. - aliases: - - iscsi_read_only - type: bool - spec_iscsi_secret_ref_name: - description: - - Name of the referent. - aliases: - - iscsi_secret_ref_name - spec_iscsi_target_portal: - description: - - iSCSI target portal. The portal is either an IP or ip_addr:port if the port - is other than default (typically TCP ports 860 and 3260). - aliases: - - iscsi_target_portal - spec_local_path: - description: - - The full path to the volume on the node For alpha, this path must be a directory - Once block as a source is supported, then this path can point to a block device - aliases: - - local_path - spec_mount_options: - description: - - A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will simply - fail if one is invalid. - aliases: - - mount_options - type: list - spec_nfs_path: - description: - - Path that is exported by the NFS server. - aliases: - - nfs_path - spec_nfs_read_only: - description: - - ReadOnly here will force the NFS export to be mounted with read-only permissions. - Defaults to false. - aliases: - - nfs_read_only - type: bool - spec_nfs_server: - description: - - Server is the hostname or IP address of the NFS server. - aliases: - - nfs_server - spec_persistent_volume_reclaim_policy: - description: - - What happens to a persistent volume when released from its claim. Valid options - are Retain (default) and Recycle. Recycling must be supported by the volume - plugin underlying this persistent volume. - aliases: - - persistent_volume_reclaim_policy - spec_photon_persistent_disk_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - aliases: - - photon_persistent_disk_fs_type - spec_photon_persistent_disk_pd_id: - description: - - ID that identifies Photon Controller persistent disk - aliases: - - photon_persistent_disk_pd_id - spec_portworx_volume_fs_type: - description: - - FSType represents the filesystem type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" - if unspecified. - aliases: - - portworx_volume_fs_type - spec_portworx_volume_read_only: - description: - - Defaults to false (read/write). ReadOnly here will force the ReadOnly setting - in VolumeMounts. - aliases: - - portworx_volume_read_only - type: bool - spec_portworx_volume_volume_id: - description: - - VolumeID uniquely identifies a Portworx volume - aliases: - - portworx_volume_volume_id - spec_quobyte_group: - description: - - Group to map volume access to Default is no group - aliases: - - quobyte_group - spec_quobyte_read_only: - description: - - ReadOnly here will force the Quobyte volume to be mounted with read-only permissions. - Defaults to false. - aliases: - - quobyte_read_only - type: bool - spec_quobyte_registry: - description: - - Registry represents a single or multiple Quobyte Registry services specified - as a string as host:port pair (multiple entries are separated with commas) which - acts as the central registry for volumes - aliases: - - quobyte_registry - spec_quobyte_user: - description: - - User to map volume access to Defaults to serivceaccount user - aliases: - - quobyte_user - spec_quobyte_volume: - description: - - Volume is a string that references an already created Quobyte volume by name. - aliases: - - quobyte_volume - spec_rbd_fs_type: - description: - - 'Filesystem type of the volume that you want to mount. Tip: Ensure that the - filesystem type is supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.' - aliases: - - rbd_fs_type - spec_rbd_image: - description: - - The rados image name. - aliases: - - rbd_image - spec_rbd_keyring: - description: - - Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. - aliases: - - rbd_keyring - spec_rbd_monitors: - description: - - A collection of Ceph monitors. - aliases: - - rbd_monitors - type: list - spec_rbd_pool: - description: - - The rados pool name. Default is rbd. - aliases: - - rbd_pool - spec_rbd_read_only: - description: - - ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. - aliases: - - rbd_read_only - type: bool - spec_rbd_secret_ref_name: - description: - - Name of the referent. - aliases: - - rbd_secret_ref_name - spec_rbd_user: - description: - - The rados user name. Default is admin. - aliases: - - rbd_user - spec_scale_io_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - aliases: - - scale_io_fs_type - spec_scale_io_gateway: - description: - - The host address of the ScaleIO API Gateway. - aliases: - - scale_io_gateway - spec_scale_io_protection_domain: - description: - - The name of the ScaleIO Protection Domain for the configured storage. - aliases: - - scale_io_protection_domain - spec_scale_io_read_only: - description: - - Defaults to false (read/write). ReadOnly here will force the ReadOnly setting - in VolumeMounts. - aliases: - - scale_io_read_only - type: bool - spec_scale_io_secret_ref_name: - description: - - Name is unique within a namespace to reference a secret resource. - aliases: - - scale_io_secret_ref_name - spec_scale_io_secret_ref_namespace: - description: - - Namespace defines the space within which the secret name must be unique. - aliases: - - scale_io_secret_ref_namespace - spec_scale_io_ssl_enabled: - description: - - Flag to enable/disable SSL communication with Gateway, default false - aliases: - - scale_io_ssl_enabled - type: bool - spec_scale_io_storage_mode: - description: - - Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - aliases: - - scale_io_storage_mode - spec_scale_io_storage_pool: - description: - - The ScaleIO Storage Pool associated with the protection domain. - aliases: - - scale_io_storage_pool - spec_scale_io_system: - description: - - The name of the storage system as configured in ScaleIO. - aliases: - - scale_io_system - spec_scale_io_volume_name: - description: - - The name of a volume already created in the ScaleIO system that is associated - with this volume source. - aliases: - - scale_io_volume_name - spec_storage_class_name: - description: - - Name of StorageClass to which this persistent volume belongs. Empty value means - that this volume does not belong to any StorageClass. - aliases: - - storage_class_name - spec_storageos_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - aliases: - - storageos_fs_type - spec_storageos_read_only: - description: - - Defaults to false (read/write). ReadOnly here will force the ReadOnly setting - in VolumeMounts. - aliases: - - storageos_read_only - type: bool - spec_storageos_secret_ref_api_version: - description: - - API version of the referent. - aliases: - - storageos_secret_ref_api_version - spec_storageos_secret_ref_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - storageos_secret_ref_field_path - spec_storageos_secret_ref_kind: - description: - - Kind of the referent. - aliases: - - storageos_secret_ref_kind - spec_storageos_secret_ref_name: - description: - - Name of the referent. - aliases: - - storageos_secret_ref_name - spec_storageos_secret_ref_namespace: - description: - - Namespace of the referent. - aliases: - - storageos_secret_ref_namespace - spec_storageos_secret_ref_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - storageos_secret_ref_resource_version - spec_storageos_secret_ref_uid: - description: - - UID of the referent. - aliases: - - storageos_secret_ref_uid - spec_storageos_volume_name: - description: - - VolumeName is the human-readable name of the StorageOS volume. Volume names - are only unique within a namespace. - aliases: - - storageos_volume_name - spec_storageos_volume_namespace: - description: - - VolumeNamespace specifies the scope of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be used. This allows the Kubernetes - name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set to "default" if you are not - using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS - will be created. - aliases: - - storageos_volume_namespace - spec_vsphere_volume_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - aliases: - - vsphere_volume_fs_type - spec_vsphere_volume_storage_policy_id: - description: - - Storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - aliases: - - vsphere_volume_storage_policy_id - spec_vsphere_volume_storage_policy_name: - description: - - Storage Policy Based Management (SPBM) profile name. - aliases: - - vsphere_volume_storage_policy_name - spec_vsphere_volume_volume_path: - description: - - Path that identifies vSphere volume vmdk - aliases: - - vsphere_volume_volume_path - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create persitent volume - k8s_v1_persistent_volume.yml: - name: mypv - state: present - capacity: - storage: 1Gi - access_modes: - - ReadWriteOnce - persistent_volume_reclaim_policy: Recycle - host_path_path: /tmp/test_volume -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -persistent_volume: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines a specification of a persistent volume owned by the cluster. - Provisioned by an administrator. - type: complex - status: - description: - - Status represents the current information/status for the persistent volume. - Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('persistent_volume', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_persistent_volume_claim.py b/library/k8s_v1_persistent_volume_claim.py deleted file mode 100644 index 8e415203..00000000 --- a/library/k8s_v1_persistent_volume_claim.py +++ /dev/null @@ -1,222 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_persistent_volume_claim -short_description: Kubernetes PersistentVolumeClaim -description: -- Manage the lifecycle of a persistent_volume_claim object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_access_modes: - description: - - AccessModes contains the desired access modes the volume should have. - aliases: - - access_modes - type: list - spec_resources_limits: - description: - - Limits describes the maximum amount of compute resources allowed. - aliases: - - resources_limits - type: dict - spec_resources_requests: - description: - - Requests describes the minimum amount of compute resources required. If Requests - is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. - aliases: - - resources_requests - type: dict - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_storage_class_name: - description: - - Name of the StorageClass required by the claim. - aliases: - - storage_class_name - spec_volume_name: - description: - - VolumeName is the binding reference to the PersistentVolume backing this claim. - aliases: - - volume_name - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create persitent volume claim - k8s_v1_persistent_volume_claim.yml: - name: mypvc - namespace: demo_project - state: present - access_modes: - - ReadWriteOnce - resources_requests: - storage: 1Gi -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -persistent_volume_claim: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired characteristics of a volume requested by a pod author. - type: complex - status: - description: - - Status represents the current information/status of a persistent volume claim. - Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('persistent_volume_claim', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_persistent_volume_claim_list.py b/library/k8s_v1_persistent_volume_claim_list.py deleted file mode 100644 index 84934639..00000000 --- a/library/k8s_v1_persistent_volume_claim_list.py +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_persistent_volume_claim_list -short_description: Kubernetes PersistentVolumeClaimList -description: -- Retrieve a list of persistent_volume_claims. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -persistent_volume_claim_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - A list of persistent volume claims. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired characteristics of a volume requested by a pod - author. - type: complex - status: - description: - - Status represents the current information/status of a persistent volume - claim. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('persistent_volume_claim_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_persistent_volume_list.py b/library/k8s_v1_persistent_volume_list.py deleted file mode 100644 index 457de3c5..00000000 --- a/library/k8s_v1_persistent_volume_list.py +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_persistent_volume_list -short_description: Kubernetes PersistentVolumeList -description: -- Retrieve a list of persistent_volumes. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -persistent_volume_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of persistent volumes. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines a specification of a persistent volume owned by the cluster. - Provisioned by an administrator. - type: complex - status: - description: - - Status represents the current information/status for the persistent volume. - Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('persistent_volume_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_pod.py b/library/k8s_v1_pod.py deleted file mode 100644 index e2b19d52..00000000 --- a/library/k8s_v1_pod.py +++ /dev/null @@ -1,466 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_pod -short_description: Kubernetes Pod -description: -- Manage the lifecycle of a pod object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the pod. - type: complex - status: - description: - - Most recently observed status of the pod. This data may not be up to date. - Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_pod_list.py b/library/k8s_v1_pod_list.py deleted file mode 100644 index 5236efc0..00000000 --- a/library/k8s_v1_pod_list.py +++ /dev/null @@ -1,166 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_pod_list -short_description: Kubernetes PodList -description: -- Retrieve a list of pods. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of pods. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the pod. - type: complex - status: - description: - - Most recently observed status of the pod. This data may not be up to date. - Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_pod_template.py b/library/k8s_v1_pod_template.py deleted file mode 100644 index 0e367390..00000000 --- a/library/k8s_v1_pod_template.py +++ /dev/null @@ -1,484 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_pod_template -short_description: Kubernetes PodTemplate -description: -- Manage the lifecycle of a pod_template object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_template: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - template: - description: - - Template defines the pods that will be created from this pod template. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_template', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_pod_template_list.py b/library/k8s_v1_pod_template_list.py deleted file mode 100644 index 38223dc4..00000000 --- a/library/k8s_v1_pod_template_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_pod_template_list -short_description: Kubernetes PodTemplateList -description: -- Retrieve a list of pod_templates. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_template_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of pod templates - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - template: - description: - - Template defines the pods that will be created from this pod template. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_template_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_replication_controller.py b/library/k8s_v1_replication_controller.py deleted file mode 100644 index 5e12b183..00000000 --- a/library/k8s_v1_replication_controller.py +++ /dev/null @@ -1,517 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_replication_controller -short_description: Kubernetes ReplicationController -description: -- Manage the lifecycle of a replication_controller object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_replicas: - description: - - Replicas is the number of desired replicas. This is a pointer to distinguish - between explicit zero and unspecified. Defaults to 1. - aliases: - - replicas - type: int - spec_selector: - description: - - Selector is a label query over pods that should match the Replicas count. If - Selector is empty, it is defaulted to the labels present on the Pod template. - Label keys and values that must match in order to be controlled by this replication - controller, if empty defaulted to labels on Pod template. - aliases: - - selector - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replication_controller: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicationController are empty, they are defaulted to - be the same as the Pod(s) that the replication controller manages. Standard - object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the replication - controller. - type: complex - status: - description: - - Status is the most recently observed status of the replication controller. - This data may be out of date by some window of time. Populated by the system. - Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('replication_controller', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_replication_controller_list.py b/library/k8s_v1_replication_controller_list.py deleted file mode 100644 index 33af9445..00000000 --- a/library/k8s_v1_replication_controller_list.py +++ /dev/null @@ -1,170 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_replication_controller_list -short_description: Kubernetes ReplicationControllerList -description: -- Retrieve a list of replication_controllers. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replication_controller_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of replication controllers. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicationController are empty, they are defaulted - to be the same as the Pod(s) that the replication controller manages. - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the replication - controller. - type: complex - status: - description: - - Status is the most recently observed status of the replication controller. - This data may be out of date by some window of time. Populated by the - system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('replication_controller_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_resource_quota.py b/library/k8s_v1_resource_quota.py deleted file mode 100644 index fcd7bd53..00000000 --- a/library/k8s_v1_resource_quota.py +++ /dev/null @@ -1,179 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_resource_quota -short_description: Kubernetes ResourceQuota -description: -- Manage the lifecycle of a resource_quota object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_hard: - description: - - Hard is the set of desired hard limits for each named resource. - aliases: - - hard - type: dict - spec_scopes: - description: - - A collection of filters that must match each object tracked by a quota. If not - specified, the quota matches all objects. - aliases: - - scopes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -resource_quota: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired quota. - type: complex - status: - description: - - Status defines the actual enforced quota and its current usage. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('resource_quota', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_resource_quota_list.py b/library/k8s_v1_resource_quota_list.py deleted file mode 100644 index 099ae40b..00000000 --- a/library/k8s_v1_resource_quota_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_resource_quota_list -short_description: Kubernetes ResourceQuotaList -description: -- Retrieve a list of resource_quotas. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -resource_quota_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ResourceQuota objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired quota. - type: complex - status: - description: - - Status defines the actual enforced quota and its current usage. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('resource_quota_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_role.py b/library/k8s_v1_role.py deleted file mode 100644 index 5d65dc65..00000000 --- a/library/k8s_v1_role.py +++ /dev/null @@ -1,202 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_role -short_description: Kubernetes Role -description: -- Manage the lifecycle of a role object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable for - ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply - to API resources (such as "pods" or "secrets") or non-resource URL paths - (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_role_binding.py b/library/k8s_v1_role_binding.py deleted file mode 100644 index cade4763..00000000 --- a/library/k8s_v1_role_binding.py +++ /dev/null @@ -1,208 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_role_binding -short_description: Kubernetes RoleBinding -description: -- Manage the lifecycle of a role_binding object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_group: - description: - - APIGroup is the group for the resource being referenced - aliases: - - api_group - role_ref_kind: - description: - - Kind is the type of resource being referenced - aliases: - - kind - role_ref_name: - description: - - Name is the name of resource being referenced - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can reference a Role in the current namespace or a ClusterRole in - the global namespace. If the RoleRef cannot be resolved, the Authorizer must - return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to "" - for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for - User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group are - "User", "Group", and "ServiceAccount". If the Authorizer does not recognized - the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_binding', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_role_binding_list.py b/library/k8s_v1_role_binding_list.py deleted file mode 100644 index d00d147a..00000000 --- a/library/k8s_v1_role_binding_list.py +++ /dev/null @@ -1,190 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_role_binding_list -short_description: Kubernetes RoleBindingList -description: -- Retrieve a list of role_bindings. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of RoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can reference a Role in the current namespace or a ClusterRole - in the global namespace. If the RoleRef cannot be resolved, the Authorizer - must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to - "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group - are "User", "Group", and "ServiceAccount". If the Authorizer does - not recognized the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_binding_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_role_list.py b/library/k8s_v1_role_list.py deleted file mode 100644 index 42bf32da..00000000 --- a/library/k8s_v1_role_list.py +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_role_list -short_description: Kubernetes RoleList -description: -- Retrieve a list of roles. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of Roles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If multiple API groups are specified, any action requested against - one of the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable - for ClusterRoles referenced from a ClusterRoleBinding. Rules can either - apply to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_scale.py b/library/k8s_v1_scale.py deleted file mode 100644 index f86e4566..00000000 --- a/library/k8s_v1_scale.py +++ /dev/null @@ -1,148 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_scale -short_description: Kubernetes Scale -description: -- Manage the lifecycle of a scale object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_replicas: - description: - - desired number of instances for the scaled object. - aliases: - - replicas - type: int - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -scale: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - spec: - description: - - defines the behavior of the scale. - type: complex - status: - description: - - current status of the scale. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('scale', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_secret.py b/library/k8s_v1_secret.py deleted file mode 100644 index 57c839e2..00000000 --- a/library/k8s_v1_secret.py +++ /dev/null @@ -1,195 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_secret -short_description: Kubernetes Secret -description: -- Manage the lifecycle of a secret object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - data: - description: - - Data contains the secret data. Each key must consist of alphanumeric characters, - '-', '_' or '.'. The serialized form of the secret data is a base64 encoded - string, representing the arbitrary (possibly non-string) data value here. Described - in - type: dict - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - string_data: - description: - - stringData allows specifying non-binary secret data in string form. It is provided - as a write-only convenience method. All keys and values are merged into the - data field on write, overwriting any existing values. It is never output when - reading from the API. - type: dict - type: - description: - - Used to facilitate programmatic handling of secret data. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -secret: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - data: - description: - - Data contains the secret data. Each key must consist of alphanumeric characters, - '-', '_' or '.'. The serialized form of the secret data is a base64 encoded - string, representing the arbitrary (possibly non-string) data value here. - Described in - type: complex - contains: str, str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - string_data: - description: - - stringData allows specifying non-binary secret data in string form. It is - provided as a write-only convenience method. All keys and values are merged - into the data field on write, overwriting any existing values. It is never - output when reading from the API. - type: complex - contains: str, str - type: - description: - - Used to facilitate programmatic handling of secret data. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('secret', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_secret_list.py b/library/k8s_v1_secret_list.py deleted file mode 100644 index 38b12479..00000000 --- a/library/k8s_v1_secret_list.py +++ /dev/null @@ -1,177 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_secret_list -short_description: Kubernetes SecretList -description: -- Retrieve a list of secrets. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -secret_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of secret objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - data: - description: - - Data contains the secret data. Each key must consist of alphanumeric characters, - '-', '_' or '.'. The serialized form of the secret data is a base64 encoded - string, representing the arbitrary (possibly non-string) data value here. - Described in - type: complex - contains: str, str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - string_data: - description: - - stringData allows specifying non-binary secret data in string form. It - is provided as a write-only convenience method. All keys and values are - merged into the data field on write, overwriting any existing values. - It is never output when reading from the API. - type: complex - contains: str, str - type: - description: - - Used to facilitate programmatic handling of secret data. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('secret_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_self_subject_access_review.py b/library/k8s_v1_self_subject_access_review.py deleted file mode 100644 index 5f3a0a39..00000000 --- a/library/k8s_v1_self_subject_access_review.py +++ /dev/null @@ -1,194 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_self_subject_access_review -short_description: Kubernetes SelfSubjectAccessReview -description: -- Manage the lifecycle of a self_subject_access_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_non_resource_attributes_path: - description: - - Path is the URL path of the request - aliases: - - non_resource_attributes_path - spec_non_resource_attributes_verb: - description: - - Verb is the standard HTTP verb - aliases: - - non_resource_attributes_verb - spec_resource_attributes_group: - description: - - Group is the API Group of the Resource. "*" means all. - aliases: - - resource_attributes_group - spec_resource_attributes_name: - description: - - Name is the name of the resource being requested for a "get" or deleted for - a "delete". "" (empty) means all. - aliases: - - resource_attributes_name - spec_resource_attributes_namespace: - description: - - Namespace is the namespace of the action being requested. Currently, there is - no distinction between no namespace and all namespaces "" (empty) is defaulted - for LocalSubjectAccessReviews "" (empty) is empty for cluster-scoped resources - "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview - or SelfSubjectAccessReview - aliases: - - resource_attributes_namespace - spec_resource_attributes_resource: - description: - - Resource is one of the existing resource types. "*" means all. - aliases: - - resource_attributes_resource - spec_resource_attributes_subresource: - description: - - Subresource is one of the existing resource types. "" means none. - aliases: - - resource_attributes_subresource - spec_resource_attributes_verb: - description: - - 'Verb is a kubernetes resource API verb, like: get, list, watch, create, update, - delete, proxy. "*" means all.' - aliases: - - resource_attributes_verb - spec_resource_attributes_version: - description: - - Version is the API Version of the Resource. "*" means all. - aliases: - - resource_attributes_version - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -self_subject_access_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated. user and groups - must be empty - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request is allowed - or not - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('self_subject_access_review', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_self_subject_rules_review.py b/library/k8s_v1_self_subject_rules_review.py deleted file mode 100644 index db641f62..00000000 --- a/library/k8s_v1_self_subject_rules_review.py +++ /dev/null @@ -1,145 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_self_subject_rules_review -short_description: Kubernetes SelfSubjectRulesReview -description: -- Manage the lifecycle of a self_subject_rules_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_namespace: - description: - - Namespace to evaluate rules for. Required. - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -self_subject_rules_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated. - type: complex - status: - description: - - Status is filled in by the server and indicates the set of actions a user - can perform. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('self_subject_rules_review', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_service.py b/library/k8s_v1_service.py deleted file mode 100644 index 50fe5662..00000000 --- a/library/k8s_v1_service.py +++ /dev/null @@ -1,360 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_service -short_description: Kubernetes Service -description: -- Manage the lifecycle of a service object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_cluster_ip: - description: - - clusterIP is the IP address of the service and is usually assigned randomly - by the master. If an address is specified manually and is not in use by others, - it will be allocated to the service; otherwise, creation of the service will - fail. This field can not be changed through updates. Valid values are "None", - empty string (""), or a valid IP address. "None" can be specified for headless - services when proxying is not required. Only applies to types ClusterIP, NodePort, - and LoadBalancer. Ignored if type is ExternalName. - aliases: - - cluster_ip - spec_external_i_ps: - description: - - externalIPs is a list of IP addresses for which nodes in the cluster will also - accept traffic for this service. These IPs are not managed by Kubernetes. The - user is responsible for ensuring that traffic arrives at a node with this IP. - A common example is external load-balancers that are not part of the Kubernetes - system. - aliases: - - external_i_ps - type: list - spec_external_name: - description: - - externalName is the external reference that kubedns or equivalent will return - as a CNAME record for this service. No proxying will be involved. Must be a - valid DNS name and requires Type to be ExternalName. - aliases: - - external_name - spec_external_traffic_policy: - description: - - externalTrafficPolicy denotes if this Service desires to route external traffic - to node-local or cluster-wide endpoints. "Local" preserves the client source - IP and avoids a second hop for LoadBalancer and Nodeport type services, but - risks potentially imbalanced traffic spreading. "Cluster" obscures the client - source IP and may cause a second hop to another node, but should have good overall - load-spreading. - aliases: - - external_traffic_policy - spec_health_check_node_port: - description: - - healthCheckNodePort specifies the healthcheck nodePort for the service. If not - specified, HealthCheckNodePort is created by the service api backend with the - allocated nodePort. Will use user-specified nodePort value if specified by the - client. Only effects when Type is set to LoadBalancer and ExternalTrafficPolicy - is set to Local. - aliases: - - health_check_node_port - type: int - spec_load_balancer_ip: - description: - - 'Only applies to Service Type: LoadBalancer LoadBalancer will get created with - the IP specified in this field. This feature depends on whether the underlying - cloud-provider supports specifying the loadBalancerIP when a load balancer is - created. This field will be ignored if the cloud-provider does not support the - feature.' - aliases: - - load_balancer_ip - spec_load_balancer_source_ranges: - description: - - If specified and supported by the platform, this will restrict traffic through - the cloud-provider load-balancer will be restricted to the specified client - IPs. This field will be ignored if the cloud-provider does not support the feature." - aliases: - - load_balancer_source_ranges - type: list - spec_ports: - description: - - The list of ports that are exposed by this service. - aliases: - - ports - type: list - spec_publish_not_ready_addresses: - description: - - publishNotReadyAddresses, when set to true, indicates that DNS implementations - must publish the notReadyAddresses of subsets for the Endpoints associated with - the Service. The default value is false. The primary use case for setting this - field is to use a StatefulSet's Headless Service to propagate SRV records for - its Pods without respect to their readiness for purpose of peer discovery. This - field will replace the service.alpha.kubernetes.io/tolerate-unready-endpoints - when that annotation is deprecated and all clients have been converted to use - this field. - aliases: - - publish_not_ready_addresses - type: bool - spec_selector: - description: - - Route service traffic to pods with label keys and values matching this selector. - If empty or not present, the service is assumed to have an external process - managing its endpoints, which Kubernetes will not modify. Only applies to types - ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. - aliases: - - selector - type: dict - spec_session_affinity: - description: - - Supports "ClientIP" and "None". Used to maintain session affinity. Enable client - IP based session affinity. Must be ClientIP or None. Defaults to None. - aliases: - - session_affinity - spec_session_affinity_config_client_ip_timeout_seconds: - description: - - timeoutSeconds specifies the seconds of ClientIP type session sticky time. The - value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". Default - value is 10800(for 3 hours). - aliases: - - session_affinity__clientip_timeout_seconds - type: int - spec_type: - description: - - type determines how the Service is exposed. Defaults to ClusterIP. Valid options - are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ExternalName" maps - to the specified externalName. "ClusterIP" allocates a cluster-internal IP address - for load-balancing to endpoints. Endpoints are determined by the selector or - if that is not specified, by manual construction of an Endpoints object. If - clusterIP is "None", no virtual IP is allocated and the endpoints are published - as a set of endpoints rather than a stable IP. "NodePort" builds on ClusterIP - and allocates a port on every node which routes to the clusterIP. "LoadBalancer" - builds on NodePort and creates an external load-balancer (if supported in the - current cloud) which routes to the clusterIP. - aliases: - - type - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create service - k8s_v1_service.yml: - name: myservice - namespace: k8s-project - state: present - selector: - app: django - ports: - - port: 8765 - target_port: 8000 - name: http-port - type: ClusterIP - -- name: Patch service - k8s_v1_service.yml: - name: myservice - namespace: k8s-project - state: present - selector: - app: django - env: production - ports: - - port: 8765 - target_port: 8010 - name: http-port - - port: 8788 - target_port: 8080 - name: socket-port - type: ClusterIP - -- name: Create service - k8s_v1_service.yml: - name: myservice01 - namespace: k8s-project - state: present - selector: - app_name: service_testing - app_env: production - ports: - - port: 8888 - target_port: 8010 - name: http - type: ClusterIP - -- name: Patch service - k8s_v1_service.yml: - name: myservice01 - namespace: k8s-project - state: present - ports: - - port: 9443 - target_port: 9443 - name: https - - port: 8888 - target_port: 8015 - name: http - -- name: Repace service - k8s_v1_service.yml: - name: myservice01 - namespace: k8s-project - state: replaced - selector: - app_name: web_site - app_env: testing - ports: - - port: 9999 - target_port: 9999 - name: https - - port: 8080 - target_port: 8080 - name: http - type: NodePort -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -service: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of a service. - type: complex - status: - description: - - Most recently observed status of the service. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('service', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_service_account.py b/library/k8s_v1_service_account.py deleted file mode 100644 index 6c397c4e..00000000 --- a/library/k8s_v1_service_account.py +++ /dev/null @@ -1,235 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_service_account -short_description: Kubernetes ServiceAccount -description: -- Manage the lifecycle of a service_account object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether pods running as this service - account should have an API token automatically mounted. Can be overridden at - the pod level. - type: bool - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - image_pull_secrets: - description: - - ImagePullSecrets is a list of references to secrets in the same namespace to - use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets - are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets - are only accessed by the kubelet. - type: list - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - secrets: - description: - - Secrets is the list of secrets allowed to be used by pods running using this - ServiceAccount. - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -service_account: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether pods running as this service - account should have an API token automatically mounted. Can be overridden - at the pod level. - type: bool - image_pull_secrets: - description: - - ImagePullSecrets is a list of references to secrets in the same namespace - to use for pulling any images in pods that reference this ServiceAccount. - ImagePullSecrets are distinct from Secrets because Secrets can be mounted - in the pod, but ImagePullSecrets are only accessed by the kubelet. - type: list - contains: - name: - description: - - Name of the referent. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - secrets: - description: - - Secrets is the list of secrets allowed to be used by pods running using this - ServiceAccount. - type: list - contains: - api_version: - description: - - API version of the referent. - type: str - field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this - string should contain a valid JSON/Go field access statement, such as - desiredState.manifest.containers[2]. For example, if the object reference - is to a container within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered the event) - or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object.' - type: str - kind: - description: - - Kind of the referent. - type: str - name: - description: - - Name of the referent. - type: str - namespace: - description: - - Namespace of the referent. - type: str - resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - type: str - uid: - description: - - UID of the referent. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('service_account', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_service_account_list.py b/library/k8s_v1_service_account_list.py deleted file mode 100644 index ee94c7bc..00000000 --- a/library/k8s_v1_service_account_list.py +++ /dev/null @@ -1,217 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_service_account_list -short_description: Kubernetes ServiceAccountList -description: -- Retrieve a list of service_accounts. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -service_account_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ServiceAccounts. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether pods running as this service - account should have an API token automatically mounted. Can be overridden - at the pod level. - type: bool - image_pull_secrets: - description: - - ImagePullSecrets is a list of references to secrets in the same namespace - to use for pulling any images in pods that reference this ServiceAccount. - ImagePullSecrets are distinct from Secrets because Secrets can be mounted - in the pod, but ImagePullSecrets are only accessed by the kubelet. - type: list - contains: - name: - description: - - Name of the referent. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - secrets: - description: - - Secrets is the list of secrets allowed to be used by pods running using - this ServiceAccount. - type: list - contains: - api_version: - description: - - API version of the referent. - type: str - field_path: - description: - - 'If referring to a piece of an object instead of an entire object, - this string should contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For example, if the object - reference is to a container within a pod, this would take on a value - like: "spec.containers{name}" (where "name" refers to the name of - the container that triggered the event) or if no container name is - specified "spec.containers[2]" (container with index 2 in this pod). - This syntax is chosen only to have some well-defined way of referencing - a part of an object.' - type: str - kind: - description: - - Kind of the referent. - type: str - name: - description: - - Name of the referent. - type: str - namespace: - description: - - Namespace of the referent. - type: str - resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - type: str - uid: - description: - - UID of the referent. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('service_account_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_service_list.py b/library/k8s_v1_service_list.py deleted file mode 100644 index 4f09cef2..00000000 --- a/library/k8s_v1_service_list.py +++ /dev/null @@ -1,166 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_service_list -short_description: Kubernetes ServiceList -description: -- Retrieve a list of services. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -service_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of services - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of a service. - type: complex - status: - description: - - Most recently observed status of the service. Populated by the system. - Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('service_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_status.py b/library/k8s_v1_status.py deleted file mode 100644 index 23e07b74..00000000 --- a/library/k8s_v1_status.py +++ /dev/null @@ -1,184 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_status -short_description: Kubernetes Status -description: -- Manage the lifecycle of a status object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - code: - description: - - Suggested HTTP return code for this status, 0 if not set. - type: int - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - details_causes: - description: - - The Causes array includes more details associated with the StatusReason failure. - Not all StatusReasons may provide detailed causes. - aliases: - - causes - type: list - details_group: - description: - - The group attribute of the resource associated with the status StatusReason. - aliases: - - group - details_kind: - description: - - The kind attribute of the resource associated with the status StatusReason. - On some operations may differ from the requested resource Kind. - aliases: - - kind - details_name: - description: - - The name attribute of the resource associated with the status StatusReason (when - there is a single name which can be described). - aliases: - - name - details_retry_after_seconds: - description: - - If specified, the time in seconds before the operation should be retried. Some - errors may indicate the client must take an alternate action - for those errors - this field may indicate how long to wait before taking the alternate action. - aliases: - - retry_after_seconds - type: int - details_uid: - description: - - UID of the resource. (when there is a single resource which can be described). - aliases: - - uid - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - message: - description: - - A human-readable description of the status of this operation. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - reason: - description: - - A machine-readable description of why this operation is in the "Failure" status. - If this value is empty there is no information available. A Reason clarifies - an HTTP status code but does not override it. - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -status: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - code: - description: - - Suggested HTTP return code for this status, 0 if not set. - type: int - details: - description: - - Extended data associated with the reason. Each reason may define its own extended - details. This field is optional and the data returned is not guaranteed to - conform to any schema except that defined by the reason type. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - message: - description: - - A human-readable description of the status of this operation. - type: str - metadata: - description: - - Standard list metadata. - type: complex - reason: - description: - - A machine-readable description of why this operation is in the "Failure" status. - If this value is empty there is no information available. A Reason clarifies - an HTTP status code but does not override it. - type: str - status: - description: - - 'Status of the operation. One of: "Success" or "Failure".' - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('status', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_storage_class.py b/library/k8s_v1_storage_class.py deleted file mode 100644 index 53bd2356..00000000 --- a/library/k8s_v1_storage_class.py +++ /dev/null @@ -1,206 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_storage_class -short_description: Kubernetes StorageClass -description: -- Manage the lifecycle of a storage_class object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - allow_volume_expansion: - description: - - AllowVolumeExpansion shows whether the storage class allow volume expand - type: bool - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - mount_options: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with these mountOptions, e.g. ["ro", "soft"]. Not validated - mount of the PVs - will simply fail if one is invalid. - type: list - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - parameters: - description: - - Parameters holds the parameters for the provisioner that should create volumes - of this storage class. - type: dict - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - provisioner: - description: - - Provisioner indicates the type of the provisioner. - reclaim_policy: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with this reclaimPolicy. Defaults to Delete. - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -storage_class: - type: complex - returned: when I(state) = C(present) - contains: - allow_volume_expansion: - description: - - AllowVolumeExpansion shows whether the storage class allow volume expand - type: bool - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - mount_options: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with these mountOptions, e.g. ["ro", "soft"]. Not validated - mount of the - PVs will simply fail if one is invalid. - type: list - contains: str - parameters: - description: - - Parameters holds the parameters for the provisioner that should create volumes - of this storage class. - type: complex - contains: str, str - provisioner: - description: - - Provisioner indicates the type of the provisioner. - type: str - reclaim_policy: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with this reclaimPolicy. Defaults to Delete. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('storage_class', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_storage_class_list.py b/library/k8s_v1_storage_class_list.py deleted file mode 100644 index fe04f2cb..00000000 --- a/library/k8s_v1_storage_class_list.py +++ /dev/null @@ -1,183 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_storage_class_list -short_description: Kubernetes StorageClassList -description: -- Retrieve a list of storage_class. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -storage_class_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of StorageClasses - type: list - contains: - allow_volume_expansion: - description: - - AllowVolumeExpansion shows whether the storage class allow volume expand - type: bool - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - mount_options: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with these mountOptions, e.g. ["ro", "soft"]. Not validated - mount of - the PVs will simply fail if one is invalid. - type: list - contains: str - parameters: - description: - - Parameters holds the parameters for the provisioner that should create - volumes of this storage class. - type: complex - contains: str, str - provisioner: - description: - - Provisioner indicates the type of the provisioner. - type: str - reclaim_policy: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with this reclaimPolicy. Defaults to Delete. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('storage_class_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_subject_access_review.py b/library/k8s_v1_subject_access_review.py deleted file mode 100644 index fbd98eb4..00000000 --- a/library/k8s_v1_subject_access_review.py +++ /dev/null @@ -1,217 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_subject_access_review -short_description: Kubernetes SubjectAccessReview -description: -- Manage the lifecycle of a subject_access_review object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_extra: - description: - - Extra corresponds to the user.Info.GetExtra() method from the authenticator. - Since that is input to the authorizer it needs a reflection here. - aliases: - - extra - type: dict - spec_groups: - description: - - Groups is the groups you're testing for. - aliases: - - groups - type: list - spec_non_resource_attributes_path: - description: - - Path is the URL path of the request - aliases: - - non_resource_attributes_path - spec_non_resource_attributes_verb: - description: - - Verb is the standard HTTP verb - aliases: - - non_resource_attributes_verb - spec_resource_attributes_group: - description: - - Group is the API Group of the Resource. "*" means all. - aliases: - - resource_attributes_group - spec_resource_attributes_name: - description: - - Name is the name of the resource being requested for a "get" or deleted for - a "delete". "" (empty) means all. - aliases: - - resource_attributes_name - spec_resource_attributes_namespace: - description: - - Namespace is the namespace of the action being requested. Currently, there is - no distinction between no namespace and all namespaces "" (empty) is defaulted - for LocalSubjectAccessReviews "" (empty) is empty for cluster-scoped resources - "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview - or SelfSubjectAccessReview - aliases: - - resource_attributes_namespace - spec_resource_attributes_resource: - description: - - Resource is one of the existing resource types. "*" means all. - aliases: - - resource_attributes_resource - spec_resource_attributes_subresource: - description: - - Subresource is one of the existing resource types. "" means none. - aliases: - - resource_attributes_subresource - spec_resource_attributes_verb: - description: - - 'Verb is a kubernetes resource API verb, like: get, list, watch, create, update, - delete, proxy. "*" means all.' - aliases: - - resource_attributes_verb - spec_resource_attributes_version: - description: - - Version is the API Version of the Resource. "*" means all. - aliases: - - resource_attributes_version - spec_uid: - description: - - UID information about the requesting user. - aliases: - - uid - spec_user: - description: - - User is the user you're testing for. If you specify "User" but not "Groups", - then is it interpreted as "What if User were not a member of any groups - aliases: - - user - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -subject_access_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request is allowed - or not - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('subject_access_review', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_token_review.py b/library/k8s_v1_token_review.py deleted file mode 100644 index 50eec535..00000000 --- a/library/k8s_v1_token_review.py +++ /dev/null @@ -1,147 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_token_review -short_description: Kubernetes TokenReview -description: -- Manage the lifecycle of a token_review object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_token: - description: - - Token is the opaque bearer token. - aliases: - - token - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -token_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request can be - authenticated. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('token_review', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_cluster_role.py b/library/k8s_v1alpha1_cluster_role.py deleted file mode 100644 index 13d15be4..00000000 --- a/library/k8s_v1alpha1_cluster_role.py +++ /dev/null @@ -1,204 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_cluster_role -short_description: Kubernetes ClusterRole -description: -- Manage the lifecycle of a cluster_role object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path This - name is intentionally different than the internal type so that the DefaultConvert - works nicely and because the ordering may be different. Since non-resource - URLs are not namespaced, this field is only applicable for ClusterRoles - referenced from a ClusterRoleBinding. Rules can either apply to API resources - (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), - but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_cluster_role_binding.py b/library/k8s_v1alpha1_cluster_role_binding.py deleted file mode 100644 index bba2faba..00000000 --- a/library/k8s_v1alpha1_cluster_role_binding.py +++ /dev/null @@ -1,207 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_cluster_role_binding -short_description: Kubernetes ClusterRoleBinding -description: -- Manage the lifecycle of a cluster_role_binding object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_group: - description: - - APIGroup is the group for the resource being referenced - aliases: - - api_group - role_ref_kind: - description: - - Kind is the type of resource being referenced - aliases: - - kind - role_ref_name: - description: - - Name is the name of resource being referenced - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef - cannot be resolved, the Authorizer must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_version: - description: - - APIVersion holds the API group and version of the referenced subject. - Defaults to "v1" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io/v1alpha1" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group are - "User", "Group", and "ServiceAccount". If the Authorizer does not recognized - the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_binding', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_cluster_role_binding_list.py b/library/k8s_v1alpha1_cluster_role_binding_list.py deleted file mode 100644 index 173e8a4b..00000000 --- a/library/k8s_v1alpha1_cluster_role_binding_list.py +++ /dev/null @@ -1,189 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_cluster_role_binding_list -short_description: Kubernetes ClusterRoleBindingList -description: -- Retrieve a list of cluster_role_bindings. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference a ClusterRole in the global namespace. If the - RoleRef cannot be resolved, the Authorizer must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_version: - description: - - APIVersion holds the API group and version of the referenced subject. - Defaults to "v1" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io/v1alpha1" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group - are "User", "Group", and "ServiceAccount". If the Authorizer does - not recognized the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_binding_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_cluster_role_list.py b/library/k8s_v1alpha1_cluster_role_list.py deleted file mode 100644 index 3226a42a..00000000 --- a/library/k8s_v1alpha1_cluster_role_list.py +++ /dev/null @@ -1,199 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_cluster_role_list -short_description: Kubernetes ClusterRoleList -description: -- Retrieve a list of cluster_roles. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If multiple API groups are specified, any action requested against - one of the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path This - name is intentionally different than the internal type so that the - DefaultConvert works nicely and because the ordering may be different. - Since non-resource URLs are not namespaced, this field is only applicable - for ClusterRoles referenced from a ClusterRoleBinding. Rules can either - apply to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_external_admission_hook_configuration.py b/library/k8s_v1alpha1_external_admission_hook_configuration.py deleted file mode 100644 index 92f218ef..00000000 --- a/library/k8s_v1alpha1_external_admission_hook_configuration.py +++ /dev/null @@ -1,223 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_external_admission_hook_configuration -short_description: Kubernetes ExternalAdmissionHookConfiguration -description: -- Manage the lifecycle of a external_admission_hook_configuration object. Supports - check mode, and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - external_admission_hooks: - description: - - ExternalAdmissionHooks is a list of external admission webhooks and the affected - resources and operations. - type: list - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -external_admission_hook_configuration: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - external_admission_hooks: - description: - - ExternalAdmissionHooks is a list of external admission webhooks and the affected - resources and operations. - type: list - contains: - client_config: - description: - - ClientConfig defines how to communicate with the hook. Required - type: complex - failure_policy: - description: - - FailurePolicy defines how unrecognized errors from the admission endpoint - are handled - allowed values are Ignore or Fail. Defaults to Ignore. - type: str - name: - description: - - The name of the external admission webhook. Name should be fully qualified, - e.g., imagepolicy.kubernetes.io, where "imagepolicy" is the name of the - webhook, and kubernetes.io is the name of the organization. Required. - type: str - rules: - description: - - Rules describes what operations on what resources/subresources the webhook - cares about. The webhook cares about an operation if it matches _any_ - Rule. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all groups. - If '*' is present, the length of the slice must be one. Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is all - versions. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - operations: - description: - - Operations is the operations the admission hook cares about - CREATE, - UPDATE, or * for all operations. If '*' is present, the length of - the slice must be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means all\ - \ subresources of pods. '*/scale' means all scale subresources. '*/*'\ - \ means all resources and their subresources. If wildcard is present,\ - \ the validation rule will ensure resources do not overlap with each\ - \ other. Depending on the enclosing object, subresources might not\ - \ be allowed. Required." - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('external_admission_hook_configuration', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_external_admission_hook_configuration_list.py b/library/k8s_v1alpha1_external_admission_hook_configuration_list.py deleted file mode 100644 index dc9291f5..00000000 --- a/library/k8s_v1alpha1_external_admission_hook_configuration_list.py +++ /dev/null @@ -1,218 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_external_admission_hook_configuration_list -short_description: Kubernetes ExternalAdmissionHookConfigurationList -description: -- Retrieve a list of external_admission_hook_configurations. List operations provide - a snapshot read of the underlying objects, returning a resource_version representing - a consistent version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -external_admission_hook_configuration_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ExternalAdmissionHookConfiguration. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - external_admission_hooks: - description: - - ExternalAdmissionHooks is a list of external admission webhooks and the - affected resources and operations. - type: list - contains: - client_config: - description: - - ClientConfig defines how to communicate with the hook. Required - type: complex - failure_policy: - description: - - FailurePolicy defines how unrecognized errors from the admission endpoint - are handled - allowed values are Ignore or Fail. Defaults to Ignore. - type: str - name: - description: - - The name of the external admission webhook. Name should be fully qualified, - e.g., imagepolicy.kubernetes.io, where "imagepolicy" is the name of - the webhook, and kubernetes.io is the name of the organization. Required. - type: str - rules: - description: - - Rules describes what operations on what resources/subresources the - webhook cares about. The webhook cares about an operation if it matches - _any_ Rule. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all - groups. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is - all versions. If '*' is present, the length of the slice must - be one. Required. - type: list - contains: str - operations: - description: - - Operations is the operations the admission hook cares about - - CREATE, UPDATE, or * for all operations. If '*' is present, the - length of the slice must be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means\ - \ all subresources of pods. '*/scale' means all scale subresources.\ - \ '*/*' means all resources and their subresources. If wildcard\ - \ is present, the validation rule will ensure resources do not\ - \ overlap with each other. Depending on the enclosing object,\ - \ subresources might not be allowed. Required." - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('external_admission_hook_configuration_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_initializer_configuration.py b/library/k8s_v1alpha1_initializer_configuration.py deleted file mode 100644 index 85e89f47..00000000 --- a/library/k8s_v1alpha1_initializer_configuration.py +++ /dev/null @@ -1,212 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_initializer_configuration -short_description: Kubernetes InitializerConfiguration -description: -- Manage the lifecycle of a initializer_configuration object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - initializers: - description: - - Initializers is a list of resources and their default initializers Order-sensitive. - When merging multiple InitializerConfigurations, we sort the initializers from - different InitializerConfigurations by the name of the InitializerConfigurations; - the order of the initializers from the same InitializerConfiguration is preserved. - type: list - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -initializer_configuration: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - initializers: - description: - - Initializers is a list of resources and their default initializers Order-sensitive. - When merging multiple InitializerConfigurations, we sort the initializers - from different InitializerConfigurations by the name of the InitializerConfigurations; - the order of the initializers from the same InitializerConfiguration is preserved. - type: list - contains: - name: - description: - - Name is the identifier of the initializer. It will be added to the object - that needs to be initialized. Name should be fully qualified, e.g., alwayspullimages.kubernetes.io, - where "alwayspullimages" is the name of the webhook, and kubernetes.io - is the name of the organization. Required - type: str - rules: - description: - - Rules describes what resources/subresources the initializer cares about. - The initializer cares about an operation if it matches _any_ Rule. Rule.Resources - must not include subresources. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all groups. - If '*' is present, the length of the slice must be one. Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is all - versions. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means all\ - \ subresources of pods. '*/scale' means all scale subresources. '*/*'\ - \ means all resources and their subresources. If wildcard is present,\ - \ the validation rule will ensure resources do not overlap with each\ - \ other. Depending on the enclosing object, subresources might not\ - \ be allowed. Required." - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('initializer_configuration', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_initializer_configuration_list.py b/library/k8s_v1alpha1_initializer_configuration_list.py deleted file mode 100644 index 1e3b1d1d..00000000 --- a/library/k8s_v1alpha1_initializer_configuration_list.py +++ /dev/null @@ -1,207 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_initializer_configuration_list -short_description: Kubernetes InitializerConfigurationList -description: -- Retrieve a list of initializer_configurations. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -initializer_configuration_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of InitializerConfiguration. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - initializers: - description: - - Initializers is a list of resources and their default initializers Order-sensitive. - When merging multiple InitializerConfigurations, we sort the initializers - from different InitializerConfigurations by the name of the InitializerConfigurations; - the order of the initializers from the same InitializerConfiguration is - preserved. - type: list - contains: - name: - description: - - Name is the identifier of the initializer. It will be added to the - object that needs to be initialized. Name should be fully qualified, - e.g., alwayspullimages.kubernetes.io, where "alwayspullimages" is - the name of the webhook, and kubernetes.io is the name of the organization. - Required - type: str - rules: - description: - - Rules describes what resources/subresources the initializer cares - about. The initializer cares about an operation if it matches _any_ - Rule. Rule.Resources must not include subresources. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all - groups. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is - all versions. If '*' is present, the length of the slice must - be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means\ - \ all subresources of pods. '*/scale' means all scale subresources.\ - \ '*/*' means all resources and their subresources. If wildcard\ - \ is present, the validation rule will ensure resources do not\ - \ overlap with each other. Depending on the enclosing object,\ - \ subresources might not be allowed. Required." - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('initializer_configuration_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_pod_preset.py b/library/k8s_v1alpha1_pod_preset.py deleted file mode 100644 index 26524fa7..00000000 --- a/library/k8s_v1alpha1_pod_preset.py +++ /dev/null @@ -1,200 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_pod_preset -short_description: Kubernetes PodPreset -description: -- Manage the lifecycle of a pod_preset object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_env: - description: - - Env defines the collection of EnvVar to inject into containers. - aliases: - - env - type: list - spec_env_from: - description: - - EnvFrom defines the collection of EnvFromSource to inject into containers. - aliases: - - env_from - type: list - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_volume_mounts: - description: - - VolumeMounts defines the collection of VolumeMount to inject into containers. - aliases: - - volume_mounts - type: list - spec_volumes: - description: - - Volumes defines the collection of Volume to inject into the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_preset: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_preset', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_pod_preset_list.py b/library/k8s_v1alpha1_pod_preset_list.py deleted file mode 100644 index 871ac61a..00000000 --- a/library/k8s_v1alpha1_pod_preset_list.py +++ /dev/null @@ -1,159 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_pod_preset_list -short_description: Kubernetes PodPresetList -description: -- Retrieve a list of pod_presets. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_preset_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of schema objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: [] - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_preset_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_priority_class.py b/library/k8s_v1alpha1_priority_class.py deleted file mode 100644 index d0ba5d01..00000000 --- a/library/k8s_v1alpha1_priority_class.py +++ /dev/null @@ -1,187 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_priority_class -short_description: Kubernetes PriorityClass -description: -- Manage the lifecycle of a priority_class object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - description: - description: - - description is an arbitrary string that usually provides guidelines on when - this priority class should be used. - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - global_default: - description: - - globalDefault specifies whether this PriorityClass should be considered as the - default priority for pods that do not have any priority class. - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - value: - description: - - The value of this priority class. This is the actual priority that pods receive - when they have the name of this class in their pod spec. - type: int - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -priority_class: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - description: - description: - - description is an arbitrary string that usually provides guidelines on when - this priority class should be used. - type: str - global_default: - description: - - globalDefault specifies whether this PriorityClass should be considered as - the default priority for pods that do not have any priority class. - type: bool - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - value: - description: - - The value of this priority class. This is the actual priority that pods receive - when they have the name of this class in their pod spec. - type: int -''' - - -def main(): - try: - module = KubernetesAnsibleModule('priority_class', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_priority_class_list.py b/library/k8s_v1alpha1_priority_class_list.py deleted file mode 100644 index d46baa5a..00000000 --- a/library/k8s_v1alpha1_priority_class_list.py +++ /dev/null @@ -1,172 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_priority_class_list -short_description: Kubernetes PriorityClassList -description: -- Retrieve a list of priority_class. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -priority_class_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is the list of PriorityClasses - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - description: - description: - - description is an arbitrary string that usually provides guidelines on - when this priority class should be used. - type: str - global_default: - description: - - globalDefault specifies whether this PriorityClass should be considered - as the default priority for pods that do not have any priority class. - type: bool - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - value: - description: - - The value of this priority class. This is the actual priority that pods - receive when they have the name of this class in their pod spec. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('priority_class_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_role.py b/library/k8s_v1alpha1_role.py deleted file mode 100644 index 51b8f7f0..00000000 --- a/library/k8s_v1alpha1_role.py +++ /dev/null @@ -1,204 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_role -short_description: Kubernetes Role -description: -- Manage the lifecycle of a role object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path This - name is intentionally different than the internal type so that the DefaultConvert - works nicely and because the ordering may be different. Since non-resource - URLs are not namespaced, this field is only applicable for ClusterRoles - referenced from a ClusterRoleBinding. Rules can either apply to API resources - (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), - but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_role_binding.py b/library/k8s_v1alpha1_role_binding.py deleted file mode 100644 index 0bdd8e34..00000000 --- a/library/k8s_v1alpha1_role_binding.py +++ /dev/null @@ -1,208 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_role_binding -short_description: Kubernetes RoleBinding -description: -- Manage the lifecycle of a role_binding object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_group: - description: - - APIGroup is the group for the resource being referenced - aliases: - - api_group - role_ref_kind: - description: - - Kind is the type of resource being referenced - aliases: - - kind - role_ref_name: - description: - - Name is the name of resource being referenced - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can reference a Role in the current namespace or a ClusterRole in - the global namespace. If the RoleRef cannot be resolved, the Authorizer must - return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_version: - description: - - APIVersion holds the API group and version of the referenced subject. - Defaults to "v1" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io/v1alpha1" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group are - "User", "Group", and "ServiceAccount". If the Authorizer does not recognized - the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_binding', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_role_binding_list.py b/library/k8s_v1alpha1_role_binding_list.py deleted file mode 100644 index f15c87b2..00000000 --- a/library/k8s_v1alpha1_role_binding_list.py +++ /dev/null @@ -1,190 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_role_binding_list -short_description: Kubernetes RoleBindingList -description: -- Retrieve a list of role_bindings. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of RoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can reference a Role in the current namespace or a ClusterRole - in the global namespace. If the RoleRef cannot be resolved, the Authorizer - must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_version: - description: - - APIVersion holds the API group and version of the referenced subject. - Defaults to "v1" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io/v1alpha1" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group - are "User", "Group", and "ServiceAccount". If the Authorizer does - not recognized the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_binding_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_role_list.py b/library/k8s_v1alpha1_role_list.py deleted file mode 100644 index f2f1f1a5..00000000 --- a/library/k8s_v1alpha1_role_list.py +++ /dev/null @@ -1,199 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_role_list -short_description: Kubernetes RoleList -description: -- Retrieve a list of roles. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of Roles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If multiple API groups are specified, any action requested against - one of the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path This - name is intentionally different than the internal type so that the - DefaultConvert works nicely and because the ordering may be different. - Since non-resource URLs are not namespaced, this field is only applicable - for ClusterRoles referenced from a ClusterRoleBinding. Rules can either - apply to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_api_service.py b/library/k8s_v1beta1_api_service.py deleted file mode 100644 index 3e302bf8..00000000 --- a/library/k8s_v1beta1_api_service.py +++ /dev/null @@ -1,223 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_api_service -short_description: Kubernetes APIService -description: -- Manage the lifecycle of a api_service object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_ca_bundle: - description: - - CABundle is a PEM encoded CA bundle which will be used to validate an API server's - serving certificate. - aliases: - - ca_bundle - spec_group: - description: - - Group is the API group name this server hosts - aliases: - - group - spec_group_priority_minimum: - description: - - "GroupPriorityMininum is the priority this group should have at least. Higher\ - \ priority means that the group is prefered by clients over lower priority ones.\ - \ Note that other versions of this group might specify even higher GroupPriorityMininum\ - \ values such that the whole group gets a higher priority. The primary sort\ - \ is based on GroupPriorityMinimum, ordered highest number to lowest (20 before\ - \ 10). The secondary sort is based on the alphabetical comparison of the name\ - \ of the object. (v1.bar before v1.foo) We'd recommend something like: *.k8s.io\ - \ (except extensions) at 18000 and PaaSes (OpenShift, Deis) are recommended\ - \ to be in the 2000s" - aliases: - - group_priority_minimum - type: int - spec_insecure_skip_tls_verify: - description: - - InsecureSkipTLSVerify disables TLS certificate verification when communicating - with this server. This is strongly discouraged. You should use the CABundle - instead. - aliases: - - insecure_skip_tls_verify - type: bool - spec_service_name: - description: - - Name is the name of the service - aliases: - - service_name - spec_service_namespace: - description: - - Namespace is the namespace of the service - aliases: - - service_namespace - spec_version: - description: - - Version is the API version this server hosts. For example, "v1" - aliases: - - version - spec_version_priority: - description: - - VersionPriority controls the ordering of this API version inside of its group. - Must be greater than zero. The primary sort is based on VersionPriority, ordered - highest to lowest (20 before 10). The secondary sort is based on the alphabetical - comparison of the name of the object. (v1.bar before v1.foo) Since it's inside - of a group, the number can be small, probably in the 10s. - aliases: - - version_priority - type: int - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -api_service: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec contains information for locating and communicating with a server - type: complex - status: - description: - - Status contains derived information about an API server - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('api_service', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_api_service_list.py b/library/k8s_v1beta1_api_service_list.py deleted file mode 100644 index 2b426717..00000000 --- a/library/k8s_v1beta1_api_service_list.py +++ /dev/null @@ -1,162 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_api_service_list -short_description: Kubernetes APIServiceList -description: -- Retrieve a list of api_services. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -api_service_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: [] - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec contains information for locating and communicating with a server - type: complex - status: - description: - - Status contains derived information about an API server - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('api_service_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_certificate_signing_request.py b/library/k8s_v1beta1_certificate_signing_request.py deleted file mode 100644 index 15a62c89..00000000 --- a/library/k8s_v1beta1_certificate_signing_request.py +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_certificate_signing_request -short_description: Kubernetes CertificateSigningRequest -description: -- Manage the lifecycle of a certificate_signing_request object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_extra: - description: - - Extra information about the requesting user. See user.Info interface for details. - aliases: - - extra - type: dict - spec_groups: - description: - - Group information about the requesting user. See user.Info interface for details. - aliases: - - groups - type: list - spec_request: - description: - - Base64-encoded PKCS - aliases: - - request - spec_uid: - description: - - UID information about the requesting user. See user.Info interface for details. - aliases: - - uid - spec_usages: - description: - - 'allowedUsages specifies a set of usage contexts the key will be valid for. - See:' - aliases: - - usages - type: list - spec_username: - description: - - Information about the requesting user. See user.Info interface for details. - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -certificate_signing_request: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - The certificate request itself and any additional information. - type: complex - status: - description: - - Derived information about the request. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('certificate_signing_request', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_certificate_signing_request_list.py b/library/k8s_v1beta1_certificate_signing_request_list.py deleted file mode 100644 index 4f93ac9d..00000000 --- a/library/k8s_v1beta1_certificate_signing_request_list.py +++ /dev/null @@ -1,162 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_certificate_signing_request_list -short_description: Kubernetes CertificateSigningRequestList -description: -- Retrieve a list of certificate_signing_requests. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -certificate_signing_request_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: [] - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - The certificate request itself and any additional information. - type: complex - status: - description: - - Derived information about the request. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('certificate_signing_request_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_cluster_role.py b/library/k8s_v1beta1_cluster_role.py deleted file mode 100644 index 8957ee63..00000000 --- a/library/k8s_v1beta1_cluster_role.py +++ /dev/null @@ -1,202 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_cluster_role -short_description: Kubernetes ClusterRole -description: -- Manage the lifecycle of a cluster_role object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable for - ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply - to API resources (such as "pods" or "secrets") or non-resource URL paths - (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_cluster_role_binding.py b/library/k8s_v1beta1_cluster_role_binding.py deleted file mode 100644 index d2e14a41..00000000 --- a/library/k8s_v1beta1_cluster_role_binding.py +++ /dev/null @@ -1,207 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_cluster_role_binding -short_description: Kubernetes ClusterRoleBinding -description: -- Manage the lifecycle of a cluster_role_binding object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_group: - description: - - APIGroup is the group for the resource being referenced - aliases: - - api_group - role_ref_kind: - description: - - Kind is the type of resource being referenced - aliases: - - kind - role_ref_name: - description: - - Name is the name of resource being referenced - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef - cannot be resolved, the Authorizer must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to "" - for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for - User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group are - "User", "Group", and "ServiceAccount". If the Authorizer does not recognized - the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_binding', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_cluster_role_binding_list.py b/library/k8s_v1beta1_cluster_role_binding_list.py deleted file mode 100644 index 685c771d..00000000 --- a/library/k8s_v1beta1_cluster_role_binding_list.py +++ /dev/null @@ -1,189 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_cluster_role_binding_list -short_description: Kubernetes ClusterRoleBindingList -description: -- Retrieve a list of cluster_role_bindings. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference a ClusterRole in the global namespace. If the - RoleRef cannot be resolved, the Authorizer must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to - "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group - are "User", "Group", and "ServiceAccount". If the Authorizer does - not recognized the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_binding_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_cluster_role_list.py b/library/k8s_v1beta1_cluster_role_list.py deleted file mode 100644 index 04b88d28..00000000 --- a/library/k8s_v1beta1_cluster_role_list.py +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_cluster_role_list -short_description: Kubernetes ClusterRoleList -description: -- Retrieve a list of cluster_roles. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If multiple API groups are specified, any action requested against - one of the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable - for ClusterRoles referenced from a ClusterRoleBinding. Rules can either - apply to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_controller_revision.py b/library/k8s_v1beta1_controller_revision.py deleted file mode 100644 index e90cb2df..00000000 --- a/library/k8s_v1beta1_controller_revision.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_controller_revision -short_description: Kubernetes ControllerRevision -description: -- Manage the lifecycle of a controller_revision object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - data_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - raw - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -controller_revision: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - data: - description: - - Data is the serialized representation of the state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int -''' - - -def main(): - try: - module = KubernetesAnsibleModule('controller_revision', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_controller_revision_list.py b/library/k8s_v1beta1_controller_revision_list.py deleted file mode 100644 index 89534754..00000000 --- a/library/k8s_v1beta1_controller_revision_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_controller_revision_list -short_description: Kubernetes ControllerRevisionList -description: -- Retrieve a list of controller_revisions. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -controller_revision_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of ControllerRevisions - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - data: - description: - - Data is the serialized representation of the state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - '' - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('controller_revision_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_cron_job.py b/library/k8s_v1beta1_cron_job.py deleted file mode 100644 index be509e01..00000000 --- a/library/k8s_v1beta1_cron_job.py +++ /dev/null @@ -1,616 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_cron_job -short_description: Kubernetes CronJob -description: -- Manage the lifecycle of a cron_job object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_concurrency_policy: - description: - - Specifies how to treat concurrent executions of a Job. Defaults to Allow. - aliases: - - concurrency_policy - spec_failed_jobs_history_limit: - description: - - The number of failed finished jobs to retain. This is a pointer to distinguish - between explicit zero and not specified. Defaults to 1. - aliases: - - failed_jobs_history_limit - type: int - spec_job_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - aliases: - - job__metadata_annotations - type: dict - spec_job_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - aliases: - - job__metadata_labels - type: dict - spec_job_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - aliases: - - job__metadata_name - spec_job_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - aliases: - - job__metadata_namespace - spec_job_template_spec_active_deadline_seconds: - description: - - Specifies the duration in seconds relative to the startTime that the job may - be active before the system tries to terminate it; value must be positive integer - aliases: - - job__active_deadline_seconds - type: int - spec_job_template_spec_backoff_limit: - description: - - Specifies the number of retries before marking this job failed. Defaults to - 6 - aliases: - - job__backoff_limit - type: int - spec_job_template_spec_completions: - description: - - Specifies the desired number of successfully finished pods the job should be - run with. Setting to nil means that the success of any pod signals the success - of all pods, and allows parallelism to have any positive value. Setting to 1 - means that parallelism is limited to 1 and the success of that pod signals the - success of the job. - aliases: - - job__completions - type: int - spec_job_template_spec_manual_selector: - description: - - manualSelector controls generation of pod labels and pod selectors. Leave `manualSelector` - unset unless you are certain what you are doing. When false or unset, the system - pick labels unique to this job and appends those labels to the pod template. - When true, the user is responsible for picking unique labels and specifying - the selector. Failure to pick a unique label may cause this and other jobs to - not function correctly. However, You may see `manualSelector=true` in jobs that - were created with the old `extensions/v1beta1` API. - aliases: - - job__manual_selector - type: bool - spec_job_template_spec_parallelism: - description: - - Specifies the maximum desired number of pods the job should run at any given - time. The actual number of pods running in steady state will be less than this - number when ((.spec.completions - .status.successful) < .spec.parallelism), - i.e. when the work left to do is less than max parallelism. - aliases: - - job__parallelism - type: int - spec_job_template_spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - job__selector_match_expressions - type: list - spec_job_template_spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - job__selector_match_labels - type: dict - spec_job_template_spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_job_template_spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_job_template_spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_job_template_spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_job_template_spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - type: int - spec_job_template_spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - job__affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - ? spec_job_template_spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - : description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - job__affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_job_template_spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - job__affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - job__affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - job__affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - job__affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - job__automount_service_account_token - type: bool - spec_job_template_spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - job__containers - type: list - spec_job_template_spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - job__dns_policy - spec_job_template_spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - job__host_aliases - type: list - spec_job_template_spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - job__host_ipc - type: bool - spec_job_template_spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - job__host_network - type: bool - spec_job_template_spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - job__host_pid - type: bool - spec_job_template_spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - job__hostname - spec_job_template_spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - job__image_pull_secrets - type: list - spec_job_template_spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - job__init_containers - type: list - spec_job_template_spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - job__node_name - spec_job_template_spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - job__node_selector - type: dict - spec_job_template_spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - job__priority - type: int - spec_job_template_spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - job__priority_class_name - spec_job_template_spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - job__restart_policy - spec_job_template_spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - job__scheduler_name - spec_job_template_spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - job__securitycontext_fs_group - type: int - spec_job_template_spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - job__securitycontext_run_as_non_root - type: bool - spec_job_template_spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - job__securitycontext_run_as_user - type: int - spec_job_template_spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_level - spec_job_template_spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_role - spec_job_template_spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_type - spec_job_template_spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_user - spec_job_template_spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - job__securitycontext_supplemental_groups - type: list - spec_job_template_spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - job__service_account - spec_job_template_spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - job__service_account_name - spec_job_template_spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - job__subdomain - spec_job_template_spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - job__termination_grace_period_seconds - type: int - spec_job_template_spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - job__tolerations - type: list - spec_job_template_spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - job__volumes - type: list - spec_schedule: - description: - - The schedule in Cron format, see - aliases: - - schedule - spec_starting_deadline_seconds: - description: - - Optional deadline in seconds for starting the job if it misses scheduled time - for any reason. Missed jobs executions will be counted as failed ones. - aliases: - - starting_deadline_seconds - type: int - spec_successful_jobs_history_limit: - description: - - The number of successful finished jobs to retain. This is a pointer to distinguish - between explicit zero and not specified. Defaults to 3. - aliases: - - successful_jobs_history_limit - type: int - spec_suspend: - description: - - This flag tells the controller to suspend subsequent executions, it does not - apply to already started executions. Defaults to false. - aliases: - - suspend - type: bool - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cron_job: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of a cron job, including the schedule. - type: complex - status: - description: - - Current status of a cron job. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cron_job', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_cron_job_list.py b/library/k8s_v1beta1_cron_job_list.py deleted file mode 100644 index bf33d8fc..00000000 --- a/library/k8s_v1beta1_cron_job_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_cron_job_list -short_description: Kubernetes CronJobList -description: -- Retrieve a list of cron_jobs. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cron_job_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is the list of CronJobs. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of a cron job, including the schedule. - type: complex - status: - description: - - Current status of a cron job. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cron_job_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_custom_resource_definition.py b/library/k8s_v1beta1_custom_resource_definition.py deleted file mode 100644 index 04e49eca..00000000 --- a/library/k8s_v1beta1_custom_resource_definition.py +++ /dev/null @@ -1,283 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_custom_resource_definition -short_description: Kubernetes CustomResourceDefinition -description: -- Manage the lifecycle of a custom_resource_definition object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_group: - description: - - Group is the group this resource belongs in - aliases: - - group - spec_names_kind: - description: - - Kind is the serialized kind of the resource. It is normally CamelCase and singular. - aliases: - - names_kind - spec_names_list_kind: - description: - - ListKind is the serialized kind of the list for this resource. Defaults to List. - aliases: - - names_list_kind - spec_names_plural: - description: - - 'Plural is the plural name of the resource to serve. It must match the name - of the CustomResourceDefinition-registration too: plural.group and it must be - all lowercase.' - aliases: - - names_plural - spec_names_short_names: - description: - - ShortNames are short names for the resource. It must be all lowercase. - aliases: - - names_short_names - type: list - spec_names_singular: - description: - - Singular is the singular name of the resource. It must be all lowercase Defaults - to lowercased - aliases: - - names_singular - spec_scope: - description: - - Scope indicates whether this resource is cluster or namespace scoped. Default - is namespaced - aliases: - - scope - spec_validation_open_apiv3_schema_additional_items_allows: - aliases: - - validation_open_apiv3_schema_additional_items_allows - type: bool - spec_validation_open_apiv3_schema_additional_properties_allows: - aliases: - - validation_open_apiv3_schema_additional_properties_allows - type: bool - spec_validation_open_apiv3_schema_all_of: - aliases: - - validation_open_apiv3_schema_all_of - type: list - spec_validation_open_apiv3_schema_any_of: - aliases: - - validation_open_apiv3_schema_any_of - type: list - spec_validation_open_apiv3_schema_description: - aliases: - - validation_open_apiv3_schema_description - spec_validation_open_apiv3_schema_enum: - aliases: - - validation_open_apiv3_schema_enum - type: list - spec_validation_open_apiv3_schema_format: - aliases: - - validation_open_apiv3_schema_format - spec_validation_open_apiv3_schema_id: - aliases: - - validation_open_apiv3_schema_id - spec_validation_open_apiv3_schema_max_length: - aliases: - - validation_open_apiv3_schema_max_length - type: int - spec_validation_open_apiv3_schema_max_properties: - aliases: - - validation_open_apiv3_schema_max_properties - type: int - spec_validation_open_apiv3_schema_min_items: - aliases: - - validation_open_apiv3_schema_min_items - type: int - spec_validation_open_apiv3_schema_min_properties: - aliases: - - validation_open_apiv3_schema_min_properties - type: int - spec_validation_open_apiv3_schema_minimum: - aliases: - - validation_open_apiv3_schema_minimum - type: float - spec_validation_open_apiv3_schema_multiple_of: - aliases: - - validation_open_apiv3_schema_multiple_of - type: float - spec_validation_open_apiv3_schema_pattern: - aliases: - - validation_open_apiv3_schema_pattern - spec_validation_open_apiv3_schema_pattern_properties: - aliases: - - validation_open_apiv3_schema_pattern_properties - type: dict - spec_validation_open_apiv3_schema_schema: - aliases: - - validation_open_apiv3_schema_schema - spec_validation_open_apiv3_schema_title: - aliases: - - validation_open_apiv3_schema_title - spec_validation_open_apiv3_schema_type: - aliases: - - validation_open_apiv3_schema_type - spec_validation_open_apiv3_schema_unique_items: - aliases: - - validation_open_apiv3_schema_unique_items - type: bool - spec_version: - description: - - Version is the version this resource belongs in - aliases: - - version - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -custom_resource_definition: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec describes how the user wants the resources to appear - type: complex - status: - description: - - Status indicates the actual state of the CustomResourceDefinition - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('custom_resource_definition', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_custom_resource_definition_list.py b/library/k8s_v1beta1_custom_resource_definition_list.py deleted file mode 100644 index 05ea978d..00000000 --- a/library/k8s_v1beta1_custom_resource_definition_list.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_custom_resource_definition_list -short_description: Kubernetes CustomResourceDefinitionList -description: -- Retrieve a list of custom_resource_definitions. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -custom_resource_definition_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items individual CustomResourceDefinitions - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec describes how the user wants the resources to appear - type: complex - status: - description: - - Status indicates the actual state of the CustomResourceDefinition - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('custom_resource_definition_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_daemon_set.py b/library/k8s_v1beta1_daemon_set.py deleted file mode 100644 index 00dda966..00000000 --- a/library/k8s_v1beta1_daemon_set.py +++ /dev/null @@ -1,549 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_daemon_set -short_description: Kubernetes DaemonSet -description: -- Manage the lifecycle of a daemon_set object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - The minimum number of seconds for which a newly created DaemonSet pod should - be ready without any of its container crashing, for it to be considered available. - Defaults to 0 (pod will be considered available as soon as it is ready). - aliases: - - min_ready_seconds - type: int - spec_revision_history_limit: - description: - - The number of old history to retain to allow rollback. This is a pointer to - distinguish between explicit zero and not specified. Defaults to 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_generation: - description: - - DEPRECATED. A sequence number representing a specific generation of the template. - Populated by the system. It can be set only during the creation. - aliases: - - template_generation - type: int - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_update_strategy_rolling_update_max_unavailable: - description: - - 'The maximum number of DaemonSet pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet - pods at the start of the update (ex: 10%). Absolute number is calculated from - percentage by rounding up. This cannot be 0. Default value is 1. Example: when - this is set to 30%, at most 30% of the total number of nodes that should be - running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods - stopped for an update at any given time. The update starts by stopping at most - 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. - Once the new pods are available, it then proceeds onto other DaemonSet pods, - thus ensuring that at least 70% of original number of DaemonSet pods are available - at all times during the update.' - aliases: - - update_strategy_rolling_update_max_unavailable - type: object - spec_update_strategy_type: - description: - - Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is - OnDelete. - aliases: - - update_strategy_type - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -daemon_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - The desired behavior of this daemon set. - type: complex - status: - description: - - The current status of this daemon set. This data may be out of date by some - window of time. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('daemon_set', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_daemon_set_list.py b/library/k8s_v1beta1_daemon_set_list.py deleted file mode 100644 index c10a1b44..00000000 --- a/library/k8s_v1beta1_daemon_set_list.py +++ /dev/null @@ -1,166 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_daemon_set_list -short_description: Kubernetes DaemonSetList -description: -- Retrieve a list of daemon_sets. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -daemon_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - A list of daemon sets. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - The desired behavior of this daemon set. - type: complex - status: - description: - - The current status of this daemon set. This data may be out of date by - some window of time. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('daemon_set_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_eviction.py b/library/k8s_v1beta1_eviction.py deleted file mode 100644 index 173f181e..00000000 --- a/library/k8s_v1beta1_eviction.py +++ /dev/null @@ -1,182 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_eviction -short_description: Kubernetes Eviction -description: -- Manage the lifecycle of a eviction object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - delete_options_api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - aliases: - - api_version - delete_options_grace_period_seconds: - description: - - The duration in seconds before the object should be deleted. Value must be non-negative - integer. The value zero indicates delete immediately. If this value is nil, - the default grace period for the specified type will be used. Defaults to a - per object value if not specified. zero means delete immediately. - aliases: - - grace_period_seconds - type: int - delete_options_kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - aliases: - - kind - delete_options_orphan_dependents: - description: - - "Deprecated: please use the PropagationPolicy, this field will be deprecated\ - \ in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\"\ - \ finalizer will be added to/removed from the object's finalizers list. Either\ - \ this field or PropagationPolicy may be set, but not both." - aliases: - - orphan_dependents - type: bool - delete_options_preconditions_uid: - description: - - Specifies the target UID. - aliases: - - uid - delete_options_propagation_policy: - description: - - Whether and how garbage collection will be performed. Either this field or OrphanDependents - may be set, but not both. The default policy is decided by the existing finalizer - set in the metadata.finalizers and the resource-specific default policy. - aliases: - - propagation_policy - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -eviction: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - delete_options: - description: - - DeleteOptions may be provided - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - ObjectMeta describes the pod that is being evicted. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('eviction', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_ingress.py b/library/k8s_v1beta1_ingress.py deleted file mode 100644 index 5692f319..00000000 --- a/library/k8s_v1beta1_ingress.py +++ /dev/null @@ -1,193 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_ingress -short_description: Kubernetes Ingress -description: -- Manage the lifecycle of a ingress object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_backend_service_name: - description: - - Specifies the name of the referenced service. - aliases: - - backend_service_name - spec_backend_service_port: - description: - - Specifies the port of the referenced service. - aliases: - - backend_service_port - type: object - spec_rules: - description: - - A list of host rules used to configure the Ingress. If unspecified, or no rule - matches, all traffic is sent to the default backend. - aliases: - - rules - type: list - spec_tls: - description: - - TLS configuration. Currently the Ingress only supports a single TLS port, 443. - If multiple members of this list specify different hosts, they will be multiplexed - on the same port according to the hostname specified through the SNI TLS extension, - if the ingress controller fulfilling the ingress supports SNI. - aliases: - - tls - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -ingress: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec is the desired state of the Ingress. - type: complex - status: - description: - - Status is the current state of the Ingress. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('ingress', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_ingress_list.py b/library/k8s_v1beta1_ingress_list.py deleted file mode 100644 index e2a420c6..00000000 --- a/library/k8s_v1beta1_ingress_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_ingress_list -short_description: Kubernetes IngressList -description: -- Retrieve a list of ingress. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -ingress_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of Ingress. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec is the desired state of the Ingress. - type: complex - status: - description: - - Status is the current state of the Ingress. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('ingress_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_local_subject_access_review.py b/library/k8s_v1beta1_local_subject_access_review.py deleted file mode 100644 index 28a3079f..00000000 --- a/library/k8s_v1beta1_local_subject_access_review.py +++ /dev/null @@ -1,218 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_local_subject_access_review -short_description: Kubernetes LocalSubjectAccessReview -description: -- Manage the lifecycle of a local_subject_access_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_extra: - description: - - Extra corresponds to the user.Info.GetExtra() method from the authenticator. - Since that is input to the authorizer it needs a reflection here. - aliases: - - extra - type: dict - spec_group: - description: - - Groups is the groups you're testing for. - aliases: - - group - type: list - spec_non_resource_attributes_path: - description: - - Path is the URL path of the request - aliases: - - non_resource_attributes_path - spec_non_resource_attributes_verb: - description: - - Verb is the standard HTTP verb - aliases: - - non_resource_attributes_verb - spec_resource_attributes_group: - description: - - Group is the API Group of the Resource. "*" means all. - aliases: - - resource_attributes_group - spec_resource_attributes_name: - description: - - Name is the name of the resource being requested for a "get" or deleted for - a "delete". "" (empty) means all. - aliases: - - resource_attributes_name - spec_resource_attributes_namespace: - description: - - Namespace is the namespace of the action being requested. Currently, there is - no distinction between no namespace and all namespaces "" (empty) is defaulted - for LocalSubjectAccessReviews "" (empty) is empty for cluster-scoped resources - "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview - or SelfSubjectAccessReview - aliases: - - resource_attributes_namespace - spec_resource_attributes_resource: - description: - - Resource is one of the existing resource types. "*" means all. - aliases: - - resource_attributes_resource - spec_resource_attributes_subresource: - description: - - Subresource is one of the existing resource types. "" means none. - aliases: - - resource_attributes_subresource - spec_resource_attributes_verb: - description: - - 'Verb is a kubernetes resource API verb, like: get, list, watch, create, update, - delete, proxy. "*" means all.' - aliases: - - resource_attributes_verb - spec_resource_attributes_version: - description: - - Version is the API Version of the Resource. "*" means all. - aliases: - - resource_attributes_version - spec_uid: - description: - - UID information about the requesting user. - aliases: - - uid - spec_user: - description: - - User is the user you're testing for. If you specify "User" but not "Group", - then is it interpreted as "What if User were not a member of any groups - aliases: - - user - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -local_subject_access_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated. spec.namespace must - be equal to the namespace you made the request against. If empty, it is defaulted. - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request is allowed - or not - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('local_subject_access_review', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_network_policy.py b/library/k8s_v1beta1_network_policy.py deleted file mode 100644 index 6ed55a1a..00000000 --- a/library/k8s_v1beta1_network_policy.py +++ /dev/null @@ -1,216 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_network_policy -short_description: Kubernetes NetworkPolicy -description: -- Manage the lifecycle of a network_policy object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_egress: - description: - - List of egress rules to be applied to the selected pods. Outgoing traffic is - allowed if there are no NetworkPolicies selecting the pod (and cluster policy - otherwise allows the traffic), OR if the traffic matches at least one egress - rule across all of the NetworkPolicy objects whose podSelector matches the pod. - If this field is empty then this NetworkPolicy limits all outgoing traffic (and - serves solely to ensure that the pods it selects are isolated by default). This - field is beta-level in 1.8 - aliases: - - egress - type: list - spec_ingress: - description: - - List of ingress rules to be applied to the selected pods. Traffic is allowed - to a pod if there are no NetworkPolicies selecting the pod OR if the traffic - source is the pod's local node, OR if the traffic matches at least one ingress - rule across all of the NetworkPolicy objects whose podSelector matches the pod. - If this field is empty then this NetworkPolicy does not allow any traffic (and - serves solely to ensure that the pods it selects are isolated by default). - aliases: - - ingress - type: list - spec_pod_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - pod_selector_match_expressions - type: list - spec_pod_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - pod_selector_match_labels - type: dict - spec_policy_types: - description: - - List of rule types that the NetworkPolicy relates to. Valid options are Ingress, - Egress, or Ingress,Egress. If this field is not specified, it will default based - on the existence of Ingress or Egress rules; policies that contain an Egress - section are assumed to affect Egress, and all policies (whether or not they - contain an Ingress section) are assumed to affect Ingress. If you want to write - an egress-only policy, you must explicitly specify policyTypes [ "Egress" ]. - Likewise, if you want to write a policy that specifies that no egress is allowed, - you must specify a policyTypes value that include "Egress" (since such a policy - would not include an Egress section and would otherwise default to just [ "Ingress" - ]). This field is beta-level in 1.8 - aliases: - - policy_types - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -network_policy: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior for this NetworkPolicy. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('network_policy', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_network_policy_list.py b/library/k8s_v1beta1_network_policy_list.py deleted file mode 100644 index a9d7cc21..00000000 --- a/library/k8s_v1beta1_network_policy_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_network_policy_list -short_description: Kubernetes NetworkPolicyList -description: -- Retrieve a list of network_policys. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -network_policy_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of schema objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior for this NetworkPolicy. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('network_policy_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_pod_disruption_budget.py b/library/k8s_v1beta1_pod_disruption_budget.py deleted file mode 100644 index 692b3fa4..00000000 --- a/library/k8s_v1beta1_pod_disruption_budget.py +++ /dev/null @@ -1,199 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_pod_disruption_budget -short_description: Kubernetes PodDisruptionBudget -description: -- Manage the lifecycle of a pod_disruption_budget object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_max_unavailable: - description: - - An eviction is allowed if at most "maxUnavailable" pods selected by "selector" - are unavailable after the eviction, i.e. even in absence of the evicted pod. - For example, one can prevent all voluntary evictions by specifying 0. This is - a mutually exclusive setting with "minAvailable". - aliases: - - max_unavailable - type: object - spec_min_available: - description: - - An eviction is allowed if at least "minAvailable" pods selected by "selector" - will still be available after the eviction, i.e. even in the absence of the - evicted pod. So for example you can prevent all voluntary evictions by specifying - "100%". - aliases: - - min_available - type: object - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_disruption_budget: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Specification of the desired behavior of the PodDisruptionBudget. - type: complex - status: - description: - - Most recently observed status of the PodDisruptionBudget. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_disruption_budget', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_pod_disruption_budget_list.py b/library/k8s_v1beta1_pod_disruption_budget_list.py deleted file mode 100644 index 3bf838e1..00000000 --- a/library/k8s_v1beta1_pod_disruption_budget_list.py +++ /dev/null @@ -1,162 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_pod_disruption_budget_list -short_description: Kubernetes PodDisruptionBudgetList -description: -- Retrieve a list of pod_disruption_budgets. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_disruption_budget_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: [] - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Specification of the desired behavior of the PodDisruptionBudget. - type: complex - status: - description: - - Most recently observed status of the PodDisruptionBudget. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_disruption_budget_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_pod_security_policy.py b/library/k8s_v1beta1_pod_security_policy.py deleted file mode 100644 index 74a396b9..00000000 --- a/library/k8s_v1beta1_pod_security_policy.py +++ /dev/null @@ -1,317 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_pod_security_policy -short_description: Kubernetes PodSecurityPolicy -description: -- Manage the lifecycle of a pod_security_policy object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_allow_privilege_escalation: - description: - - AllowPrivilegeEscalation determines if a pod can request to allow privilege - escalation. If unspecified, defaults to true. - aliases: - - allow_privilege_escalation - type: bool - spec_allowed_capabilities: - description: - - AllowedCapabilities is a list of capabilities that can be requested to add to - the container. Capabilities in this field may be added at the pod author's discretion. - You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities. - aliases: - - allowed_capabilities - type: list - spec_allowed_host_paths: - description: - - is a white list of allowed host paths. Empty indicates that all host paths may - be used. - aliases: - - allowed_host_paths - type: list - spec_default_add_capabilities: - description: - - DefaultAddCapabilities is the default set of capabilities that will be added - to the container unless the pod spec specifically drops the capability. You - may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities. - aliases: - - default_add_capabilities - type: list - spec_default_allow_privilege_escalation: - description: - - DefaultAllowPrivilegeEscalation controls the default setting for whether a process - can gain more privileges than its parent process. - aliases: - - default_allow_privilege_escalation - type: bool - spec_fs_group_ranges: - description: - - Ranges are the allowed ranges of fs groups. If you would like to force a single - fs group then supply a single range with the same start and end. - aliases: - - fs_group_ranges - type: list - spec_fs_group_rule: - description: - - Rule is the strategy that will dictate what FSGroup is used in the SecurityContext. - aliases: - - fs_group_rule - spec_host_ipc: - description: - - hostIPC determines if the policy allows the use of HostIPC in the pod spec. - aliases: - - host_ipc - type: bool - spec_host_network: - description: - - hostNetwork determines if the policy allows the use of HostNetwork in the pod - spec. - aliases: - - host_network - type: bool - spec_host_pid: - description: - - hostPID determines if the policy allows the use of HostPID in the pod spec. - aliases: - - host_pid - type: bool - spec_host_ports: - description: - - hostPorts determines which host port ranges are allowed to be exposed. - aliases: - - host_ports - type: list - spec_privileged: - description: - - privileged determines if a pod can request to be run as privileged. - aliases: - - privileged - type: bool - spec_read_only_root_filesystem: - description: - - ReadOnlyRootFilesystem when set to true will force containers to run with a - read only root file system. If the container specifically requests to run with - a non-read only root file system the PSP should deny the pod. If set to false - the container may run with a read only root file system if it wishes but it - will not be forced to. - aliases: - - read_only_root_filesystem - type: bool - spec_required_drop_capabilities: - description: - - RequiredDropCapabilities are the capabilities that will be dropped from the - container. These are required to be dropped and cannot be added. - aliases: - - required_drop_capabilities - type: list - spec_run_as_user_ranges: - description: - - Ranges are the allowed ranges of uids that may be used. - aliases: - - run_as_user_ranges - type: list - spec_run_as_user_rule: - description: - - Rule is the strategy that will dictate the allowable RunAsUser values that may - be set. - aliases: - - run_as_user_rule - spec_se_linux_rule: - description: - - type is the strategy that will dictate the allowable labels that may be set. - aliases: - - se_linux_rule - spec_se_linux_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - se_linux_se_options_level - spec_se_linux_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - se_linux_se_options_role - spec_se_linux_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - se_linux_se_options_type - spec_se_linux_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - se_linux_se_options_user - spec_supplemental_groups_ranges: - description: - - Ranges are the allowed ranges of supplemental groups. If you would like to force - a single supplemental group then supply a single range with the same start and - end. - aliases: - - supplemental_groups_ranges - type: list - spec_supplemental_groups_rule: - description: - - Rule is the strategy that will dictate what supplemental groups is used in the - SecurityContext. - aliases: - - supplemental_groups_rule - spec_volumes: - description: - - volumes is a white list of allowed volume plugins. Empty indicates that all - plugins may be used. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_security_policy: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - spec defines the policy enforced. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_security_policy', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_pod_security_policy_list.py b/library/k8s_v1beta1_pod_security_policy_list.py deleted file mode 100644 index 206e7c26..00000000 --- a/library/k8s_v1beta1_pod_security_policy_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_pod_security_policy_list -short_description: Kubernetes PodSecurityPolicyList -description: -- Retrieve a list of pod_security_policys. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_security_policy_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of schema objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - spec defines the policy enforced. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_security_policy_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_replica_set.py b/library/k8s_v1beta1_replica_set.py deleted file mode 100644 index d8bac220..00000000 --- a/library/k8s_v1beta1_replica_set.py +++ /dev/null @@ -1,532 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_replica_set -short_description: Kubernetes ReplicaSet -description: -- Manage the lifecycle of a replica_set object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_replicas: - description: - - Replicas is the number of desired replicas. This is a pointer to distinguish - between explicit zero and unspecified. Defaults to 1. - aliases: - - replicas - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create replica set - k8s_v1beta1_replica_set.yml: - name: myreplicaset - namespace: test - state: present - replicas: 3 - spec_template_metadata_labels: - name: myreplicaset - containers: - - name: myreplicaset - image: openshift/origin-ruby-sample:v1.0 -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replica_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicaSet are empty, they are defaulted to be the same - as the Pod(s) that the ReplicaSet manages. Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the ReplicaSet. - type: complex - status: - description: - - Status is the most recently observed status of the ReplicaSet. This data may - be out of date by some window of time. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('replica_set', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_replica_set_list.py b/library/k8s_v1beta1_replica_set_list.py deleted file mode 100644 index 959d0fda..00000000 --- a/library/k8s_v1beta1_replica_set_list.py +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_replica_set_list -short_description: Kubernetes ReplicaSetList -description: -- Retrieve a list of replica_sets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replica_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ReplicaSets. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicaSet are empty, they are defaulted to be the - same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the ReplicaSet. - type: complex - status: - description: - - Status is the most recently observed status of the ReplicaSet. This data - may be out of date by some window of time. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('replica_set_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_role.py b/library/k8s_v1beta1_role.py deleted file mode 100644 index 816ba514..00000000 --- a/library/k8s_v1beta1_role.py +++ /dev/null @@ -1,202 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_role -short_description: Kubernetes Role -description: -- Manage the lifecycle of a role object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable for - ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply - to API resources (such as "pods" or "secrets") or non-resource URL paths - (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_role_binding.py b/library/k8s_v1beta1_role_binding.py deleted file mode 100644 index f2d67b67..00000000 --- a/library/k8s_v1beta1_role_binding.py +++ /dev/null @@ -1,219 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_role_binding -short_description: Kubernetes RoleBinding -description: -- Manage the lifecycle of a role_binding object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_group: - description: - - APIGroup is the group for the resource being referenced - aliases: - - api_group - role_ref_kind: - description: - - Kind is the type of resource being referenced - aliases: - - kind - role_ref_name: - description: - - Name is the name of resource being referenced - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create role binding - k8s_v1beta1_role_binding.yml: - name: edit - namespace: test - state: present - role_ref_kind: Role - role_ref_name: edit - subjects: - - kind: ServiceAccount - name: magico - namespace: test -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can reference a Role in the current namespace or a ClusterRole in - the global namespace. If the RoleRef cannot be resolved, the Authorizer must - return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to "" - for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for - User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group are - "User", "Group", and "ServiceAccount". If the Authorizer does not recognized - the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_binding', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_role_binding_list.py b/library/k8s_v1beta1_role_binding_list.py deleted file mode 100644 index 7407edf5..00000000 --- a/library/k8s_v1beta1_role_binding_list.py +++ /dev/null @@ -1,190 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_role_binding_list -short_description: Kubernetes RoleBindingList -description: -- Retrieve a list of role_bindings. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of RoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can reference a Role in the current namespace or a ClusterRole - in the global namespace. If the RoleRef cannot be resolved, the Authorizer - must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to - "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group - are "User", "Group", and "ServiceAccount". If the Authorizer does - not recognized the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_binding_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_role_list.py b/library/k8s_v1beta1_role_list.py deleted file mode 100644 index fefd69f4..00000000 --- a/library/k8s_v1beta1_role_list.py +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_role_list -short_description: Kubernetes RoleList -description: -- Retrieve a list of roles. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of Roles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If multiple API groups are specified, any action requested against - one of the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable - for ClusterRoles referenced from a ClusterRoleBinding. Rules can either - apply to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_self_subject_access_review.py b/library/k8s_v1beta1_self_subject_access_review.py deleted file mode 100644 index 2d818f45..00000000 --- a/library/k8s_v1beta1_self_subject_access_review.py +++ /dev/null @@ -1,194 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_self_subject_access_review -short_description: Kubernetes SelfSubjectAccessReview -description: -- Manage the lifecycle of a self_subject_access_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_non_resource_attributes_path: - description: - - Path is the URL path of the request - aliases: - - non_resource_attributes_path - spec_non_resource_attributes_verb: - description: - - Verb is the standard HTTP verb - aliases: - - non_resource_attributes_verb - spec_resource_attributes_group: - description: - - Group is the API Group of the Resource. "*" means all. - aliases: - - resource_attributes_group - spec_resource_attributes_name: - description: - - Name is the name of the resource being requested for a "get" or deleted for - a "delete". "" (empty) means all. - aliases: - - resource_attributes_name - spec_resource_attributes_namespace: - description: - - Namespace is the namespace of the action being requested. Currently, there is - no distinction between no namespace and all namespaces "" (empty) is defaulted - for LocalSubjectAccessReviews "" (empty) is empty for cluster-scoped resources - "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview - or SelfSubjectAccessReview - aliases: - - resource_attributes_namespace - spec_resource_attributes_resource: - description: - - Resource is one of the existing resource types. "*" means all. - aliases: - - resource_attributes_resource - spec_resource_attributes_subresource: - description: - - Subresource is one of the existing resource types. "" means none. - aliases: - - resource_attributes_subresource - spec_resource_attributes_verb: - description: - - 'Verb is a kubernetes resource API verb, like: get, list, watch, create, update, - delete, proxy. "*" means all.' - aliases: - - resource_attributes_verb - spec_resource_attributes_version: - description: - - Version is the API Version of the Resource. "*" means all. - aliases: - - resource_attributes_version - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -self_subject_access_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated. user and groups - must be empty - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request is allowed - or not - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('self_subject_access_review', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_self_subject_rules_review.py b/library/k8s_v1beta1_self_subject_rules_review.py deleted file mode 100644 index 01f92105..00000000 --- a/library/k8s_v1beta1_self_subject_rules_review.py +++ /dev/null @@ -1,145 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_self_subject_rules_review -short_description: Kubernetes SelfSubjectRulesReview -description: -- Manage the lifecycle of a self_subject_rules_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_namespace: - description: - - Namespace to evaluate rules for. Required. - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -self_subject_rules_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated. - type: complex - status: - description: - - Status is filled in by the server and indicates the set of actions a user - can perform. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('self_subject_rules_review', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_stateful_set.py b/library/k8s_v1beta1_stateful_set.py deleted file mode 100644 index 0785c5a1..00000000 --- a/library/k8s_v1beta1_stateful_set.py +++ /dev/null @@ -1,579 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_stateful_set -short_description: Kubernetes StatefulSet -description: -- Manage the lifecycle of a stateful_set object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_pod_management_policy: - description: - - podManagementPolicy controls how pods are created during initial scale up, when - replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, - where pods are created in increasing order (pod-0, then pod-1, etc) and the - controller will wait until each pod is ready before continuing. When scaling - down, the pods are removed in the opposite order. The alternative policy is - `Parallel` which will create pods in parallel to match the desired scale without - waiting, and on scale down will delete all pods at once. - aliases: - - pod_management_policy - spec_replicas: - description: - - replicas is the desired number of replicas of the given Template. These are - replicas in the sense that they are instantiations of the same Template, but - individual replicas also have a consistent identity. If unspecified, defaults - to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - revisionHistoryLimit is the maximum number of revisions that will be maintained - in the StatefulSet's revision history. The revision history consists of all - revisions not represented by a currently applied StatefulSetSpec version. The - default value is 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_service_name: - description: - - 'serviceName is the name of the service that governs this StatefulSet. This - service must exist before the StatefulSet, and is responsible for the network - identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local - where "pod-specific-string" is managed by the StatefulSet controller.' - aliases: - - service_name - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_update_strategy_rolling_update_partition: - description: - - Partition indicates the ordinal at which the StatefulSet should be partitioned. - aliases: - - update_strategy_rolling_update_partition - type: int - spec_update_strategy_type: - description: - - Type indicates the type of the StatefulSetUpdateStrategy. - aliases: - - update_strategy_type - spec_volume_claim_templates: - description: - - volumeClaimTemplates is a list of claims that pods are allowed to reference. - The StatefulSet controller is responsible for mapping network identities to - claims in a way that maintains the identity of a pod. Every claim in this list - must have at least one matching (by name) volumeMount in one container in the - template. A claim in this list takes precedence over any volumes in the template, - with the same name. - aliases: - - volume_claim_templates - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create stateful set - k8s_v1beta1_stateful_set.yml: - name: test - labels: - name: test - namespace: test - state: present - service_name: test - replicas: 3 - spec_template_metadata_labels: - name: test - spec_template_metadata_name: test - termination_grace_period_seconds: 10 - containers: - - name: test - image: openshift/origin-ruby-sample:v1.0 -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -stateful_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec defines the desired identities of pods in this set. - type: complex - status: - description: - - Status is the current status of Pods in this StatefulSet. This data may be - out of date by some window of time. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('stateful_set', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_stateful_set_list.py b/library/k8s_v1beta1_stateful_set_list.py deleted file mode 100644 index f0aa3af3..00000000 --- a/library/k8s_v1beta1_stateful_set_list.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_stateful_set_list -short_description: Kubernetes StatefulSetList -description: -- Retrieve a list of stateful_sets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -stateful_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: [] - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec defines the desired identities of pods in this set. - type: complex - status: - description: - - Status is the current status of Pods in this StatefulSet. This data may - be out of date by some window of time. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('stateful_set_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_storage_class.py b/library/k8s_v1beta1_storage_class.py deleted file mode 100644 index 01c093f2..00000000 --- a/library/k8s_v1beta1_storage_class.py +++ /dev/null @@ -1,206 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_storage_class -short_description: Kubernetes StorageClass -description: -- Manage the lifecycle of a storage_class object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - allow_volume_expansion: - description: - - AllowVolumeExpansion shows whether the storage class allow volume expand - type: bool - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - mount_options: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with these mountOptions, e.g. ["ro", "soft"]. Not validated - mount of the PVs - will simply fail if one is invalid. - type: list - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - parameters: - description: - - Parameters holds the parameters for the provisioner that should create volumes - of this storage class. - type: dict - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - provisioner: - description: - - Provisioner indicates the type of the provisioner. - reclaim_policy: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with this reclaimPolicy. Defaults to Delete. - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -storage_class: - type: complex - returned: when I(state) = C(present) - contains: - allow_volume_expansion: - description: - - AllowVolumeExpansion shows whether the storage class allow volume expand - type: bool - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - mount_options: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with these mountOptions, e.g. ["ro", "soft"]. Not validated - mount of the - PVs will simply fail if one is invalid. - type: list - contains: str - parameters: - description: - - Parameters holds the parameters for the provisioner that should create volumes - of this storage class. - type: complex - contains: str, str - provisioner: - description: - - Provisioner indicates the type of the provisioner. - type: str - reclaim_policy: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with this reclaimPolicy. Defaults to Delete. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('storage_class', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_storage_class_list.py b/library/k8s_v1beta1_storage_class_list.py deleted file mode 100644 index 259b495c..00000000 --- a/library/k8s_v1beta1_storage_class_list.py +++ /dev/null @@ -1,183 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_storage_class_list -short_description: Kubernetes StorageClassList -description: -- Retrieve a list of storage_class. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -storage_class_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of StorageClasses - type: list - contains: - allow_volume_expansion: - description: - - AllowVolumeExpansion shows whether the storage class allow volume expand - type: bool - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - mount_options: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with these mountOptions, e.g. ["ro", "soft"]. Not validated - mount of - the PVs will simply fail if one is invalid. - type: list - contains: str - parameters: - description: - - Parameters holds the parameters for the provisioner that should create - volumes of this storage class. - type: complex - contains: str, str - provisioner: - description: - - Provisioner indicates the type of the provisioner. - type: str - reclaim_policy: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with this reclaimPolicy. Defaults to Delete. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('storage_class_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_subject_access_review.py b/library/k8s_v1beta1_subject_access_review.py deleted file mode 100644 index e26889ad..00000000 --- a/library/k8s_v1beta1_subject_access_review.py +++ /dev/null @@ -1,217 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_subject_access_review -short_description: Kubernetes SubjectAccessReview -description: -- Manage the lifecycle of a subject_access_review object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_extra: - description: - - Extra corresponds to the user.Info.GetExtra() method from the authenticator. - Since that is input to the authorizer it needs a reflection here. - aliases: - - extra - type: dict - spec_group: - description: - - Groups is the groups you're testing for. - aliases: - - group - type: list - spec_non_resource_attributes_path: - description: - - Path is the URL path of the request - aliases: - - non_resource_attributes_path - spec_non_resource_attributes_verb: - description: - - Verb is the standard HTTP verb - aliases: - - non_resource_attributes_verb - spec_resource_attributes_group: - description: - - Group is the API Group of the Resource. "*" means all. - aliases: - - resource_attributes_group - spec_resource_attributes_name: - description: - - Name is the name of the resource being requested for a "get" or deleted for - a "delete". "" (empty) means all. - aliases: - - resource_attributes_name - spec_resource_attributes_namespace: - description: - - Namespace is the namespace of the action being requested. Currently, there is - no distinction between no namespace and all namespaces "" (empty) is defaulted - for LocalSubjectAccessReviews "" (empty) is empty for cluster-scoped resources - "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview - or SelfSubjectAccessReview - aliases: - - resource_attributes_namespace - spec_resource_attributes_resource: - description: - - Resource is one of the existing resource types. "*" means all. - aliases: - - resource_attributes_resource - spec_resource_attributes_subresource: - description: - - Subresource is one of the existing resource types. "" means none. - aliases: - - resource_attributes_subresource - spec_resource_attributes_verb: - description: - - 'Verb is a kubernetes resource API verb, like: get, list, watch, create, update, - delete, proxy. "*" means all.' - aliases: - - resource_attributes_verb - spec_resource_attributes_version: - description: - - Version is the API Version of the Resource. "*" means all. - aliases: - - resource_attributes_version - spec_uid: - description: - - UID information about the requesting user. - aliases: - - uid - spec_user: - description: - - User is the user you're testing for. If you specify "User" but not "Group", - then is it interpreted as "What if User were not a member of any groups - aliases: - - user - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -subject_access_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request is allowed - or not - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('subject_access_review', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_token_review.py b/library/k8s_v1beta1_token_review.py deleted file mode 100644 index 794dcba2..00000000 --- a/library/k8s_v1beta1_token_review.py +++ /dev/null @@ -1,147 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_token_review -short_description: Kubernetes TokenReview -description: -- Manage the lifecycle of a token_review object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_token: - description: - - Token is the opaque bearer token. - aliases: - - token - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -token_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request can be - authenticated. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('token_review', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_controller_revision.py b/library/k8s_v1beta2_controller_revision.py deleted file mode 100644 index 5f9a3560..00000000 --- a/library/k8s_v1beta2_controller_revision.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_controller_revision -short_description: Kubernetes ControllerRevision -description: -- Manage the lifecycle of a controller_revision object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - data_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - raw - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -controller_revision: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - data: - description: - - Data is the serialized representation of the state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int -''' - - -def main(): - try: - module = KubernetesAnsibleModule('controller_revision', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_controller_revision_list.py b/library/k8s_v1beta2_controller_revision_list.py deleted file mode 100644 index 19f8c941..00000000 --- a/library/k8s_v1beta2_controller_revision_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_controller_revision_list -short_description: Kubernetes ControllerRevisionList -description: -- Retrieve a list of controller_revisions. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -controller_revision_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of ControllerRevisions - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - data: - description: - - Data is the serialized representation of the state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - '' - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('controller_revision_list', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_daemon_set.py b/library/k8s_v1beta2_daemon_set.py deleted file mode 100644 index 91b547ee..00000000 --- a/library/k8s_v1beta2_daemon_set.py +++ /dev/null @@ -1,542 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_daemon_set -short_description: Kubernetes DaemonSet -description: -- Manage the lifecycle of a daemon_set object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - The minimum number of seconds for which a newly created DaemonSet pod should - be ready without any of its container crashing, for it to be considered available. - Defaults to 0 (pod will be considered available as soon as it is ready). - aliases: - - min_ready_seconds - type: int - spec_revision_history_limit: - description: - - The number of old history to retain to allow rollback. This is a pointer to - distinguish between explicit zero and not specified. Defaults to 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_update_strategy_rolling_update_max_unavailable: - description: - - 'The maximum number of DaemonSet pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet - pods at the start of the update (ex: 10%). Absolute number is calculated from - percentage by rounding up. This cannot be 0. Default value is 1. Example: when - this is set to 30%, at most 30% of the total number of nodes that should be - running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods - stopped for an update at any given time. The update starts by stopping at most - 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. - Once the new pods are available, it then proceeds onto other DaemonSet pods, - thus ensuring that at least 70% of original number of DaemonSet pods are available - at all times during the update.' - aliases: - - update_strategy_rolling_update_max_unavailable - type: object - spec_update_strategy_type: - description: - - Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is - RollingUpdate. - aliases: - - update_strategy_type - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -daemon_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - The desired behavior of this daemon set. - type: complex - status: - description: - - The current status of this daemon set. This data may be out of date by some - window of time. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('daemon_set', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_daemon_set_list.py b/library/k8s_v1beta2_daemon_set_list.py deleted file mode 100644 index 335b89b5..00000000 --- a/library/k8s_v1beta2_daemon_set_list.py +++ /dev/null @@ -1,166 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_daemon_set_list -short_description: Kubernetes DaemonSetList -description: -- Retrieve a list of daemon_sets. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -daemon_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - A list of daemon sets. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - The desired behavior of this daemon set. - type: complex - status: - description: - - The current status of this daemon set. This data may be out of date by - some window of time. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('daemon_set_list', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_deployment.py b/library/k8s_v1beta2_deployment.py deleted file mode 100644 index 23377d37..00000000 --- a/library/k8s_v1beta2_deployment.py +++ /dev/null @@ -1,574 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_deployment -short_description: Kubernetes Deployment -description: -- Manage the lifecycle of a deployment object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_paused: - description: - - Indicates that the deployment is paused. - aliases: - - paused - type: bool - spec_progress_deadline_seconds: - description: - - The maximum time in seconds for a deployment to make progress before it is considered - to be failed. The deployment controller will continue to process failed deployments - and a condition with a ProgressDeadlineExceeded reason will be surfaced in the - deployment status. Note that progress will not be estimated during the time - a deployment is paused. Defaults to 600s. - aliases: - - progress_deadline_seconds - type: int - spec_replicas: - description: - - Number of desired pods. This is a pointer to distinguish between explicit zero - and not specified. Defaults to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - The number of old ReplicaSets to retain to allow rollback. This is a pointer - to distinguish between explicit zero and not specified. Defaults to 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_strategy_rolling_update_max_surge: - description: - - 'The maximum number of pods that can be scheduled above the desired number of - pods. Value can be an absolute number (ex: 5) or a percentage of desired pods - (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated - from percentage by rounding up. Defaults to 25%. Example: when this is set to - 30%, the new RC can be scaled up immediately when the rolling update starts, - such that the total number of old and new pods do not exceed 130% of desired - pods. Once old pods have been killed, new RC can be scaled up further, ensuring - that total number of pods running at any time during the update is atmost 130% - of desired pods.' - aliases: - - strategy_rolling_update_max_surge - type: object - spec_strategy_rolling_update_max_unavailable: - description: - - 'The maximum number of pods that can be unavailable during the update. Value - can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. This can not - be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the - old RC can be scaled down to 70% of desired pods immediately when the rolling - update starts. Once new pods are ready, old RC can be scaled down further, followed - by scaling up the new RC, ensuring that the total number of pods available at - all times during the update is at least 70% of desired pods.' - aliases: - - strategy_rolling_update_max_unavailable - type: object - spec_strategy_type: - description: - - Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. - aliases: - - strategy_type - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('deployment', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_deployment_list.py b/library/k8s_v1beta2_deployment_list.py deleted file mode 100644 index ca0ba133..00000000 --- a/library/k8s_v1beta2_deployment_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_deployment_list -short_description: Kubernetes DeploymentList -description: -- Retrieve a list of deployments. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of Deployments. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('deployment_list', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_replica_set.py b/library/k8s_v1beta2_replica_set.py deleted file mode 100644 index 218b0259..00000000 --- a/library/k8s_v1beta2_replica_set.py +++ /dev/null @@ -1,521 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_replica_set -short_description: Kubernetes ReplicaSet -description: -- Manage the lifecycle of a replica_set object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_replicas: - description: - - Replicas is the number of desired replicas. This is a pointer to distinguish - between explicit zero and unspecified. Defaults to 1. - aliases: - - replicas - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replica_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicaSet are empty, they are defaulted to be the same - as the Pod(s) that the ReplicaSet manages. Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the ReplicaSet. - type: complex - status: - description: - - Status is the most recently observed status of the ReplicaSet. This data may - be out of date by some window of time. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('replica_set', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_replica_set_list.py b/library/k8s_v1beta2_replica_set_list.py deleted file mode 100644 index b1a4b9b1..00000000 --- a/library/k8s_v1beta2_replica_set_list.py +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_replica_set_list -short_description: Kubernetes ReplicaSetList -description: -- Retrieve a list of replica_sets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replica_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ReplicaSets. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicaSet are empty, they are defaulted to be the - same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the ReplicaSet. - type: complex - status: - description: - - Status is the most recently observed status of the ReplicaSet. This data - may be out of date by some window of time. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('replica_set_list', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_scale.py b/library/k8s_v1beta2_scale.py deleted file mode 100644 index 60cee6d1..00000000 --- a/library/k8s_v1beta2_scale.py +++ /dev/null @@ -1,148 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_scale -short_description: Kubernetes Scale -description: -- Manage the lifecycle of a scale object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_replicas: - description: - - desired number of instances for the scaled object. - aliases: - - replicas - type: int - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -scale: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - spec: - description: - - defines the behavior of the scale. - type: complex - status: - description: - - current status of the scale. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('scale', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_stateful_set.py b/library/k8s_v1beta2_stateful_set.py deleted file mode 100644 index d912a1bd..00000000 --- a/library/k8s_v1beta2_stateful_set.py +++ /dev/null @@ -1,564 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_stateful_set -short_description: Kubernetes StatefulSet -description: -- Manage the lifecycle of a stateful_set object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_pod_management_policy: - description: - - podManagementPolicy controls how pods are created during initial scale up, when - replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, - where pods are created in increasing order (pod-0, then pod-1, etc) and the - controller will wait until each pod is ready before continuing. When scaling - down, the pods are removed in the opposite order. The alternative policy is - `Parallel` which will create pods in parallel to match the desired scale without - waiting, and on scale down will delete all pods at once. - aliases: - - pod_management_policy - spec_replicas: - description: - - replicas is the desired number of replicas of the given Template. These are - replicas in the sense that they are instantiations of the same Template, but - individual replicas also have a consistent identity. If unspecified, defaults - to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - revisionHistoryLimit is the maximum number of revisions that will be maintained - in the StatefulSet's revision history. The revision history consists of all - revisions not represented by a currently applied StatefulSetSpec version. The - default value is 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_service_name: - description: - - 'serviceName is the name of the service that governs this StatefulSet. This - service must exist before the StatefulSet, and is responsible for the network - identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local - where "pod-specific-string" is managed by the StatefulSet controller.' - aliases: - - service_name - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_update_strategy_rolling_update_partition: - description: - - Partition indicates the ordinal at which the StatefulSet should be partitioned. - Default value is 0. - aliases: - - update_strategy_rolling_update_partition - type: int - spec_update_strategy_type: - description: - - Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. - aliases: - - update_strategy_type - spec_volume_claim_templates: - description: - - volumeClaimTemplates is a list of claims that pods are allowed to reference. - The StatefulSet controller is responsible for mapping network identities to - claims in a way that maintains the identity of a pod. Every claim in this list - must have at least one matching (by name) volumeMount in one container in the - template. A claim in this list takes precedence over any volumes in the template, - with the same name. - aliases: - - volume_claim_templates - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -stateful_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec defines the desired identities of pods in this set. - type: complex - status: - description: - - Status is the current status of Pods in this StatefulSet. This data may be - out of date by some window of time. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('stateful_set', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_stateful_set_list.py b/library/k8s_v1beta2_stateful_set_list.py deleted file mode 100644 index 41fde551..00000000 --- a/library/k8s_v1beta2_stateful_set_list.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_stateful_set_list -short_description: Kubernetes StatefulSetList -description: -- Retrieve a list of stateful_sets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -stateful_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: [] - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec defines the desired identities of pods in this set. - type: complex - status: - description: - - Status is the current status of Pods in this StatefulSet. This data may - be out of date by some window of time. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('stateful_set_list', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v2alpha1_cron_job.py b/library/k8s_v2alpha1_cron_job.py deleted file mode 100644 index d0aa8819..00000000 --- a/library/k8s_v2alpha1_cron_job.py +++ /dev/null @@ -1,616 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v2alpha1_cron_job -short_description: Kubernetes CronJob -description: -- Manage the lifecycle of a cron_job object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_concurrency_policy: - description: - - Specifies how to treat concurrent executions of a Job. Defaults to Allow. - aliases: - - concurrency_policy - spec_failed_jobs_history_limit: - description: - - The number of failed finished jobs to retain. This is a pointer to distinguish - between explicit zero and not specified. - aliases: - - failed_jobs_history_limit - type: int - spec_job_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - aliases: - - job__metadata_annotations - type: dict - spec_job_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - aliases: - - job__metadata_labels - type: dict - spec_job_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - aliases: - - job__metadata_name - spec_job_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - aliases: - - job__metadata_namespace - spec_job_template_spec_active_deadline_seconds: - description: - - Specifies the duration in seconds relative to the startTime that the job may - be active before the system tries to terminate it; value must be positive integer - aliases: - - job__active_deadline_seconds - type: int - spec_job_template_spec_backoff_limit: - description: - - Specifies the number of retries before marking this job failed. Defaults to - 6 - aliases: - - job__backoff_limit - type: int - spec_job_template_spec_completions: - description: - - Specifies the desired number of successfully finished pods the job should be - run with. Setting to nil means that the success of any pod signals the success - of all pods, and allows parallelism to have any positive value. Setting to 1 - means that parallelism is limited to 1 and the success of that pod signals the - success of the job. - aliases: - - job__completions - type: int - spec_job_template_spec_manual_selector: - description: - - manualSelector controls generation of pod labels and pod selectors. Leave `manualSelector` - unset unless you are certain what you are doing. When false or unset, the system - pick labels unique to this job and appends those labels to the pod template. - When true, the user is responsible for picking unique labels and specifying - the selector. Failure to pick a unique label may cause this and other jobs to - not function correctly. However, You may see `manualSelector=true` in jobs that - were created with the old `extensions/v1beta1` API. - aliases: - - job__manual_selector - type: bool - spec_job_template_spec_parallelism: - description: - - Specifies the maximum desired number of pods the job should run at any given - time. The actual number of pods running in steady state will be less than this - number when ((.spec.completions - .status.successful) < .spec.parallelism), - i.e. when the work left to do is less than max parallelism. - aliases: - - job__parallelism - type: int - spec_job_template_spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - job__selector_match_expressions - type: list - spec_job_template_spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - job__selector_match_labels - type: dict - spec_job_template_spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_job_template_spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_job_template_spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_job_template_spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_job_template_spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - type: int - spec_job_template_spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - job__affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - ? spec_job_template_spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - : description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - job__affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_job_template_spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - job__affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - job__affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - job__affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - job__affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - job__automount_service_account_token - type: bool - spec_job_template_spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - job__containers - type: list - spec_job_template_spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - job__dns_policy - spec_job_template_spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - job__host_aliases - type: list - spec_job_template_spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - job__host_ipc - type: bool - spec_job_template_spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - job__host_network - type: bool - spec_job_template_spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - job__host_pid - type: bool - spec_job_template_spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - job__hostname - spec_job_template_spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - job__image_pull_secrets - type: list - spec_job_template_spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - job__init_containers - type: list - spec_job_template_spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - job__node_name - spec_job_template_spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - job__node_selector - type: dict - spec_job_template_spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - job__priority - type: int - spec_job_template_spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - job__priority_class_name - spec_job_template_spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - job__restart_policy - spec_job_template_spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - job__scheduler_name - spec_job_template_spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - job__securitycontext_fs_group - type: int - spec_job_template_spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - job__securitycontext_run_as_non_root - type: bool - spec_job_template_spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - job__securitycontext_run_as_user - type: int - spec_job_template_spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_level - spec_job_template_spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_role - spec_job_template_spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_type - spec_job_template_spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_user - spec_job_template_spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - job__securitycontext_supplemental_groups - type: list - spec_job_template_spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - job__service_account - spec_job_template_spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - job__service_account_name - spec_job_template_spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - job__subdomain - spec_job_template_spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - job__termination_grace_period_seconds - type: int - spec_job_template_spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - job__tolerations - type: list - spec_job_template_spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - job__volumes - type: list - spec_schedule: - description: - - The schedule in Cron format, see - aliases: - - schedule - spec_starting_deadline_seconds: - description: - - Optional deadline in seconds for starting the job if it misses scheduled time - for any reason. Missed jobs executions will be counted as failed ones. - aliases: - - starting_deadline_seconds - type: int - spec_successful_jobs_history_limit: - description: - - The number of successful finished jobs to retain. This is a pointer to distinguish - between explicit zero and not specified. - aliases: - - successful_jobs_history_limit - type: int - spec_suspend: - description: - - This flag tells the controller to suspend subsequent executions, it does not - apply to already started executions. Defaults to false. - aliases: - - suspend - type: bool - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cron_job: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of a cron job, including the schedule. - type: complex - status: - description: - - Current status of a cron job. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cron_job', 'v2alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v2alpha1_cron_job_list.py b/library/k8s_v2alpha1_cron_job_list.py deleted file mode 100644 index d6e96c49..00000000 --- a/library/k8s_v2alpha1_cron_job_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v2alpha1_cron_job_list -short_description: Kubernetes CronJobList -description: -- Retrieve a list of cron_jobs. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cron_job_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is the list of CronJobs. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of a cron job, including the schedule. - type: complex - status: - description: - - Current status of a cron job. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cron_job_list', 'v2alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v2beta1_horizontal_pod_autoscaler.py b/library/k8s_v2beta1_horizontal_pod_autoscaler.py deleted file mode 100644 index 76eb1b7f..00000000 --- a/library/k8s_v2beta1_horizontal_pod_autoscaler.py +++ /dev/null @@ -1,207 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v2beta1_horizontal_pod_autoscaler -short_description: Kubernetes HorizontalPodAutoscaler -description: -- Manage the lifecycle of a horizontal_pod_autoscaler object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_max_replicas: - description: - - maxReplicas is the upper limit for the number of replicas to which the autoscaler - can scale up. It cannot be less that minReplicas. - aliases: - - max_replicas - type: int - spec_metrics: - description: - - metrics contains the specifications for which to use to calculate the desired - replica count (the maximum replica count across all metrics will be used). The - desired replica count is calculated multiplying the ratio between the target - value and the current value by the current number of pods. Ergo, metrics used - must decrease as the pod count is increased, and vice-versa. See the individual - metric source types for more information about how each type of metric must - respond. - aliases: - - metrics - type: list - spec_min_replicas: - description: - - minReplicas is the lower limit for the number of replicas to which the autoscaler - can scale down. It defaults to 1 pod. - aliases: - - min_replicas - type: int - spec_scale_target_ref_api_version: - description: - - API version of the referent - aliases: - - scale_target_ref_api_version - spec_scale_target_ref_kind: - description: - - Kind of the referent; - aliases: - - scale_target_ref_kind - spec_scale_target_ref_name: - description: - - Name of the referent; - aliases: - - scale_target_ref_name - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -horizontal_pod_autoscaler: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata is the standard object metadata. - type: complex - spec: - description: - - spec is the specification for the behaviour of the autoscaler. - type: complex - status: - description: - - status is the current information about the autoscaler. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('horizontal_pod_autoscaler', 'v2beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v2beta1_horizontal_pod_autoscaler_list.py b/library/k8s_v2beta1_horizontal_pod_autoscaler_list.py deleted file mode 100644 index 2e881512..00000000 --- a/library/k8s_v2beta1_horizontal_pod_autoscaler_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v2beta1_horizontal_pod_autoscaler_list -short_description: Kubernetes HorizontalPodAutoscalerList -description: -- Retrieve a list of horizontal_pod_autoscalers. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -horizontal_pod_autoscaler_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is the list of horizontal pod autoscaler objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - metadata is the standard object metadata. - type: complex - spec: - description: - - spec is the specification for the behaviour of the autoscaler. - type: complex - status: - description: - - status is the current information about the autoscaler. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata is the standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('horizontal_pod_autoscaler_list', 'v2beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_applied_cluster_resource_quota.py b/library/openshift_v1_applied_cluster_resource_quota.py deleted file mode 100644 index b2c792fc..00000000 --- a/library/openshift_v1_applied_cluster_resource_quota.py +++ /dev/null @@ -1,177 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_applied_cluster_resource_quota -short_description: OpenShift AppliedClusterResourceQuota -description: -- Manage the lifecycle of a applied_cluster_resource_quota object. Supports check - mode, and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_quota_hard: - description: - - Hard is the set of desired hard limits for each named resource. - aliases: - - quota_hard - type: dict - spec_quota_scopes: - description: - - A collection of filters that must match each object tracked by a quota. If not - specified, the quota matches all objects. - aliases: - - quota_scopes - type: list - spec_selector_annotations: - description: - - AnnotationSelector is used to select projects by annotation. - aliases: - - selector_annotations - type: dict - spec_selector_labels_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_labels_match_expressions - type: list - spec_selector_labels_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_labels_match_labels - type: dict - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -applied_cluster_resource_quota: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired quota - type: complex - status: - description: - - Status defines the actual enforced quota and its current usage - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('applied_cluster_resource_quota', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_applied_cluster_resource_quota_list.py b/library/openshift_v1_applied_cluster_resource_quota_list.py deleted file mode 100644 index 83f325e9..00000000 --- a/library/openshift_v1_applied_cluster_resource_quota_list.py +++ /dev/null @@ -1,141 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_applied_cluster_resource_quota_list -short_description: OpenShift AppliedClusterResourceQuotaList -description: -- Retrieve a list of applied_cluster_resource_quotas. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -applied_cluster_resource_quota_list: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of AppliedClusterResourceQuota - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired quota - type: complex - status: - description: - - Status defines the actual enforced quota and its current usage - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('applied_cluster_resource_quota_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_broker_template_instance.py b/library/openshift_v1_broker_template_instance.py deleted file mode 100644 index 202d1e1f..00000000 --- a/library/openshift_v1_broker_template_instance.py +++ /dev/null @@ -1,251 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_broker_template_instance -short_description: OpenShift BrokerTemplateInstance -description: -- Manage the lifecycle of a broker_template_instance object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_binding_i_ds: - description: - - bindingids is a list of 'binding_id's provided during successive bind calls - to the template service broker. - aliases: - - binding_i_ds - type: list - spec_secret_api_version: - description: - - API version of the referent. - aliases: - - secret_api_version - spec_secret_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - secret_field_path - spec_secret_kind: - description: - - Kind of the referent. - aliases: - - secret_kind - spec_secret_name: - description: - - Name of the referent. - aliases: - - secret_name - spec_secret_namespace: - description: - - Namespace of the referent. - aliases: - - secret_namespace - spec_secret_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - secret_resource_version - spec_secret_uid: - description: - - UID of the referent. - aliases: - - secret_uid - spec_template_instance_api_version: - description: - - API version of the referent. - aliases: - - _instance_api_version - spec_template_instance_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - _instance_field_path - spec_template_instance_kind: - description: - - Kind of the referent. - aliases: - - _instance_kind - spec_template_instance_name: - description: - - Name of the referent. - aliases: - - _instance_name - spec_template_instance_namespace: - description: - - Namespace of the referent. - aliases: - - _instance_namespace - spec_template_instance_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - _instance_resource_version - spec_template_instance_uid: - description: - - UID of the referent. - aliases: - - _instance_uid - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -broker_template_instance: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - spec describes the state of this BrokerTemplateInstance. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('broker_template_instance', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_broker_template_instance_list.py b/library/openshift_v1_broker_template_instance_list.py deleted file mode 100644 index df296714..00000000 --- a/library/openshift_v1_broker_template_instance_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_broker_template_instance_list -short_description: OpenShift BrokerTemplateInstanceList -description: -- Retrieve a list of broker_template_instances. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -broker_template_instance_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is a list of BrokerTemplateInstances - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - spec describes the state of this BrokerTemplateInstance. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('broker_template_instance_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_build.py b/library/openshift_v1_build.py deleted file mode 100644 index d77dbcdf..00000000 --- a/library/openshift_v1_build.py +++ /dev/null @@ -1,673 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_build -short_description: OpenShift Build -description: -- Manage the lifecycle of a build object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_completion_deadline_seconds: - description: - - completionDeadlineSeconds is an optional duration in seconds, counted from the - time when a build pod gets scheduled in the system, that the build may be active - on a node before the system actively tries to terminate the build; value must - be positive integer - aliases: - - completion_deadline_seconds - type: int - spec_node_selector: - description: - - nodeSelector is a selector which must be true for the build pod to fit on a - node If nil, it can be overridden by default build nodeselector values for the - cluster. If set to an empty map or a map with any values, default build nodeselector - values are ignored. - aliases: - - node_selector - type: dict - spec_output_image_labels: - description: - - imageLabels define a list of labels that are applied to the resulting image. - If there are multiple labels with the same name then the last one in the list - is used. - aliases: - - output_image_labels - type: list - spec_output_push_secret_name: - description: - - Name of the referent. - aliases: - - output_push_secret_name - spec_output_to_api_version: - description: - - API version of the referent. - aliases: - - output_to_api_version - spec_output_to_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - output_to_field_path - spec_output_to_kind: - description: - - Kind of the referent. - aliases: - - output_to_kind - spec_output_to_name: - description: - - Name of the referent. - aliases: - - output_to_name - spec_output_to_namespace: - description: - - Namespace of the referent. - aliases: - - output_to_namespace - spec_output_to_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - output_to_resource_version - spec_output_to_uid: - description: - - UID of the referent. - aliases: - - output_to_uid - spec_post_commit_args: - description: - - args is a list of arguments that are provided to either Command, Script or the - Docker image's default entrypoint. The arguments are placed immediately after - the command to be run. - aliases: - - post_commit_args - type: list - spec_post_commit_command: - description: - - command is the command to run. It may not be specified with Script. This might - be needed if the image doesn't have `/bin/sh`, or if you do not want to use - a shell. In all other cases, using Script might be more convenient. - aliases: - - post_commit_command - type: list - spec_post_commit_script: - description: - - script is a shell script to be run with `/bin/sh -ic`. It may not be specified - with Command. Use Script when a shell script is appropriate to execute the post - build hook, for example for running unit tests with `rake test`. If you need - control over the image entrypoint, or if the image does not have `/bin/sh`, - use Command and/or Args. The `-i` flag is needed to support CentOS and RHEL - images that use Software Collections (SCL), in order to have the appropriate - collections enabled in the shell. E.g., in the Ruby image, this is necessary - to make `ruby`, `bundle` and other binaries available in the PATH. - aliases: - - post_commit_script - spec_resources_limits: - description: - - Limits describes the maximum amount of compute resources allowed. - aliases: - - resources_limits - type: dict - spec_resources_requests: - description: - - Requests describes the minimum amount of compute resources required. If Requests - is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. - aliases: - - resources_requests - type: dict - spec_revision_git_author_email: - description: - - email of the source control user - aliases: - - revision_git_author_email - spec_revision_git_author_name: - description: - - name of the source control user - aliases: - - revision_git_author_name - spec_revision_git_commit: - description: - - commit is the commit hash identifying a specific commit - aliases: - - revision_git_commit - spec_revision_git_committer_email: - description: - - email of the source control user - aliases: - - revision_git_committer_email - spec_revision_git_committer_name: - description: - - name of the source control user - aliases: - - revision_git_committer_name - spec_revision_git_message: - description: - - message is the description of a specific commit - aliases: - - revision_git_message - spec_revision_type: - description: - - type of the build source, may be one of 'Source', 'Dockerfile', 'Binary', or - 'Images' - aliases: - - revision_type - spec_service_account: - description: - - serviceAccount is the name of the ServiceAccount to use to run the pod created - by this build. The pod will be allowed to use secrets referenced by the ServiceAccount - aliases: - - service_account - spec_source_binary_as_file: - description: - - asFile indicates that the provided binary input should be considered a single - file within the build input. For example, specifying "webapp.war" would place - the provided binary as `/webapp.war` for the builder. If left empty, the Docker - and Source build strategies assume this file is a zip, tar, or tar.gz file and - extract it as the source. The custom strategy receives this binary as standard - input. This filename may not contain slashes or be '..' or '.'. - aliases: - - source_binary_as_file - spec_source_context_dir: - description: - - contextDir specifies the sub-directory where the source code for the application - exists. This allows to have buildable sources in directory other than root of - repository. - aliases: - - source_context_dir - spec_source_dockerfile: - description: - - dockerfile is the raw contents of a Dockerfile which should be built. When this - option is specified, the FROM may be modified based on your strategy base image - and additional ENV stanzas from your strategy environment will be added after - the FROM, but before the rest of your Dockerfile stanzas. The Dockerfile source - type may be used with other options like git - in those cases the Git repo will - have any innate Dockerfile replaced in the context dir. - aliases: - - source_dockerfile - spec_source_git_http_proxy: - description: - - httpProxy is a proxy used to reach the git repository over http - aliases: - - source_git_http_proxy - spec_source_git_https_proxy: - description: - - httpsProxy is a proxy used to reach the git repository over https - aliases: - - source_git_https_proxy - spec_source_git_no_proxy: - description: - - noProxy is the list of domains for which the proxy should not be used - aliases: - - source_git_no_proxy - spec_source_git_ref: - description: - - ref is the branch/tag/ref to build. - aliases: - - source_git_ref - spec_source_git_uri: - description: - - uri points to the source that will be built. The structure of the source will - depend on the type of build to run - aliases: - - source_git_uri - spec_source_images: - description: - - images describes a set of images to be used to provide source for the build - aliases: - - source_images - type: list - spec_source_secrets: - description: - - secrets represents a list of secrets and their destinations that will be used - only for the build. - aliases: - - source_secrets - type: list - spec_source_source_secret_name: - description: - - Name of the referent. - aliases: - - source_secret_name - spec_source_type: - description: - - type of build input to accept - aliases: - - source_type - spec_strategy_custom_strategy_build_api_version: - description: - - buildAPIVersion is the requested API version for the Build object serialized - and passed to the custom builder - aliases: - - strategy_custom_strategy_build_api_version - spec_strategy_custom_strategy_env: - description: - - env contains additional environment variables you want to pass into a builder - container. - aliases: - - strategy_custom_strategy_env - type: list - spec_strategy_custom_strategy_expose_docker_socket: - description: - - exposeDockerSocket will allow running Docker commands (and build Docker images) - from inside the Docker container. - aliases: - - strategy_custom_strategy_expose_docker_socket - type: bool - spec_strategy_custom_strategy_force_pull: - description: - - forcePull describes if the controller should configure the build pod to always - pull the images for the builder or only pull if it is not present locally - aliases: - - strategy_custom_strategy_force_pull - type: bool - spec_strategy_custom_strategy_from_api_version: - description: - - API version of the referent. - aliases: - - strategy_custom_strategy_from_api_version - spec_strategy_custom_strategy_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - strategy_custom_strategy_from_field_path - spec_strategy_custom_strategy_from_kind: - description: - - Kind of the referent. - aliases: - - strategy_custom_strategy_from_kind - spec_strategy_custom_strategy_from_name: - description: - - Name of the referent. - aliases: - - strategy_custom_strategy_from_name - spec_strategy_custom_strategy_from_namespace: - description: - - Namespace of the referent. - aliases: - - strategy_custom_strategy_from_namespace - spec_strategy_custom_strategy_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - strategy_custom_strategy_from_resource_version - spec_strategy_custom_strategy_from_uid: - description: - - UID of the referent. - aliases: - - strategy_custom_strategy_from_uid - spec_strategy_custom_strategy_pull_secret_name: - description: - - Name of the referent. - aliases: - - strategy_custom_strategy_pull_secret_name - spec_strategy_custom_strategy_secrets: - description: - - secrets is a list of additional secrets that will be included in the build pod - aliases: - - strategy_custom_strategy_secrets - type: list - spec_strategy_docker_strategy_build_args: - description: - - buildArgs contains build arguments that will be resolved in the Dockerfile. - See - aliases: - - strategy_docker_strategy_build_args - type: list - spec_strategy_docker_strategy_dockerfile_path: - description: - - dockerfilePath is the path of the Dockerfile that will be used to build the - Docker image, relative to the root of the context (contextDir). - aliases: - - strategy_docker_strategy_dockerfile_path - spec_strategy_docker_strategy_env: - description: - - env contains additional environment variables you want to pass into a builder - container. - aliases: - - strategy_docker_strategy_env - type: list - spec_strategy_docker_strategy_force_pull: - description: - - forcePull describes if the builder should pull the images from registry prior - to building. - aliases: - - strategy_docker_strategy_force_pull - type: bool - spec_strategy_docker_strategy_from_api_version: - description: - - API version of the referent. - aliases: - - strategy_docker_strategy_from_api_version - spec_strategy_docker_strategy_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - strategy_docker_strategy_from_field_path - spec_strategy_docker_strategy_from_kind: - description: - - Kind of the referent. - aliases: - - strategy_docker_strategy_from_kind - spec_strategy_docker_strategy_from_name: - description: - - Name of the referent. - aliases: - - strategy_docker_strategy_from_name - spec_strategy_docker_strategy_from_namespace: - description: - - Namespace of the referent. - aliases: - - strategy_docker_strategy_from_namespace - spec_strategy_docker_strategy_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - strategy_docker_strategy_from_resource_version - spec_strategy_docker_strategy_from_uid: - description: - - UID of the referent. - aliases: - - strategy_docker_strategy_from_uid - spec_strategy_docker_strategy_image_optimization_policy: - description: - - imageOptimizationPolicy describes what optimizations the system can use when - building images to reduce the final size or time spent building the image. The - default policy is 'None' which means the final build image will be equivalent - to an image created by the Docker build API. The experimental policy 'SkipLayers' - will avoid commiting new layers in between each image step, and will fail if - the Dockerfile cannot provide compatibility with the 'None' policy. An additional - experimental policy 'SkipLayersAndWarn' is the same as 'SkipLayers' but simply - warns if compatibility cannot be preserved. - aliases: - - strategy_docker_strategy_image_optimization_policy - spec_strategy_docker_strategy_no_cache: - description: - - noCache if set to true indicates that the docker build must be executed with - the --no-cache=true flag - aliases: - - strategy_docker_strategy_no_cache - type: bool - spec_strategy_docker_strategy_pull_secret_name: - description: - - Name of the referent. - aliases: - - strategy_docker_strategy_pull_secret_name - spec_strategy_jenkins_pipeline_strategy_env: - description: - - env contains additional environment variables you want to pass into a build - pipeline. - aliases: - - strategy_jenkins_pipeline_strategy_env - type: list - spec_strategy_jenkins_pipeline_strategy_jenkinsfile: - description: - - Jenkinsfile defines the optional raw contents of a Jenkinsfile which defines - a Jenkins pipeline build. - aliases: - - strategy_jenkins_pipeline_strategy_jenkinsfile - spec_strategy_jenkins_pipeline_strategy_jenkinsfile_path: - description: - - JenkinsfilePath is the optional path of the Jenkinsfile that will be used to - configure the pipeline relative to the root of the context (contextDir). If - both JenkinsfilePath & Jenkinsfile are both not specified, this defaults to - Jenkinsfile in the root of the specified contextDir. - aliases: - - strategy_jenkins_pipeline_strategy_jenkinsfile_path - spec_strategy_source_strategy_env: - description: - - env contains additional environment variables you want to pass into a builder - container. - aliases: - - strategy_source_strategy_env - type: list - spec_strategy_source_strategy_force_pull: - description: - - forcePull describes if the builder should pull the images from registry prior - to building. - aliases: - - strategy_source_strategy_force_pull - type: bool - spec_strategy_source_strategy_from_api_version: - description: - - API version of the referent. - aliases: - - strategy_source_strategy_from_api_version - spec_strategy_source_strategy_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - strategy_source_strategy_from_field_path - spec_strategy_source_strategy_from_kind: - description: - - Kind of the referent. - aliases: - - strategy_source_strategy_from_kind - spec_strategy_source_strategy_from_name: - description: - - Name of the referent. - aliases: - - strategy_source_strategy_from_name - spec_strategy_source_strategy_from_namespace: - description: - - Namespace of the referent. - aliases: - - strategy_source_strategy_from_namespace - spec_strategy_source_strategy_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - strategy_source_strategy_from_resource_version - spec_strategy_source_strategy_from_uid: - description: - - UID of the referent. - aliases: - - strategy_source_strategy_from_uid - spec_strategy_source_strategy_incremental: - description: - - incremental flag forces the Source build to do incremental builds if true. - aliases: - - strategy_source_strategy_incremental - type: bool - spec_strategy_source_strategy_pull_secret_name: - description: - - Name of the referent. - aliases: - - strategy_source_strategy_pull_secret_name - spec_strategy_source_strategy_scripts: - description: - - scripts is the location of Source scripts - aliases: - - strategy_source_strategy_scripts - spec_strategy_type: - description: - - type is the kind of build strategy. - aliases: - - strategy_type - spec_triggered_by: - description: - - triggeredBy describes which triggers started the most recent update to the build - configuration and contains information about those triggers. - aliases: - - triggered_by - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -build: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - spec is all the inputs used to execute the build. - type: complex - status: - description: - - status is the current status of the build. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('build', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_build_config.py b/library/openshift_v1_build_config.py deleted file mode 100644 index 8696ec21..00000000 --- a/library/openshift_v1_build_config.py +++ /dev/null @@ -1,696 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_build_config -short_description: OpenShift BuildConfig -description: -- Manage the lifecycle of a build_config object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_completion_deadline_seconds: - description: - - completionDeadlineSeconds is an optional duration in seconds, counted from the - time when a build pod gets scheduled in the system, that the build may be active - on a node before the system actively tries to terminate the build; value must - be positive integer - aliases: - - completion_deadline_seconds - type: int - spec_failed_builds_history_limit: - description: - - failedBuildsHistoryLimit is the number of old failed builds to retain. If not - specified, all failed builds are retained. - aliases: - - failed_builds_history_limit - type: int - spec_node_selector: - description: - - nodeSelector is a selector which must be true for the build pod to fit on a - node If nil, it can be overridden by default build nodeselector values for the - cluster. If set to an empty map or a map with any values, default build nodeselector - values are ignored. - aliases: - - node_selector - type: dict - spec_output_image_labels: - description: - - imageLabels define a list of labels that are applied to the resulting image. - If there are multiple labels with the same name then the last one in the list - is used. - aliases: - - output_image_labels - type: list - spec_output_push_secret_name: - description: - - Name of the referent. - aliases: - - output_push_secret_name - spec_output_to_api_version: - description: - - API version of the referent. - aliases: - - output_to_api_version - spec_output_to_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - output_to_field_path - spec_output_to_kind: - description: - - Kind of the referent. - aliases: - - output_to_kind - spec_output_to_name: - description: - - Name of the referent. - aliases: - - output_to_name - spec_output_to_namespace: - description: - - Namespace of the referent. - aliases: - - output_to_namespace - spec_output_to_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - output_to_resource_version - spec_output_to_uid: - description: - - UID of the referent. - aliases: - - output_to_uid - spec_post_commit_args: - description: - - args is a list of arguments that are provided to either Command, Script or the - Docker image's default entrypoint. The arguments are placed immediately after - the command to be run. - aliases: - - post_commit_args - type: list - spec_post_commit_command: - description: - - command is the command to run. It may not be specified with Script. This might - be needed if the image doesn't have `/bin/sh`, or if you do not want to use - a shell. In all other cases, using Script might be more convenient. - aliases: - - post_commit_command - type: list - spec_post_commit_script: - description: - - script is a shell script to be run with `/bin/sh -ic`. It may not be specified - with Command. Use Script when a shell script is appropriate to execute the post - build hook, for example for running unit tests with `rake test`. If you need - control over the image entrypoint, or if the image does not have `/bin/sh`, - use Command and/or Args. The `-i` flag is needed to support CentOS and RHEL - images that use Software Collections (SCL), in order to have the appropriate - collections enabled in the shell. E.g., in the Ruby image, this is necessary - to make `ruby`, `bundle` and other binaries available in the PATH. - aliases: - - post_commit_script - spec_resources_limits: - description: - - Limits describes the maximum amount of compute resources allowed. - aliases: - - resources_limits - type: dict - spec_resources_requests: - description: - - Requests describes the minimum amount of compute resources required. If Requests - is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. - aliases: - - resources_requests - type: dict - spec_revision_git_author_email: - description: - - email of the source control user - aliases: - - revision_git_author_email - spec_revision_git_author_name: - description: - - name of the source control user - aliases: - - revision_git_author_name - spec_revision_git_commit: - description: - - commit is the commit hash identifying a specific commit - aliases: - - revision_git_commit - spec_revision_git_committer_email: - description: - - email of the source control user - aliases: - - revision_git_committer_email - spec_revision_git_committer_name: - description: - - name of the source control user - aliases: - - revision_git_committer_name - spec_revision_git_message: - description: - - message is the description of a specific commit - aliases: - - revision_git_message - spec_revision_type: - description: - - type of the build source, may be one of 'Source', 'Dockerfile', 'Binary', or - 'Images' - aliases: - - revision_type - spec_run_policy: - description: - - RunPolicy describes how the new build created from this build configuration - will be scheduled for execution. This is optional, if not specified we default - to "Serial". - aliases: - - run_policy - spec_service_account: - description: - - serviceAccount is the name of the ServiceAccount to use to run the pod created - by this build. The pod will be allowed to use secrets referenced by the ServiceAccount - aliases: - - service_account - spec_source_binary_as_file: - description: - - asFile indicates that the provided binary input should be considered a single - file within the build input. For example, specifying "webapp.war" would place - the provided binary as `/webapp.war` for the builder. If left empty, the Docker - and Source build strategies assume this file is a zip, tar, or tar.gz file and - extract it as the source. The custom strategy receives this binary as standard - input. This filename may not contain slashes or be '..' or '.'. - aliases: - - source_binary_as_file - spec_source_context_dir: - description: - - contextDir specifies the sub-directory where the source code for the application - exists. This allows to have buildable sources in directory other than root of - repository. - aliases: - - source_context_dir - spec_source_dockerfile: - description: - - dockerfile is the raw contents of a Dockerfile which should be built. When this - option is specified, the FROM may be modified based on your strategy base image - and additional ENV stanzas from your strategy environment will be added after - the FROM, but before the rest of your Dockerfile stanzas. The Dockerfile source - type may be used with other options like git - in those cases the Git repo will - have any innate Dockerfile replaced in the context dir. - aliases: - - source_dockerfile - spec_source_git_http_proxy: - description: - - httpProxy is a proxy used to reach the git repository over http - aliases: - - source_git_http_proxy - spec_source_git_https_proxy: - description: - - httpsProxy is a proxy used to reach the git repository over https - aliases: - - source_git_https_proxy - spec_source_git_no_proxy: - description: - - noProxy is the list of domains for which the proxy should not be used - aliases: - - source_git_no_proxy - spec_source_git_ref: - description: - - ref is the branch/tag/ref to build. - aliases: - - source_git_ref - spec_source_git_uri: - description: - - uri points to the source that will be built. The structure of the source will - depend on the type of build to run - aliases: - - source_git_uri - spec_source_images: - description: - - images describes a set of images to be used to provide source for the build - aliases: - - source_images - type: list - spec_source_secrets: - description: - - secrets represents a list of secrets and their destinations that will be used - only for the build. - aliases: - - source_secrets - type: list - spec_source_source_secret_name: - description: - - Name of the referent. - aliases: - - source_secret_name - spec_source_type: - description: - - type of build input to accept - aliases: - - source_type - spec_strategy_custom_strategy_build_api_version: - description: - - buildAPIVersion is the requested API version for the Build object serialized - and passed to the custom builder - aliases: - - strategy_custom_strategy_build_api_version - spec_strategy_custom_strategy_env: - description: - - env contains additional environment variables you want to pass into a builder - container. - aliases: - - strategy_custom_strategy_env - type: list - spec_strategy_custom_strategy_expose_docker_socket: - description: - - exposeDockerSocket will allow running Docker commands (and build Docker images) - from inside the Docker container. - aliases: - - strategy_custom_strategy_expose_docker_socket - type: bool - spec_strategy_custom_strategy_force_pull: - description: - - forcePull describes if the controller should configure the build pod to always - pull the images for the builder or only pull if it is not present locally - aliases: - - strategy_custom_strategy_force_pull - type: bool - spec_strategy_custom_strategy_from_api_version: - description: - - API version of the referent. - aliases: - - strategy_custom_strategy_from_api_version - spec_strategy_custom_strategy_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - strategy_custom_strategy_from_field_path - spec_strategy_custom_strategy_from_kind: - description: - - Kind of the referent. - aliases: - - strategy_custom_strategy_from_kind - spec_strategy_custom_strategy_from_name: - description: - - Name of the referent. - aliases: - - strategy_custom_strategy_from_name - spec_strategy_custom_strategy_from_namespace: - description: - - Namespace of the referent. - aliases: - - strategy_custom_strategy_from_namespace - spec_strategy_custom_strategy_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - strategy_custom_strategy_from_resource_version - spec_strategy_custom_strategy_from_uid: - description: - - UID of the referent. - aliases: - - strategy_custom_strategy_from_uid - spec_strategy_custom_strategy_pull_secret_name: - description: - - Name of the referent. - aliases: - - strategy_custom_strategy_pull_secret_name - spec_strategy_custom_strategy_secrets: - description: - - secrets is a list of additional secrets that will be included in the build pod - aliases: - - strategy_custom_strategy_secrets - type: list - spec_strategy_docker_strategy_build_args: - description: - - buildArgs contains build arguments that will be resolved in the Dockerfile. - See - aliases: - - strategy_docker_strategy_build_args - type: list - spec_strategy_docker_strategy_dockerfile_path: - description: - - dockerfilePath is the path of the Dockerfile that will be used to build the - Docker image, relative to the root of the context (contextDir). - aliases: - - strategy_docker_strategy_dockerfile_path - spec_strategy_docker_strategy_env: - description: - - env contains additional environment variables you want to pass into a builder - container. - aliases: - - strategy_docker_strategy_env - type: list - spec_strategy_docker_strategy_force_pull: - description: - - forcePull describes if the builder should pull the images from registry prior - to building. - aliases: - - strategy_docker_strategy_force_pull - type: bool - spec_strategy_docker_strategy_from_api_version: - description: - - API version of the referent. - aliases: - - strategy_docker_strategy_from_api_version - spec_strategy_docker_strategy_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - strategy_docker_strategy_from_field_path - spec_strategy_docker_strategy_from_kind: - description: - - Kind of the referent. - aliases: - - strategy_docker_strategy_from_kind - spec_strategy_docker_strategy_from_name: - description: - - Name of the referent. - aliases: - - strategy_docker_strategy_from_name - spec_strategy_docker_strategy_from_namespace: - description: - - Namespace of the referent. - aliases: - - strategy_docker_strategy_from_namespace - spec_strategy_docker_strategy_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - strategy_docker_strategy_from_resource_version - spec_strategy_docker_strategy_from_uid: - description: - - UID of the referent. - aliases: - - strategy_docker_strategy_from_uid - spec_strategy_docker_strategy_image_optimization_policy: - description: - - imageOptimizationPolicy describes what optimizations the system can use when - building images to reduce the final size or time spent building the image. The - default policy is 'None' which means the final build image will be equivalent - to an image created by the Docker build API. The experimental policy 'SkipLayers' - will avoid commiting new layers in between each image step, and will fail if - the Dockerfile cannot provide compatibility with the 'None' policy. An additional - experimental policy 'SkipLayersAndWarn' is the same as 'SkipLayers' but simply - warns if compatibility cannot be preserved. - aliases: - - strategy_docker_strategy_image_optimization_policy - spec_strategy_docker_strategy_no_cache: - description: - - noCache if set to true indicates that the docker build must be executed with - the --no-cache=true flag - aliases: - - strategy_docker_strategy_no_cache - type: bool - spec_strategy_docker_strategy_pull_secret_name: - description: - - Name of the referent. - aliases: - - strategy_docker_strategy_pull_secret_name - spec_strategy_jenkins_pipeline_strategy_env: - description: - - env contains additional environment variables you want to pass into a build - pipeline. - aliases: - - strategy_jenkins_pipeline_strategy_env - type: list - spec_strategy_jenkins_pipeline_strategy_jenkinsfile: - description: - - Jenkinsfile defines the optional raw contents of a Jenkinsfile which defines - a Jenkins pipeline build. - aliases: - - strategy_jenkins_pipeline_strategy_jenkinsfile - spec_strategy_jenkins_pipeline_strategy_jenkinsfile_path: - description: - - JenkinsfilePath is the optional path of the Jenkinsfile that will be used to - configure the pipeline relative to the root of the context (contextDir). If - both JenkinsfilePath & Jenkinsfile are both not specified, this defaults to - Jenkinsfile in the root of the specified contextDir. - aliases: - - strategy_jenkins_pipeline_strategy_jenkinsfile_path - spec_strategy_source_strategy_env: - description: - - env contains additional environment variables you want to pass into a builder - container. - aliases: - - strategy_source_strategy_env - type: list - spec_strategy_source_strategy_force_pull: - description: - - forcePull describes if the builder should pull the images from registry prior - to building. - aliases: - - strategy_source_strategy_force_pull - type: bool - spec_strategy_source_strategy_from_api_version: - description: - - API version of the referent. - aliases: - - strategy_source_strategy_from_api_version - spec_strategy_source_strategy_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - strategy_source_strategy_from_field_path - spec_strategy_source_strategy_from_kind: - description: - - Kind of the referent. - aliases: - - strategy_source_strategy_from_kind - spec_strategy_source_strategy_from_name: - description: - - Name of the referent. - aliases: - - strategy_source_strategy_from_name - spec_strategy_source_strategy_from_namespace: - description: - - Namespace of the referent. - aliases: - - strategy_source_strategy_from_namespace - spec_strategy_source_strategy_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - strategy_source_strategy_from_resource_version - spec_strategy_source_strategy_from_uid: - description: - - UID of the referent. - aliases: - - strategy_source_strategy_from_uid - spec_strategy_source_strategy_incremental: - description: - - incremental flag forces the Source build to do incremental builds if true. - aliases: - - strategy_source_strategy_incremental - type: bool - spec_strategy_source_strategy_pull_secret_name: - description: - - Name of the referent. - aliases: - - strategy_source_strategy_pull_secret_name - spec_strategy_source_strategy_scripts: - description: - - scripts is the location of Source scripts - aliases: - - strategy_source_strategy_scripts - spec_strategy_type: - description: - - type is the kind of build strategy. - aliases: - - strategy_type - spec_successful_builds_history_limit: - description: - - successfulBuildsHistoryLimit is the number of old successful builds to retain. - If not specified, all successful builds are retained. - aliases: - - successful_builds_history_limit - type: int - spec_triggers: - description: - - triggers determine how new Builds can be launched from a BuildConfig. If no - triggers are defined, a new build can only occur as a result of an explicit - client build creation. - aliases: - - triggers - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -build_config: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata for BuildConfig. - type: complex - spec: - description: - - spec holds all the input necessary to produce a new build, and the conditions - when to trigger them. - type: complex - status: - description: - - status holds any relevant information about a build config - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('build_config', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_build_config_list.py b/library/openshift_v1_build_config_list.py deleted file mode 100644 index 104910e8..00000000 --- a/library/openshift_v1_build_config_list.py +++ /dev/null @@ -1,166 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_build_config_list -short_description: OpenShift BuildConfigList -description: -- Retrieve a list of build_configs. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -build_config_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is a list of build configs - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - metadata for BuildConfig. - type: complex - spec: - description: - - spec holds all the input necessary to produce a new build, and the conditions - when to trigger them. - type: complex - status: - description: - - status holds any relevant information about a build config - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata for BuildConfigList. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('build_config_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_build_list.py b/library/openshift_v1_build_list.py deleted file mode 100644 index ef61c355..00000000 --- a/library/openshift_v1_build_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_build_list -short_description: OpenShift BuildList -description: -- Retrieve a list of builds. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -build_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is a list of builds - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - spec is all the inputs used to execute the build. - type: complex - status: - description: - - status is the current status of the build. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata for BuildList. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('build_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_build_request.py b/library/openshift_v1_build_request.py deleted file mode 100644 index 0ac6eb6a..00000000 --- a/library/openshift_v1_build_request.py +++ /dev/null @@ -1,363 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_build_request -short_description: OpenShift BuildRequest -description: -- Manage the lifecycle of a build_request object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - binary_as_file: - description: - - asFile indicates that the provided binary input should be considered a single - file within the build input. For example, specifying "webapp.war" would place - the provided binary as `/webapp.war` for the builder. If left empty, the Docker - and Source build strategies assume this file is a zip, tar, or tar.gz file and - extract it as the source. The custom strategy receives this binary as standard - input. This filename may not contain slashes or be '..' or '.'. - aliases: - - as_file - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - docker_strategy_options_build_args: - description: - - Args contains any build arguments that are to be passed to Docker. See - aliases: - - build_args - type: list - docker_strategy_options_no_cache: - description: - - noCache overrides the docker-strategy noCache option in the build config - aliases: - - no_cache - type: bool - env: - description: - - env contains additional environment variables you want to pass into a builder - container. - type: list - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - from_api_version: - description: - - API version of the referent. - aliases: - - api_version - from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - from_kind: - description: - - Kind of the referent. - aliases: - - kind - from_name: - description: - - Name of the referent. - from_namespace: - description: - - Namespace of the referent. - from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - from_uid: - description: - - UID of the referent. - aliases: - - uid - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - last_version: - description: - - lastVersion (optional) is the LastVersion of the BuildConfig that was used to - generate the build. If the BuildConfig in the generator doesn't match, a build - will not be generated. - type: int - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - revision_git_author_email: - description: - - email of the source control user - aliases: - - email - revision_git_author_name: - description: - - name of the source control user - revision_git_commit: - description: - - commit is the commit hash identifying a specific commit - aliases: - - commit - revision_git_committer_email: - description: - - email of the source control user - revision_git_committer_name: - description: - - name of the source control user - revision_git_message: - description: - - message is the description of a specific commit - aliases: - - message - revision_type: - description: - - type of the build source, may be one of 'Source', 'Dockerfile', 'Binary', or - 'Images' - aliases: - - type - source_strategy_options_incremental: - description: - - incremental overrides the source-strategy incremental option in the build config - aliases: - - incremental - type: bool - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - triggered_by: - description: - - triggeredBy describes which triggers started the most recent update to the build - configuration and contains information about those triggers. - type: list - triggered_by_image_api_version: - description: - - API version of the referent. - triggered_by_image_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - triggered_by_image_kind: - description: - - Kind of the referent. - triggered_by_image_name: - description: - - Name of the referent. - triggered_by_image_namespace: - description: - - Namespace of the referent. - triggered_by_image_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - triggered_by_image_uid: - description: - - UID of the referent. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -build_request: - type: complex - returned: on success - contains: - from: - description: - - from is the reference to the ImageStreamTag that triggered the build. - type: complex - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - binary: - description: - - binary indicates a request to build from a binary provided to the builder - type: complex - docker_strategy_options: - description: - - DockerStrategyOptions contains additional docker-strategy specific options - for the build - type: complex - env: - description: - - env contains additional environment variables you want to pass into a builder - container. - type: list - contains: - name: - description: - - Name of the environment variable. Must be a C_IDENTIFIER. - type: str - value: - description: - - 'Variable references $(VAR_NAME) are expanded using the previous defined - environment variables in the container and any service environment variables. - If a variable cannot be resolved, the reference in the input string will - be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, - ie: $$(VAR_NAME). Escaped references will never be expanded, regardless - of whether the variable exists or not. Defaults to "".' - type: str - value_from: - description: - - Source for the environment variable's value. Cannot be used if value is - not empty. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - last_version: - description: - - lastVersion (optional) is the LastVersion of the BuildConfig that was used - to generate the build. If the BuildConfig in the generator doesn't match, - a build will not be generated. - type: int - metadata: - description: - - metadata for BuildRequest. - type: complex - revision: - description: - - revision is the information from the source for a specific repo snapshot. - type: complex - source_strategy_options: - description: - - SourceStrategyOptions contains additional source-strategy specific options - for the build - type: complex - triggered_by: - description: - - triggeredBy describes which triggers started the most recent update to the - build configuration and contains information about those triggers. - type: list - contains: - bitbucket_web_hook: - description: - - BitbucketWebHook represents data for a Bitbucket webhook that fired a - specific build. - type: complex - generic_web_hook: - description: - - genericWebHook holds data about a builds generic webhook trigger. - type: complex - github_web_hook: - description: - - gitHubWebHook represents data for a GitHub webhook that fired a specific - build. - type: complex - gitlab_web_hook: - description: - - GitLabWebHook represents data for a GitLab webhook that fired a specific - build. - type: complex - image_change_build: - description: - - imageChangeBuild stores information about an imagechange event that triggered - a new build. - type: complex - message: - description: - - 'message is used to store a human readable message for why the build was - triggered. E.g.: "Manually triggered by user", "Configuration change",etc.' - type: str - triggered_by_image: - description: - - triggeredByImage is the Image that triggered this build. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('build_request', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_network.py b/library/openshift_v1_cluster_network.py deleted file mode 100644 index b98429f4..00000000 --- a/library/openshift_v1_cluster_network.py +++ /dev/null @@ -1,214 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_network -short_description: OpenShift ClusterNetwork -description: -- Manage the lifecycle of a cluster_network object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - cluster_networks: - description: - - ClusterNetworks is a list of ClusterNetwork objects that defines the global - overlay network's L3 space by specifying a set of CIDR and netmasks that the - SDN can allocate addressed from. - type: list - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - hostsubnetlength: - description: - - HostSubnetLength is the number of bits of network to allocate to each node. - eg, 8 would mean that each node would have a /24 slice of the overlay network - for its pods - type: int - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - network: - description: - - Network is a CIDR string specifying the global overlay network's L3 space - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - plugin_name: - description: - - PluginName is the name of the network plugin being used - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - service_network: - description: - - ServiceNetwork is the CIDR range that Service IP addresses are allocated from - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_network: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - cluster_networks: - description: - - ClusterNetworks is a list of ClusterNetwork objects that defines the global - overlay network's L3 space by specifying a set of CIDR and netmasks that the - SDN can allocate addressed from. - type: list - contains: - cidr: - description: - - CIDR defines the total range of a cluster networks address space. - type: str - host_subnet_length: - description: - - HostSubnetLength is the number of bits of the accompanying CIDR address - to allocate to each node. eg, 8 would mean that each node would have a - /24 slice of the overlay network for its pods. - type: int - hostsubnetlength: - description: - - HostSubnetLength is the number of bits of network to allocate to each node. - eg, 8 would mean that each node would have a /24 slice of the overlay network - for its pods - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - network: - description: - - Network is a CIDR string specifying the global overlay network's L3 space - type: str - plugin_name: - description: - - PluginName is the name of the network plugin being used - type: str - service_network: - description: - - ServiceNetwork is the CIDR range that Service IP addresses are allocated from - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_network', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_network_list.py b/library/openshift_v1_cluster_network_list.py deleted file mode 100644 index 52edabec..00000000 --- a/library/openshift_v1_cluster_network_list.py +++ /dev/null @@ -1,193 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_network_list -short_description: OpenShift ClusterNetworkList -description: -- Retrieve a list of cluster_networks. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_network_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of cluster networks - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - cluster_networks: - description: - - ClusterNetworks is a list of ClusterNetwork objects that defines the global - overlay network's L3 space by specifying a set of CIDR and netmasks that - the SDN can allocate addressed from. - type: list - contains: - cidr: - description: - - CIDR defines the total range of a cluster networks address space. - type: str - host_subnet_length: - description: - - HostSubnetLength is the number of bits of the accompanying CIDR address - to allocate to each node. eg, 8 would mean that each node would have - a /24 slice of the overlay network for its pods. - type: int - hostsubnetlength: - description: - - HostSubnetLength is the number of bits of network to allocate to each - node. eg, 8 would mean that each node would have a /24 slice of the overlay - network for its pods - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - network: - description: - - Network is a CIDR string specifying the global overlay network's L3 space - type: str - plugin_name: - description: - - PluginName is the name of the network plugin being used - type: str - service_network: - description: - - ServiceNetwork is the CIDR range that Service IP addresses are allocated - from - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_network_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_resource_quota.py b/library/openshift_v1_cluster_resource_quota.py deleted file mode 100644 index 2a86339b..00000000 --- a/library/openshift_v1_cluster_resource_quota.py +++ /dev/null @@ -1,201 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_resource_quota -short_description: OpenShift ClusterResourceQuota -description: -- Manage the lifecycle of a cluster_resource_quota object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_quota_hard: - description: - - Hard is the set of desired hard limits for each named resource. - aliases: - - quota_hard - type: dict - spec_quota_scopes: - description: - - A collection of filters that must match each object tracked by a quota. If not - specified, the quota matches all objects. - aliases: - - quota_scopes - type: list - spec_selector_annotations: - description: - - AnnotationSelector is used to select projects by annotation. - aliases: - - selector_annotations - type: dict - spec_selector_labels_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_labels_match_expressions - type: list - spec_selector_labels_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_labels_match_labels - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_resource_quota: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired quota - type: complex - status: - description: - - Status defines the actual enforced quota and its current usage - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_resource_quota', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_resource_quota_list.py b/library/openshift_v1_cluster_resource_quota_list.py deleted file mode 100644 index 19271697..00000000 --- a/library/openshift_v1_cluster_resource_quota_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_resource_quota_list -short_description: OpenShift ClusterResourceQuotaList -description: -- Retrieve a list of cluster_resource_quotas. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_resource_quota_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterResourceQuotas - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired quota - type: complex - status: - description: - - Status defines the actual enforced quota and its current usage - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_resource_quota_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_role.py b/library/openshift_v1_cluster_role.py deleted file mode 100644 index e0aeb67e..00000000 --- a/library/openshift_v1_cluster_role.py +++ /dev/null @@ -1,222 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_role -short_description: OpenShift ClusterRole -description: -- Manage the lifecycle of a cluster_role object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - aggregation_rule_cluster_role_selectors: - description: - - ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles - and create the rules. If any of the selectors match, then the ClusterRole's - permissions will be added - aliases: - - cluster_role_selectors - type: list - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role: - type: complex - returned: when I(state) = C(present) - contains: - aggregation_rule: - description: - - AggregationRule is an optional field that describes how to build the Rules - for this ClusterRole. If AggregationRule is set, then the Rules are controller - managed and direct changes to Rules will be stomped by the controller. - type: complex - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - this field is empty, then both kubernetes and origin API groups are assumed. - That means that if an action is requested against one of the enumerated - resources in either the kubernetes or the origin API group, the request - will be allowed - type: list - contains: str - attribute_restrictions: - description: - - AttributeRestrictions will vary depending on what the Authorizer/AuthorizationAttributeBuilder - pair supports. If the Authorizer does not recognize how to handle the - AttributeRestrictions, the Authorizer should report an error. - type: complex - non_resource_ur_ls: - description: - - NonResourceURLsSlice is a set of partial urls that a user should have - access to. *s are allowed, but only as the full, final step in the path - This name is intentionally different than the internal type so that the - DefaultConvert works nicely and because the ordering may be different. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_role', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_role_binding.py b/library/openshift_v1_cluster_role_binding.py deleted file mode 100644 index 511e340f..00000000 --- a/library/openshift_v1_cluster_role_binding.py +++ /dev/null @@ -1,281 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_role_binding -short_description: OpenShift ClusterRoleBinding -description: -- Manage the lifecycle of a cluster_role_binding object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - group_names: - description: - - GroupNames holds all the groups directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects for - further details. - type: list - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_version: - description: - - API version of the referent. - aliases: - - api_version - role_ref_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - role_ref_kind: - description: - - Kind of the referent. - aliases: - - kind - role_ref_name: - description: - - Name of the referent. - role_ref_namespace: - description: - - Namespace of the referent. - role_ref_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - role_ref_uid: - description: - - UID of the referent. - aliases: - - uid - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects hold object references to authorize with this rule. This field is ignored - if UserNames or GroupNames are specified to support legacy clients and servers. - Thus newer clients that do not need to support backwards compatibility should - send only fully qualified Subjects and should omit the UserNames and GroupNames - fields. Clients that need to support backwards compatibility can use this field - to build the UserNames and GroupNames. - type: list - user_names: - description: - - UserNames holds all the usernames directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects for - further details. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - group_names: - description: - - GroupNames holds all the groups directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects - for further details. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference the current namespace and the global namespace. - If the ClusterRoleRef cannot be resolved, the Authorizer must return an error. - Since Policy is a singleton, this is sufficient knowledge to locate a role. - type: complex - subjects: - description: - - Subjects hold object references to authorize with this rule. This field is - ignored if UserNames or GroupNames are specified to support legacy clients - and servers. Thus newer clients that do not need to support backwards compatibility - should send only fully qualified Subjects and should omit the UserNames and - GroupNames fields. Clients that need to support backwards compatibility can - use this field to build the UserNames and GroupNames. - type: list - contains: - api_version: - description: - - API version of the referent. - type: str - field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this - string should contain a valid JSON/Go field access statement, such as - desiredState.manifest.containers[2]. For example, if the object reference - is to a container within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered the event) - or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object.' - type: str - kind: - description: - - Kind of the referent. - type: str - name: - description: - - Name of the referent. - type: str - namespace: - description: - - Namespace of the referent. - type: str - resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - type: str - uid: - description: - - UID of the referent. - type: str - user_names: - description: - - UserNames holds all the usernames directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects - for further details. - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_role_binding', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_role_binding_list.py b/library/openshift_v1_cluster_role_binding_list.py deleted file mode 100644 index bdf0ee23..00000000 --- a/library/openshift_v1_cluster_role_binding_list.py +++ /dev/null @@ -1,224 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_role_binding_list -short_description: OpenShift ClusterRoleBindingList -description: -- Retrieve a list of cluster_role_bindings. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - group_names: - description: - - GroupNames holds all the groups directly bound to the role. This field - should only be specified when supporting legacy clients and servers. See - Subjects for further details. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference the current namespace and the global namespace. - If the ClusterRoleRef cannot be resolved, the Authorizer must return an - error. Since Policy is a singleton, this is sufficient knowledge to locate - a role. - type: complex - subjects: - description: - - Subjects hold object references to authorize with this rule. This field - is ignored if UserNames or GroupNames are specified to support legacy - clients and servers. Thus newer clients that do not need to support backwards - compatibility should send only fully qualified Subjects and should omit - the UserNames and GroupNames fields. Clients that need to support backwards - compatibility can use this field to build the UserNames and GroupNames. - type: list - contains: - api_version: - description: - - API version of the referent. - type: str - field_path: - description: - - 'If referring to a piece of an object instead of an entire object, - this string should contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For example, if the object - reference is to a container within a pod, this would take on a value - like: "spec.containers{name}" (where "name" refers to the name of - the container that triggered the event) or if no container name is - specified "spec.containers[2]" (container with index 2 in this pod). - This syntax is chosen only to have some well-defined way of referencing - a part of an object.' - type: str - kind: - description: - - Kind of the referent. - type: str - name: - description: - - Name of the referent. - type: str - namespace: - description: - - Namespace of the referent. - type: str - resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - type: str - uid: - description: - - UID of the referent. - type: str - user_names: - description: - - UserNames holds all the usernames directly bound to the role. This field - should only be specified when supporting legacy clients and servers. See - Subjects for further details. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_role_binding_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_role_list.py b/library/openshift_v1_cluster_role_list.py deleted file mode 100644 index 882493fc..00000000 --- a/library/openshift_v1_cluster_role_list.py +++ /dev/null @@ -1,210 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_role_list -short_description: OpenShift ClusterRoleList -description: -- Retrieve a list of cluster_roles. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoles - type: list - contains: - aggregation_rule: - description: - - AggregationRule is an optional field that describes how to build the Rules - for this ClusterRole. If AggregationRule is set, then the Rules are controller - managed and direct changes to Rules will be stomped by the controller. - type: complex - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If this field is empty, then both kubernetes and origin API groups - are assumed. That means that if an action is requested against one - of the enumerated resources in either the kubernetes or the origin - API group, the request will be allowed - type: list - contains: str - attribute_restrictions: - description: - - AttributeRestrictions will vary depending on what the Authorizer/AuthorizationAttributeBuilder - pair supports. If the Authorizer does not recognize how to handle - the AttributeRestrictions, the Authorizer should report an error. - type: complex - non_resource_ur_ls: - description: - - NonResourceURLsSlice is a set of partial urls that a user should have - access to. *s are allowed, but only as the full, final step in the - path This name is intentionally different than the internal type so - that the DefaultConvert works nicely and because the ordering may - be different. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_role_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_controller_revision.py b/library/openshift_v1_controller_revision.py deleted file mode 100644 index 176c1891..00000000 --- a/library/openshift_v1_controller_revision.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_controller_revision -short_description: OpenShift ControllerRevision -description: -- Manage the lifecycle of a controller_revision object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - data_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - raw - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -controller_revision: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - data: - description: - - Data is the serialized representation of the state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('controller_revision', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_controller_revision_list.py b/library/openshift_v1_controller_revision_list.py deleted file mode 100644 index 637b0748..00000000 --- a/library/openshift_v1_controller_revision_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_controller_revision_list -short_description: OpenShift ControllerRevisionList -description: -- Retrieve a list of controller_revisions. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -controller_revision_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of ControllerRevisions - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - data: - description: - - Data is the serialized representation of the state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - '' - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('controller_revision_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_daemon_set.py b/library/openshift_v1_daemon_set.py deleted file mode 100644 index 2b8c3e51..00000000 --- a/library/openshift_v1_daemon_set.py +++ /dev/null @@ -1,542 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_daemon_set -short_description: OpenShift DaemonSet -description: -- Manage the lifecycle of a daemon_set object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - The minimum number of seconds for which a newly created DaemonSet pod should - be ready without any of its container crashing, for it to be considered available. - Defaults to 0 (pod will be considered available as soon as it is ready). - aliases: - - min_ready_seconds - type: int - spec_revision_history_limit: - description: - - The number of old history to retain to allow rollback. This is a pointer to - distinguish between explicit zero and not specified. Defaults to 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_update_strategy_rolling_update_max_unavailable: - description: - - 'The maximum number of DaemonSet pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet - pods at the start of the update (ex: 10%). Absolute number is calculated from - percentage by rounding up. This cannot be 0. Default value is 1. Example: when - this is set to 30%, at most 30% of the total number of nodes that should be - running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods - stopped for an update at any given time. The update starts by stopping at most - 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. - Once the new pods are available, it then proceeds onto other DaemonSet pods, - thus ensuring that at least 70% of original number of DaemonSet pods are available - at all times during the update.' - aliases: - - update_strategy_rolling_update_max_unavailable - type: object - spec_update_strategy_type: - description: - - Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is - RollingUpdate. - aliases: - - update_strategy_type - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -daemon_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - The desired behavior of this daemon set. - type: complex - status: - description: - - The current status of this daemon set. This data may be out of date by some - window of time. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('daemon_set', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_daemon_set_list.py b/library/openshift_v1_daemon_set_list.py deleted file mode 100644 index f453dddc..00000000 --- a/library/openshift_v1_daemon_set_list.py +++ /dev/null @@ -1,166 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_daemon_set_list -short_description: OpenShift DaemonSetList -description: -- Retrieve a list of daemon_sets. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -daemon_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - A list of daemon sets. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - The desired behavior of this daemon set. - type: complex - status: - description: - - The current status of this daemon set. This data may be out of date by - some window of time. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('daemon_set_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_deployment.py b/library/openshift_v1_deployment.py deleted file mode 100644 index 22d2da00..00000000 --- a/library/openshift_v1_deployment.py +++ /dev/null @@ -1,606 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_deployment -short_description: OpenShift Deployment -description: -- Manage the lifecycle of a deployment object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_paused: - description: - - Indicates that the deployment is paused. - aliases: - - paused - type: bool - spec_progress_deadline_seconds: - description: - - The maximum time in seconds for a deployment to make progress before it is considered - to be failed. The deployment controller will continue to process failed deployments - and a condition with a ProgressDeadlineExceeded reason will be surfaced in the - deployment status. Note that progress will not be estimated during the time - a deployment is paused. Defaults to 600s. - aliases: - - progress_deadline_seconds - type: int - spec_replicas: - description: - - Number of desired pods. This is a pointer to distinguish between explicit zero - and not specified. Defaults to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - The number of old ReplicaSets to retain to allow rollback. This is a pointer - to distinguish between explicit zero and not specified. Defaults to 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_strategy_active_deadline_seconds: - description: - - ActiveDeadlineSeconds is the duration in seconds that the deployer pods for - this deployment config may be active on a node before the system actively tries - to terminate them. - aliases: - - strategy_active_deadline_seconds - type: int - spec_strategy_annotations: - description: - - Annotations is a set of key, value pairs added to custom deployer and lifecycle - pre/post hook pods. - aliases: - - strategy_annotations - type: dict - spec_strategy_custom_params: - description: - - When C(spec_strategy_type) is I(Custom), provide a mapping of 'key:value' settings. - aliases: - - strategy_custom_params - type: dict - spec_strategy_labels: - description: - - Labels is a set of key, value pairs added to custom deployer and lifecycle pre/post - hook pods. - aliases: - - strategy_labels - type: dict - spec_strategy_recreate_params: - description: - - When C(spec_strategy_type) is I(Recreate), provide a mapping of 'key:value' - settings. - aliases: - - strategy_recreate_params - type: dict - spec_strategy_resources_limits: - description: - - Limits describes the maximum amount of compute resources allowed. - aliases: - - strategy_resources_limits - type: dict - spec_strategy_resources_requests: - description: - - Requests describes the minimum amount of compute resources required. If Requests - is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. - aliases: - - strategy_resources_requests - type: dict - spec_strategy_rolling_params: - description: - - When C(spec_strategy_type) is I(Rolling), provide a mapping of 'key:value' settings. - aliases: - - strategy_rolling_params - type: dict - spec_strategy_type: - description: - - Type is the name of a deployment strategy. - choices: - - Rolling - - Custom - - Recreate - aliases: - - strategy_type - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('deployment', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_deployment_config.py b/library/openshift_v1_deployment_config.py deleted file mode 100644 index 5ad45ab4..00000000 --- a/library/openshift_v1_deployment_config.py +++ /dev/null @@ -1,687 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_deployment_config -short_description: OpenShift DeploymentConfig -description: -- Manage the lifecycle of a deployment_config object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - MinReadySeconds is the minimum number of seconds for which a newly created pod - should be ready without any of its container crashing, for it to be considered - available. Defaults to 0 (pod will be considered available as soon as it is - ready) - aliases: - - min_ready_seconds - type: int - spec_paused: - description: - - Paused indicates that the deployment config is paused resulting in no new deployments - on template changes or changes in the template caused by other triggers. - aliases: - - paused - type: bool - spec_replicas: - description: - - Replicas is the number of desired replicas. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - RevisionHistoryLimit is the number of old ReplicationControllers to retain to - allow for rollbacks. This field is a pointer to allow for differentiation between - an explicit zero and not specified. Defaults to 10. (This only applies to DeploymentConfigs - created via the new group API resource, not the legacy resource.) - aliases: - - revision_history_limit - type: int - spec_selector: - description: - - Selector is a label query over pods that should match the Replicas count. - aliases: - - selector - type: dict - spec_strategy_active_deadline_seconds: - description: - - ActiveDeadlineSeconds is the duration in seconds that the deployer pods for - this deployment config may be active on a node before the system actively tries - to terminate them. - aliases: - - strategy_active_deadline_seconds - type: int - spec_strategy_annotations: - description: - - Annotations is a set of key, value pairs added to custom deployer and lifecycle - pre/post hook pods. - aliases: - - strategy_annotations - type: dict - spec_strategy_custom_params: - description: - - When C(spec_strategy_type) is I(Custom), provide a mapping of 'key:value' settings. - aliases: - - strategy_custom_params - type: dict - spec_strategy_labels: - description: - - Labels is a set of key, value pairs added to custom deployer and lifecycle pre/post - hook pods. - aliases: - - strategy_labels - type: dict - spec_strategy_recreate_params: - description: - - When C(spec_strategy_type) is I(Recreate), provide a mapping of 'key:value' - settings. - aliases: - - strategy_recreate_params - type: dict - spec_strategy_resources_limits: - description: - - Limits describes the maximum amount of compute resources allowed. - aliases: - - strategy_resources_limits - type: dict - spec_strategy_resources_requests: - description: - - Requests describes the minimum amount of compute resources required. If Requests - is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. - aliases: - - strategy_resources_requests - type: dict - spec_strategy_rolling_params: - description: - - When C(spec_strategy_type) is I(Rolling), provide a mapping of 'key:value' settings. - aliases: - - strategy_rolling_params - type: dict - spec_strategy_type: - description: - - Type is the name of a deployment strategy. - choices: - - Rolling - - Custom - - Recreate - aliases: - - strategy_type - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_test: - description: - - Test ensures that this deployment config will have zero replicas except while - a deployment is running. This allows the deployment config to be used as a continuous - deployment test - triggering on images, running the deployment, and then succeeding - or failing. Post strategy hooks and After actions can be used to integrate successful - deployment with an action. - aliases: - - test - type: bool - spec_triggers: - description: - - Triggers determine how updates to a DeploymentConfig result in new deployments. - If no triggers are defined, a new deployment can only occur as a result of an - explicit client update to the DeploymentConfig with a new LatestVersion. If - null, defaults to having a config change trigger. - aliases: - - triggers - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -- name: Create deployment config - openshift_v1_deployment_config.yml: - name: frontend - namespace: k8s-project - state: present - spec_template_metadata_labels: - name: frontend - containers: - - name: helloworld - image: openshift/origin-ruby-sample - ports: - - container_port: 8080 - protocol: TCP - name: http-port - replicas: 5 - selector: - name: frontend - triggers: - - type: ConfigChange - - type: ImageChange - image_change_params: - automatic: true - container_names: - - helloworld - _from: - kind: ImageStreamTag - name: origin-ruby-sample:latest - strategy_type: Rolling - -- name: Patch deployment config - openshift_v1_deployment_config.yml: - name: frontend - namespace: k8s-project - state: present - spec_template_metadata_labels: - name: frontend - containers: - - name: helloworld - image: openshift/origin-ruby-sample:v1.0 - ports: - - container_port: 9000 - protocol: UDP - name: udp-port - replicas: 3 - -- name: Replace deployment config - openshift_v1_deployment_config.yml: - name: frontend - namespace: k8s-project - state: replaced - spec_template_metadata_labels: - name: frontend_app - containers: - - name: helloworld - image: openshift/origin-ruby-sample:v2 - ports: - - container_port: 8888 - protocol: TCP - name: http-port - replicas: 2 - selector: - name: frontend_app - triggers: - - type: ConfigChange - - type: ImageChange - image_change_params: - automatic: true - container_names: - - helloworld - _from: - kind: ImageStreamTag - name: origin-ruby-sample:v2 - strategy_type: Rolling - -- name: Remove deployment config - openshift_v1_deployment_config.yml: - name: frontend - namespace: k8s-project - state: absent -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_config: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec represents a desired deployment state and how to deploy to it. - type: complex - status: - description: - - Status represents the current deployment state. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('deployment_config', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_deployment_config_list.py b/library/openshift_v1_deployment_config_list.py deleted file mode 100644 index 8d0db2e6..00000000 --- a/library/openshift_v1_deployment_config_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_deployment_config_list -short_description: OpenShift DeploymentConfigList -description: -- Retrieve a list of deployment_configs. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_config_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of deployment configs - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec represents a desired deployment state and how to deploy to it. - type: complex - status: - description: - - Status represents the current deployment state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('deployment_config_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_deployment_config_rollback.py b/library/openshift_v1_deployment_config_rollback.py deleted file mode 100644 index 2d1d6c4e..00000000 --- a/library/openshift_v1_deployment_config_rollback.py +++ /dev/null @@ -1,200 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_deployment_config_rollback -short_description: OpenShift DeploymentConfigRollback -description: -- Manage the lifecycle of a deployment_config_rollback object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - name: - description: - - Name of the deployment config that will be rolled back. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_from_api_version: - description: - - API version of the referent. - aliases: - - from_api_version - spec_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - from_field_path - spec_from_kind: - description: - - Kind of the referent. - aliases: - - from_kind - spec_from_name: - description: - - Name of the referent. - aliases: - - from_name - spec_from_namespace: - description: - - Namespace of the referent. - aliases: - - from_namespace - spec_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - from_resource_version - spec_from_uid: - description: - - UID of the referent. - aliases: - - from_uid - spec_include_replication_meta: - description: - - IncludeReplicationMeta specifies whether to include the replica count and selector. - aliases: - - include_replication_meta - type: bool - spec_include_strategy: - description: - - IncludeStrategy specifies whether to include the deployment Strategy. - aliases: - - include_strategy - type: bool - spec_include_template: - description: - - IncludeTemplate specifies whether to include the PodTemplateSpec. - aliases: - - include_template - type: bool - spec_include_triggers: - description: - - IncludeTriggers specifies whether to include config Triggers. - aliases: - - include_triggers - type: bool - spec_revision: - description: - - Revision to rollback to. If set to 0, rollback to the last revision. - aliases: - - revision - type: int - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - updated_annotations: - description: - - UpdatedAnnotations is a set of new annotations that will be added in the deployment - config. - type: dict - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_config_rollback: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - name: - description: - - Name of the deployment config that will be rolled back. - type: str - spec: - description: - - Spec defines the options to rollback generation. - type: complex - updated_annotations: - description: - - UpdatedAnnotations is a set of new annotations that will be added in the deployment - config. - type: complex - contains: str, str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('deployment_config_rollback', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_deployment_list.py b/library/openshift_v1_deployment_list.py deleted file mode 100644 index efcd8ce7..00000000 --- a/library/openshift_v1_deployment_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_deployment_list -short_description: OpenShift DeploymentList -description: -- Retrieve a list of deployments. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of Deployments. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('deployment_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_egress_network_policy.py b/library/openshift_v1_egress_network_policy.py deleted file mode 100644 index 7bbc6ccf..00000000 --- a/library/openshift_v1_egress_network_policy.py +++ /dev/null @@ -1,168 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_egress_network_policy -short_description: OpenShift EgressNetworkPolicy -description: -- Manage the lifecycle of a egress_network_policy object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_egress: - description: - - egress contains the list of egress policy rules - aliases: - - egress - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -egress_network_policy: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata for EgressNetworkPolicy - type: complex - spec: - description: - - spec is the specification of the current egress network policy - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('egress_network_policy', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_egress_network_policy_list.py b/library/openshift_v1_egress_network_policy_list.py deleted file mode 100644 index a10cd014..00000000 --- a/library/openshift_v1_egress_network_policy_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_egress_network_policy_list -short_description: OpenShift EgressNetworkPolicyList -description: -- Retrieve a list of egress_network_policys. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -egress_network_policy_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is the list of policies - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - metadata for EgressNetworkPolicy - type: complex - spec: - description: - - spec is the specification of the current egress network policy - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata for EgressNetworkPolicyList - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('egress_network_policy_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_group.py b/library/openshift_v1_group.py deleted file mode 100644 index 4f9cfa00..00000000 --- a/library/openshift_v1_group.py +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_group -short_description: OpenShift Group -description: -- Manage the lifecycle of a group object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - users: - description: - - Users is the list of users in this group. - type: list - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -group: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - users: - description: - - Users is the list of users in this group. - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('group', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_group_list.py b/library/openshift_v1_group_list.py deleted file mode 100644 index 9d93bc35..00000000 --- a/library/openshift_v1_group_list.py +++ /dev/null @@ -1,162 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_group_list -short_description: OpenShift GroupList -description: -- Retrieve a list of groups. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -group_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of groups - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - users: - description: - - Users is the list of users in this group. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('group_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_host_subnet.py b/library/openshift_v1_host_subnet.py deleted file mode 100644 index b600f4f0..00000000 --- a/library/openshift_v1_host_subnet.py +++ /dev/null @@ -1,193 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_host_subnet -short_description: OpenShift HostSubnet -description: -- Manage the lifecycle of a host_subnet object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - egress_i_ps: - description: - - EgressIPs is the list of automatic egress IP addresses currently hosted by this - node - type: list - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Host is the name of the node. (This is the same as the object's name, but both - fields must be set.) - host_ip: - description: - - HostIP is the IP address to be used as a VTEP by other nodes in the overlay - network - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subnet: - description: - - Subnet is the CIDR range of the overlay network assigned to the node for its - pods - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -host_subnet: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - egress_i_ps: - description: - - EgressIPs is the list of automatic egress IP addresses currently hosted by - this node - type: list - contains: str - host: - description: - - Host is the name of the node. (This is the same as the object's name, but - both fields must be set.) - type: str - host_ip: - description: - - HostIP is the IP address to be used as a VTEP by other nodes in the overlay - network - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - subnet: - description: - - Subnet is the CIDR range of the overlay network assigned to the node for its - pods - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('host_subnet', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_host_subnet_list.py b/library/openshift_v1_host_subnet_list.py deleted file mode 100644 index 12ff372f..00000000 --- a/library/openshift_v1_host_subnet_list.py +++ /dev/null @@ -1,178 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_host_subnet_list -short_description: OpenShift HostSubnetList -description: -- Retrieve a list of host_subnets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -host_subnet_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of host subnets - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - egress_i_ps: - description: - - EgressIPs is the list of automatic egress IP addresses currently hosted - by this node - type: list - contains: str - host: - description: - - Host is the name of the node. (This is the same as the object's name, - but both fields must be set.) - type: str - host_ip: - description: - - HostIP is the IP address to be used as a VTEP by other nodes in the overlay - network - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - subnet: - description: - - Subnet is the CIDR range of the overlay network assigned to the node for - its pods - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('host_subnet_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_identity.py b/library/openshift_v1_identity.py deleted file mode 100644 index 397e8b6d..00000000 --- a/library/openshift_v1_identity.py +++ /dev/null @@ -1,223 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_identity -short_description: OpenShift Identity -description: -- Manage the lifecycle of a identity object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - extra: - description: - - Extra holds extra information about this identity - type: dict - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - provider_name: - description: - - ProviderName is the source of identity information - provider_user_name: - description: - - ProviderUserName uniquely represents this identity in the scope of the provider - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - user_api_version: - description: - - API version of the referent. - aliases: - - api_version - user_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - user_kind: - description: - - Kind of the referent. - aliases: - - kind - user_name: - description: - - Name of the referent. - user_namespace: - description: - - Namespace of the referent. - user_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - user_uid: - description: - - UID of the referent. - aliases: - - uid - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -identity: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - extra: - description: - - Extra holds extra information about this identity - type: complex - contains: str, str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - provider_name: - description: - - ProviderName is the source of identity information - type: str - provider_user_name: - description: - - ProviderUserName uniquely represents this identity in the scope of the provider - type: str - user: - description: - - User is a reference to the user this identity is associated with Both Name - and UID must be set - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('identity', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_identity_list.py b/library/openshift_v1_identity_list.py deleted file mode 100644 index 14d3bb2b..00000000 --- a/library/openshift_v1_identity_list.py +++ /dev/null @@ -1,176 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_identity_list -short_description: OpenShift IdentityList -description: -- Retrieve a list of identitys. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -identity_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of identities - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - extra: - description: - - Extra holds extra information about this identity - type: complex - contains: str, str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - provider_name: - description: - - ProviderName is the source of identity information - type: str - provider_user_name: - description: - - ProviderUserName uniquely represents this identity in the scope of the - provider - type: str - user: - description: - - User is a reference to the user this identity is associated with Both - Name and UID must be set - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('identity_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image.py b/library/openshift_v1_image.py deleted file mode 100644 index cd8fd79e..00000000 --- a/library/openshift_v1_image.py +++ /dev/null @@ -1,332 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image -short_description: OpenShift Image -description: -- Manage the lifecycle of a image object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - docker_image_config: - description: - - DockerImageConfig is a JSON blob that the runtime uses to set up the container. - This is a part of manifest schema v2. - docker_image_layers: - description: - - DockerImageLayers represents the layers in the image. May not be set if the - image does not define that data. - type: list - docker_image_manifest: - description: - - DockerImageManifest is the raw JSON of the manifest - docker_image_manifest_media_type: - description: - - DockerImageManifestMediaType specifies the mediaType of manifest. This is a - part of manifest schema v2. - docker_image_metadata_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - raw - docker_image_metadata_version: - description: - - DockerImageMetadataVersion conveys the version of the object, which if empty - defaults to "1.0" - docker_image_reference: - description: - - DockerImageReference is the string that can be used to pull this image. - docker_image_signatures: - description: - - DockerImageSignatures provides the signatures as opaque blobs. This is a part - of manifest schema v1. - type: list - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - signatures: - description: - - Signatures holds all signatures of the image. - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - docker_image_config: - description: - - DockerImageConfig is a JSON blob that the runtime uses to set up the container. - This is a part of manifest schema v2. - type: str - docker_image_layers: - description: - - DockerImageLayers represents the layers in the image. May not be set if the - image does not define that data. - type: list - contains: - media_type: - description: - - MediaType of the referenced object. - type: str - name: - description: - - Name of the layer as defined by the underlying store. - type: str - size: - description: - - Size of the layer in bytes as defined by the underlying store. - type: int - docker_image_manifest: - description: - - DockerImageManifest is the raw JSON of the manifest - type: str - docker_image_manifest_media_type: - description: - - DockerImageManifestMediaType specifies the mediaType of manifest. This is - a part of manifest schema v2. - type: str - docker_image_metadata: - description: - - DockerImageMetadata contains metadata about this image - type: complex - docker_image_metadata_version: - description: - - DockerImageMetadataVersion conveys the version of the object, which if empty - defaults to "1.0" - type: str - docker_image_reference: - description: - - DockerImageReference is the string that can be used to pull this image. - type: str - docker_image_signatures: - description: - - DockerImageSignatures provides the signatures as opaque blobs. This is a part - of manifest schema v1. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - signatures: - description: - - Signatures holds all signatures of the image. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - conditions: - description: - - Conditions represent the latest available observations of a signature's - current state. - type: list - contains: - last_probe_time: - description: - - Last time the condition was checked. - type: complex - contains: {} - last_transition_time: - description: - - Last time the condition transit from one status to another. - type: complex - contains: {} - message: - description: - - Human readable message indicating details about last transition. - type: str - reason: - description: - - (brief) reason for the condition's last transition. - type: str - status: - description: - - Status of the condition, one of True, False, Unknown. - type: str - type: - description: - - Type of signature condition, Complete or Failed. - type: str - content: - description: - - "Required: An opaque binary string which is an image's signature." - type: str - created: - description: - - If specified, it is the time of signature's creation. - type: complex - contains: {} - image_identity: - description: - - A human readable string representing image's identity. It could be a product - name and version, or an image pull spec (e.g. "registry.access.redhat.com/rhel7/rhel:7.2"). - type: str - issued_by: - description: - - If specified, it holds information about an issuer of signing certificate - or key (a person or entity who signed the signing certificate or key). - type: complex - issued_to: - description: - - If specified, it holds information about a subject of signing certificate - or key (a person or entity who signed the image). - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - signed_claims: - description: - - Contains claims from the signature. - type: complex - contains: str, str - type: - description: - - 'Required: Describes a type of stored blob.' - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_list.py b/library/openshift_v1_image_list.py deleted file mode 100644 index d90f486e..00000000 --- a/library/openshift_v1_image_list.py +++ /dev/null @@ -1,294 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_list -short_description: OpenShift ImageList -description: -- Retrieve a list of images. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of images - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - docker_image_config: - description: - - DockerImageConfig is a JSON blob that the runtime uses to set up the container. - This is a part of manifest schema v2. - type: str - docker_image_layers: - description: - - DockerImageLayers represents the layers in the image. May not be set if - the image does not define that data. - type: list - contains: - media_type: - description: - - MediaType of the referenced object. - type: str - name: - description: - - Name of the layer as defined by the underlying store. - type: str - size: - description: - - Size of the layer in bytes as defined by the underlying store. - type: int - docker_image_manifest: - description: - - DockerImageManifest is the raw JSON of the manifest - type: str - docker_image_manifest_media_type: - description: - - DockerImageManifestMediaType specifies the mediaType of manifest. This - is a part of manifest schema v2. - type: str - docker_image_metadata: - description: - - DockerImageMetadata contains metadata about this image - type: complex - docker_image_metadata_version: - description: - - DockerImageMetadataVersion conveys the version of the object, which if - empty defaults to "1.0" - type: str - docker_image_reference: - description: - - DockerImageReference is the string that can be used to pull this image. - type: str - docker_image_signatures: - description: - - DockerImageSignatures provides the signatures as opaque blobs. This is - a part of manifest schema v1. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - signatures: - description: - - Signatures holds all signatures of the image. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of - an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. - type: str - conditions: - description: - - Conditions represent the latest available observations of a signature's - current state. - type: list - contains: - last_probe_time: - description: - - Last time the condition was checked. - type: complex - contains: {} - last_transition_time: - description: - - Last time the condition transit from one status to another. - type: complex - contains: {} - message: - description: - - Human readable message indicating details about last transition. - type: str - reason: - description: - - (brief) reason for the condition's last transition. - type: str - status: - description: - - Status of the condition, one of True, False, Unknown. - type: str - type: - description: - - Type of signature condition, Complete or Failed. - type: str - content: - description: - - "Required: An opaque binary string which is an image's signature." - type: str - created: - description: - - If specified, it is the time of signature's creation. - type: complex - contains: {} - image_identity: - description: - - A human readable string representing image's identity. It could be - a product name and version, or an image pull spec (e.g. "registry.access.redhat.com/rhel7/rhel:7.2"). - type: str - issued_by: - description: - - If specified, it holds information about an issuer of signing certificate - or key (a person or entity who signed the signing certificate or key). - type: complex - issued_to: - description: - - If specified, it holds information about a subject of signing certificate - or key (a person or entity who signed the image). - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object - represents. Servers may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - signed_claims: - description: - - Contains claims from the signature. - type: complex - contains: str, str - type: - description: - - 'Required: Describes a type of stored blob.' - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_signature.py b/library/openshift_v1_image_signature.py deleted file mode 100644 index 8d679239..00000000 --- a/library/openshift_v1_image_signature.py +++ /dev/null @@ -1,268 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_signature -short_description: OpenShift ImageSignature -description: -- Manage the lifecycle of a image_signature object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - conditions: - description: - - Conditions represent the latest available observations of a signature's current - state. - type: list - content: - description: - - "Required: An opaque binary string which is an image's signature." - context: - description: - - The name of a context found in the Kubernetes config file. - created: - description: - - If specified, it is the time of signature's creation. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - image_identity: - description: - - A human readable string representing image's identity. It could be a product - name and version, or an image pull spec (e.g. "registry.access.redhat.com/rhel7/rhel:7.2"). - issued_by_common_name: - description: - - Common name (e.g. openshift-signing-service). - aliases: - - common_name - issued_by_organization: - description: - - Organization name. - aliases: - - organization - issued_to_common_name: - description: - - Common name (e.g. openshift-signing-service). - issued_to_organization: - description: - - Organization name. - issued_to_public_key_id: - description: - - If present, it is a human readable key id of public key belonging to the subject - used to verify image signature. It should contain at least 64 lowest bits of - public key's fingerprint (e.g. 0x685ebe62bf278440). - aliases: - - public_key_id - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - signed_claims: - description: - - Contains claims from the signature. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - type: - description: - - 'Required: Describes a type of stored blob.' - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_signature: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - conditions: - description: - - Conditions represent the latest available observations of a signature's current - state. - type: list - contains: - last_probe_time: - description: - - Last time the condition was checked. - type: complex - contains: {} - last_transition_time: - description: - - Last time the condition transit from one status to another. - type: complex - contains: {} - message: - description: - - Human readable message indicating details about last transition. - type: str - reason: - description: - - (brief) reason for the condition's last transition. - type: str - status: - description: - - Status of the condition, one of True, False, Unknown. - type: str - type: - description: - - Type of signature condition, Complete or Failed. - type: str - content: - description: - - "Required: An opaque binary string which is an image's signature." - type: str - created: - description: - - If specified, it is the time of signature's creation. - type: complex - contains: {} - image_identity: - description: - - A human readable string representing image's identity. It could be a product - name and version, or an image pull spec (e.g. "registry.access.redhat.com/rhel7/rhel:7.2"). - type: str - issued_by: - description: - - If specified, it holds information about an issuer of signing certificate - or key (a person or entity who signed the signing certificate or key). - type: complex - issued_to: - description: - - If specified, it holds information about a subject of signing certificate - or key (a person or entity who signed the image). - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - signed_claims: - description: - - Contains claims from the signature. - type: complex - contains: str, str - type: - description: - - 'Required: Describes a type of stored blob.' - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_signature', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream.py b/library/openshift_v1_image_stream.py deleted file mode 100644 index 5b607cd8..00000000 --- a/library/openshift_v1_image_stream.py +++ /dev/null @@ -1,190 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream -short_description: OpenShift ImageStream -description: -- Manage the lifecycle of a image_stream object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_docker_image_repository: - description: - - 'dockerImageRepository is optional, if specified this stream is backed by a - Docker repository on this server Deprecated: This field is deprecated as of - v3.7 and will be removed in a future release. Specify the source for the tags - to be imported in each tag via the spec.tags.from reference instead.' - aliases: - - docker_image_repository - spec_lookup_policy_local: - description: - - local will change the docker short image references (like "mysql" or "php:latest") - on objects in this namespace to the image ID whenever they match this image - stream, instead of reaching out to a remote registry. The name will be fully - qualified to an image ID if found. The tag's referencePolicy is taken into account - on the replaced value. Only works within the current namespace. - aliases: - - lookup_policy_local - type: bool - spec_tags: - description: - - tags map arbitrary string values to specific image locators - aliases: - - tags - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec describes the desired state of this stream - type: complex - status: - description: - - Status describes the current state of this stream - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream_image.py b/library/openshift_v1_image_stream_image.py deleted file mode 100644 index 2c023559..00000000 --- a/library/openshift_v1_image_stream_image.py +++ /dev/null @@ -1,228 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream_image -short_description: OpenShift ImageStreamImage -description: -- Manage the lifecycle of a image_stream_image object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - image_api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - aliases: - - api_version - image_docker_image_config: - description: - - DockerImageConfig is a JSON blob that the runtime uses to set up the container. - This is a part of manifest schema v2. - aliases: - - docker_image_config - image_docker_image_layers: - description: - - DockerImageLayers represents the layers in the image. May not be set if the - image does not define that data. - aliases: - - docker_image_layers - type: list - image_docker_image_manifest: - description: - - DockerImageManifest is the raw JSON of the manifest - aliases: - - docker_image_manifest - image_docker_image_manifest_media_type: - description: - - DockerImageManifestMediaType specifies the mediaType of manifest. This is a - part of manifest schema v2. - aliases: - - docker_image_manifest_media_type - image_docker_image_metadata_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - image_docker_metadata_raw - image_docker_image_metadata_version: - description: - - DockerImageMetadataVersion conveys the version of the object, which if empty - defaults to "1.0" - aliases: - - docker_image_metadata_version - image_docker_image_reference: - description: - - DockerImageReference is the string that can be used to pull this image. - aliases: - - docker_image_reference - image_docker_image_signatures: - description: - - DockerImageSignatures provides the signatures as opaque blobs. This is a part - of manifest schema v1. - aliases: - - docker_image_signatures - type: list - image_kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - aliases: - - kind - image_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - image_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - image_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - image_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - image_signatures: - description: - - Signatures holds all signatures of the image. - aliases: - - signatures - type: list - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream_image: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - image: - description: - - Image associated with the ImageStream and image name. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream_image', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream_import.py b/library/openshift_v1_image_stream_import.py deleted file mode 100644 index 008d747f..00000000 --- a/library/openshift_v1_image_stream_import.py +++ /dev/null @@ -1,231 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream_import -short_description: OpenShift ImageStreamImport -description: -- Manage the lifecycle of a image_stream_import object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_images: - description: - - Images are a list of individual images to import. - aliases: - - images - type: list - spec_import: - description: - - Import indicates whether to perform an import - if so, the specified tags are - set on the spec and status of the image stream defined by the type meta. - aliases: - - import - type: bool - spec_repository_from_api_version: - description: - - API version of the referent. - aliases: - - repository_from_api_version - spec_repository_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - repository_from_field_path - spec_repository_from_kind: - description: - - Kind of the referent. - aliases: - - repository_from_kind - spec_repository_from_name: - description: - - Name of the referent. - aliases: - - repository_from_name - spec_repository_from_namespace: - description: - - Namespace of the referent. - aliases: - - repository_from_namespace - spec_repository_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - repository_from_resource_version - spec_repository_from_uid: - description: - - UID of the referent. - aliases: - - repository_from_uid - spec_repository_import_policy_insecure: - description: - - Insecure is true if the server may bypass certificate verification or connect - directly over HTTP during image import. - aliases: - - repository_import_policy_insecure - type: bool - spec_repository_import_policy_scheduled: - description: - - Scheduled indicates to the server that this tag should be periodically checked - to ensure it is up to date, and imported - aliases: - - repository_import_policy_scheduled - type: bool - spec_repository_include_manifest: - description: - - IncludeManifest determines if the manifest for each image is returned in the - response - aliases: - - repository_include_manifest - type: bool - spec_repository_reference_policy_type: - description: - - Type determines how the image pull spec should be transformed when the image - stream tag is used in deployment config triggers or new builds. The default - value is `Source`, indicating the original location of the image should be used - (if imported). The user may also specify `Local`, indicating that the pull spec - should point to the integrated Docker registry and leverage the registry's ability - to proxy the pull to an upstream registry. `Local` allows the credentials used - to pull this image to be managed from the image stream's namespace, so others - on the platform can access a remote image but have no access to the remote secret. - It also allows the image layers to be mirrored into the local registry which - the images can still be pulled even if the upstream registry is unavailable. - aliases: - - repository_reference_policy_type - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream_import: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec is a description of the images that the user wishes to import - type: complex - status: - description: - - Status is the the result of importing the image - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream_import', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream_list.py b/library/openshift_v1_image_stream_list.py deleted file mode 100644 index 2cf1ed9b..00000000 --- a/library/openshift_v1_image_stream_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream_list -short_description: OpenShift ImageStreamList -description: -- Retrieve a list of image_streams. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of imageStreams - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec describes the desired state of this stream - type: complex - status: - description: - - Status describes the current state of this stream - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream_mapping.py b/library/openshift_v1_image_stream_mapping.py deleted file mode 100644 index f11ff007..00000000 --- a/library/openshift_v1_image_stream_mapping.py +++ /dev/null @@ -1,235 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream_mapping -short_description: OpenShift ImageStreamMapping -description: -- Manage the lifecycle of a image_stream_mapping object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - image_api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - aliases: - - api_version - image_docker_image_config: - description: - - DockerImageConfig is a JSON blob that the runtime uses to set up the container. - This is a part of manifest schema v2. - aliases: - - docker_image_config - image_docker_image_layers: - description: - - DockerImageLayers represents the layers in the image. May not be set if the - image does not define that data. - aliases: - - docker_image_layers - type: list - image_docker_image_manifest: - description: - - DockerImageManifest is the raw JSON of the manifest - aliases: - - docker_image_manifest - image_docker_image_manifest_media_type: - description: - - DockerImageManifestMediaType specifies the mediaType of manifest. This is a - part of manifest schema v2. - aliases: - - docker_image_manifest_media_type - image_docker_image_metadata_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - image_docker_metadata_raw - image_docker_image_metadata_version: - description: - - DockerImageMetadataVersion conveys the version of the object, which if empty - defaults to "1.0" - aliases: - - docker_image_metadata_version - image_docker_image_reference: - description: - - DockerImageReference is the string that can be used to pull this image. - aliases: - - docker_image_reference - image_docker_image_signatures: - description: - - DockerImageSignatures provides the signatures as opaque blobs. This is a part - of manifest schema v1. - aliases: - - docker_image_signatures - type: list - image_kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - aliases: - - kind - image_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - image_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - image_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - image_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - image_signatures: - description: - - Signatures holds all signatures of the image. - aliases: - - signatures - type: list - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - tag: - description: - - Tag is a string value this image can be located with inside the stream. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream_mapping: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - image: - description: - - Image is a Docker image. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - tag: - description: - - Tag is a string value this image can be located with inside the stream. - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream_mapping', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream_tag.py b/library/openshift_v1_image_stream_tag.py deleted file mode 100644 index e276cde5..00000000 --- a/library/openshift_v1_image_stream_tag.py +++ /dev/null @@ -1,410 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream_tag -short_description: OpenShift ImageStreamTag -description: -- Manage the lifecycle of a image_stream_tag object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - conditions: - description: - - conditions is an array of conditions that apply to the image stream tag. - type: list - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - generation: - description: - - generation is the current generation of the tagged image - if tag is provided - and this value is not equal to the tag generation, a user has requested an import - that has not completed, or conditions will be filled out indicating any error. - type: int - host: - description: - - Provide a URL for acessing the Kubernetes API. - image_api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - aliases: - - api_version - image_docker_image_config: - description: - - DockerImageConfig is a JSON blob that the runtime uses to set up the container. - This is a part of manifest schema v2. - aliases: - - docker_image_config - image_docker_image_layers: - description: - - DockerImageLayers represents the layers in the image. May not be set if the - image does not define that data. - aliases: - - docker_image_layers - type: list - image_docker_image_manifest: - description: - - DockerImageManifest is the raw JSON of the manifest - aliases: - - docker_image_manifest - image_docker_image_manifest_media_type: - description: - - DockerImageManifestMediaType specifies the mediaType of manifest. This is a - part of manifest schema v2. - aliases: - - docker_image_manifest_media_type - image_docker_image_metadata_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - image_docker_metadata_raw - image_docker_image_metadata_version: - description: - - DockerImageMetadataVersion conveys the version of the object, which if empty - defaults to "1.0" - aliases: - - docker_image_metadata_version - image_docker_image_reference: - description: - - DockerImageReference is the string that can be used to pull this image. - aliases: - - docker_image_reference - image_docker_image_signatures: - description: - - DockerImageSignatures provides the signatures as opaque blobs. This is a part - of manifest schema v1. - aliases: - - docker_image_signatures - type: list - image_kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - aliases: - - kind - image_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - image_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - image_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - image_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - image_signatures: - description: - - Signatures holds all signatures of the image. - aliases: - - signatures - type: list - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - lookup_policy_local: - description: - - local will change the docker short image references (like "mysql" or "php:latest") - on objects in this namespace to the image ID whenever they match this image - stream, instead of reaching out to a remote registry. The name will be fully - qualified to an image ID if found. The tag's referencePolicy is taken into account - on the replaced value. Only works within the current namespace. - aliases: - - local - type: bool - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - tag_annotations: - description: - - Optional; if specified, annotations that are applied to images retrieved via - ImageStreamTags. - type: dict - tag_from_api_version: - description: - - API version of the referent. - tag_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - tag_from_kind: - description: - - Kind of the referent. - tag_from_name: - description: - - Name of the referent. - tag_from_namespace: - description: - - Namespace of the referent. - tag_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - tag_from_uid: - description: - - UID of the referent. - aliases: - - uid - tag_generation: - description: - - Generation is a counter that tracks mutations to the spec tag (user intent). - When a tag reference is changed the generation is set to match the current stream - generation (which is incremented every time spec is changed). Other processes - in the system like the image importer observe that the generation of spec tag - is newer than the generation recorded in the status and use that as a trigger - to import the newest remote tag. To trigger a new import, clients may set this - value to zero which will reset the generation to the latest stream generation. - Legacy clients will send this value as nil which will be merged with the current - tag generation. - type: int - tag_import_policy_insecure: - description: - - Insecure is true if the server may bypass certificate verification or connect - directly over HTTP during image import. - aliases: - - insecure - type: bool - tag_import_policy_scheduled: - description: - - Scheduled indicates to the server that this tag should be periodically checked - to ensure it is up to date, and imported - aliases: - - scheduled - type: bool - tag_name: - description: - - Name of the tag - tag_reference: - description: - - Reference states if the tag will be imported. Default value is false, which - means the tag will be imported. - aliases: - - reference - type: bool - tag_reference_policy_type: - description: - - Type determines how the image pull spec should be transformed when the image - stream tag is used in deployment config triggers or new builds. The default - value is `Source`, indicating the original location of the image should be used - (if imported). The user may also specify `Local`, indicating that the pull spec - should point to the integrated Docker registry and leverage the registry's ability - to proxy the pull to an upstream registry. `Local` allows the credentials used - to pull this image to be managed from the image stream's namespace, so others - on the platform can access a remote image but have no access to the remote secret. - It also allows the image layers to be mirrored into the local registry which - the images can still be pulled even if the upstream registry is unavailable. - aliases: - - type - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream_tag: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - conditions: - description: - - conditions is an array of conditions that apply to the image stream tag. - type: list - contains: - generation: - description: - - Generation is the spec tag generation that this status corresponds to - type: int - last_transition_time: - description: - - LastTransitionTIme is the time the condition transitioned from one status - to another. - type: complex - contains: {} - message: - description: - - Message is a human readable description of the details about last transition, - complementing reason. - type: str - reason: - description: - - Reason is a brief machine readable explanation for the condition's last - transition. - type: str - status: - description: - - Status of the condition, one of True, False, Unknown. - type: str - type: - description: - - Type of tag event condition, currently only ImportSuccess - type: str - generation: - description: - - generation is the current generation of the tagged image - if tag is provided - and this value is not equal to the tag generation, a user has requested an - import that has not completed, or conditions will be filled out indicating - any error. - type: int - image: - description: - - image associated with the ImageStream and tag. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - lookup_policy: - description: - - lookupPolicy indicates whether this tag will handle image references in this - namespace. - type: complex - metadata: - description: - - Standard object's metadata. - type: complex - tag: - description: - - tag is the spec tag associated with this image stream tag, and it may be null - if only pushes have occurred to this image stream. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream_tag', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream_tag_list.py b/library/openshift_v1_image_stream_tag_list.py deleted file mode 100644 index 182c11df..00000000 --- a/library/openshift_v1_image_stream_tag_list.py +++ /dev/null @@ -1,212 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream_tag_list -short_description: OpenShift ImageStreamTagList -description: -- Retrieve a list of image_stream_tags. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream_tag_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of image stream tags - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - conditions: - description: - - conditions is an array of conditions that apply to the image stream tag. - type: list - contains: - generation: - description: - - Generation is the spec tag generation that this status corresponds - to - type: int - last_transition_time: - description: - - LastTransitionTIme is the time the condition transitioned from one - status to another. - type: complex - contains: {} - message: - description: - - Message is a human readable description of the details about last - transition, complementing reason. - type: str - reason: - description: - - Reason is a brief machine readable explanation for the condition's - last transition. - type: str - status: - description: - - Status of the condition, one of True, False, Unknown. - type: str - type: - description: - - Type of tag event condition, currently only ImportSuccess - type: str - generation: - description: - - generation is the current generation of the tagged image - if tag is provided - and this value is not equal to the tag generation, a user has requested - an import that has not completed, or conditions will be filled out indicating - any error. - type: int - image: - description: - - image associated with the ImageStream and tag. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - lookup_policy: - description: - - lookupPolicy indicates whether this tag will handle image references in - this namespace. - type: complex - metadata: - description: - - Standard object's metadata. - type: complex - tag: - description: - - tag is the spec tag associated with this image stream tag, and it may - be null if only pushes have occurred to this image stream. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream_tag_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_net_namespace.py b/library/openshift_v1_net_namespace.py deleted file mode 100644 index 5169d535..00000000 --- a/library/openshift_v1_net_namespace.py +++ /dev/null @@ -1,191 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_net_namespace -short_description: OpenShift NetNamespace -description: -- Manage the lifecycle of a net_namespace object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - egress_i_ps: - description: - - EgressIPs is a list of reserved IPs that will be used as the source for external - traffic coming from pods in this namespace. (If empty, external traffic will - be masqueraded to Node IPs.) - type: list - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - netid: - description: - - NetID is the network identifier of the network namespace assigned to each overlay - network packet. This can be manipulated with the "oc adm pod-network" commands. - type: int - netname: - description: - - NetName is the name of the network namespace. (This is the same as the object's - name, but both fields must be set.) - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -net_namespace: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - egress_i_ps: - description: - - EgressIPs is a list of reserved IPs that will be used as the source for external - traffic coming from pods in this namespace. (If empty, external traffic will - be masqueraded to Node IPs.) - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - netid: - description: - - NetID is the network identifier of the network namespace assigned to each - overlay network packet. This can be manipulated with the "oc adm pod-network" - commands. - type: int - netname: - description: - - NetName is the name of the network namespace. (This is the same as the object's - name, but both fields must be set.) - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('net_namespace', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_net_namespace_list.py b/library/openshift_v1_net_namespace_list.py deleted file mode 100644 index 5bf9b834..00000000 --- a/library/openshift_v1_net_namespace_list.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_net_namespace_list -short_description: OpenShift NetNamespaceList -description: -- Retrieve a list of net_namespaces. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -net_namespace_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of net namespaces - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - egress_i_ps: - description: - - EgressIPs is a list of reserved IPs that will be used as the source for - external traffic coming from pods in this namespace. (If empty, external - traffic will be masqueraded to Node IPs.) - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - netid: - description: - - NetID is the network identifier of the network namespace assigned to each - overlay network packet. This can be manipulated with the "oc adm pod-network" - commands. - type: int - netname: - description: - - NetName is the name of the network namespace. (This is the same as the - object's name, but both fields must be set.) - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('net_namespace_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_access_token.py b/library/openshift_v1_o_auth_access_token.py deleted file mode 100644 index ed1d5a13..00000000 --- a/library/openshift_v1_o_auth_access_token.py +++ /dev/null @@ -1,229 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_access_token -short_description: OpenShift OAuthAccessToken -description: -- Manage the lifecycle of a o_auth_access_token object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - authorize_token: - description: - - AuthorizeToken contains the token that authorized this token - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - client_name: - description: - - ClientName references the client that created this token. - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - expires_in: - description: - - ExpiresIn is the seconds from CreationTime before this token expires. - type: int - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - inactivity_timeout_seconds: - description: - - InactivityTimeoutSeconds is the value in seconds, from the CreationTimestamp, - after which this token can no longer be used. The value is automatically incremented - when the token is used. - type: int - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - redirect_uri: - description: - - RedirectURI is the redirection associated with the token. - refresh_token: - description: - - RefreshToken is the value by which this token can be renewed. Can be blank. - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - scopes: - description: - - Scopes is an array of the requested scopes. - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - user_name: - description: - - UserName is the user name associated with this token - user_uid: - description: - - UserUID is the unique UID associated with this token - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_access_token: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - authorize_token: - description: - - AuthorizeToken contains the token that authorized this token - type: str - client_name: - description: - - ClientName references the client that created this token. - type: str - expires_in: - description: - - ExpiresIn is the seconds from CreationTime before this token expires. - type: int - inactivity_timeout_seconds: - description: - - InactivityTimeoutSeconds is the value in seconds, from the CreationTimestamp, - after which this token can no longer be used. The value is automatically incremented - when the token is used. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - redirect_uri: - description: - - RedirectURI is the redirection associated with the token. - type: str - refresh_token: - description: - - RefreshToken is the value by which this token can be renewed. Can be blank. - type: str - scopes: - description: - - Scopes is an array of the requested scopes. - type: list - contains: str - user_name: - description: - - UserName is the user name associated with this token - type: str - user_uid: - description: - - UserUID is the unique UID associated with this token - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_access_token', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_access_token_list.py b/library/openshift_v1_o_auth_access_token_list.py deleted file mode 100644 index 2cc561be..00000000 --- a/library/openshift_v1_o_auth_access_token_list.py +++ /dev/null @@ -1,196 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_access_token_list -short_description: OpenShift OAuthAccessTokenList -description: -- Retrieve a list of o_auth_access_tokens. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_access_token_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of OAuth access tokens - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - authorize_token: - description: - - AuthorizeToken contains the token that authorized this token - type: str - client_name: - description: - - ClientName references the client that created this token. - type: str - expires_in: - description: - - ExpiresIn is the seconds from CreationTime before this token expires. - type: int - inactivity_timeout_seconds: - description: - - InactivityTimeoutSeconds is the value in seconds, from the CreationTimestamp, - after which this token can no longer be used. The value is automatically - incremented when the token is used. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - redirect_uri: - description: - - RedirectURI is the redirection associated with the token. - type: str - refresh_token: - description: - - RefreshToken is the value by which this token can be renewed. Can be blank. - type: str - scopes: - description: - - Scopes is an array of the requested scopes. - type: list - contains: str - user_name: - description: - - UserName is the user name associated with this token - type: str - user_uid: - description: - - UserUID is the unique UID associated with this token - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_access_token_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_authorize_token.py b/library/openshift_v1_o_auth_authorize_token.py deleted file mode 100644 index c9452abd..00000000 --- a/library/openshift_v1_o_auth_authorize_token.py +++ /dev/null @@ -1,216 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_authorize_token -short_description: OpenShift OAuthAuthorizeToken -description: -- Manage the lifecycle of a o_auth_authorize_token object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - client_name: - description: - - ClientName references the client that created this token. - code_challenge: - description: - - CodeChallenge is the optional code_challenge associated with this authorization - code, as described in rfc7636 - code_challenge_method: - description: - - CodeChallengeMethod is the optional code_challenge_method associated with this - authorization code, as described in rfc7636 - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - expires_in: - description: - - ExpiresIn is the seconds from CreationTime before this token expires. - type: int - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - redirect_uri: - description: - - RedirectURI is the redirection associated with the token. - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - scopes: - description: - - Scopes is an array of the requested scopes. - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - State data from request - user_name: - description: - - UserName is the user name associated with this token - user_uid: - description: - - UserUID is the unique UID associated with this token. UserUID and UserName must - both match for this token to be valid. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_authorize_token: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - client_name: - description: - - ClientName references the client that created this token. - type: str - code_challenge: - description: - - CodeChallenge is the optional code_challenge associated with this authorization - code, as described in rfc7636 - type: str - code_challenge_method: - description: - - CodeChallengeMethod is the optional code_challenge_method associated with - this authorization code, as described in rfc7636 - type: str - expires_in: - description: - - ExpiresIn is the seconds from CreationTime before this token expires. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - redirect_uri: - description: - - RedirectURI is the redirection associated with the token. - type: str - scopes: - description: - - Scopes is an array of the requested scopes. - type: list - contains: str - state: - description: - - State data from request - type: str - user_name: - description: - - UserName is the user name associated with this token - type: str - user_uid: - description: - - UserUID is the unique UID associated with this token. UserUID and UserName - must both match for this token to be valid. - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_authorize_token', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_authorize_token_list.py b/library/openshift_v1_o_auth_authorize_token_list.py deleted file mode 100644 index 1fa25173..00000000 --- a/library/openshift_v1_o_auth_authorize_token_list.py +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_authorize_token_list -short_description: OpenShift OAuthAuthorizeTokenList -description: -- Retrieve a list of o_auth_authorize_tokens. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_authorize_token_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of OAuth authorization tokens - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - client_name: - description: - - ClientName references the client that created this token. - type: str - code_challenge: - description: - - CodeChallenge is the optional code_challenge associated with this authorization - code, as described in rfc7636 - type: str - code_challenge_method: - description: - - CodeChallengeMethod is the optional code_challenge_method associated with - this authorization code, as described in rfc7636 - type: str - expires_in: - description: - - ExpiresIn is the seconds from CreationTime before this token expires. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - redirect_uri: - description: - - RedirectURI is the redirection associated with the token. - type: str - scopes: - description: - - Scopes is an array of the requested scopes. - type: list - contains: str - state: - description: - - State data from request - type: str - user_name: - description: - - UserName is the user name associated with this token - type: str - user_uid: - description: - - UserUID is the unique UID associated with this token. UserUID and UserName - must both match for this token to be valid. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_authorize_token_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_client.py b/library/openshift_v1_o_auth_client.py deleted file mode 100644 index 1fe0f24f..00000000 --- a/library/openshift_v1_o_auth_client.py +++ /dev/null @@ -1,268 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_client -short_description: OpenShift OAuthClient -description: -- Manage the lifecycle of a o_auth_client object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - access_token_inactivity_timeout_seconds: - description: - - 'AccessTokenInactivityTimeoutSeconds overrides the default token inactivity - timeout for tokens granted to this client. The value represents the maximum - amount of time that can occur between consecutive uses of the token. Tokens - become invalid if they are not used within this temporal window. The user will - need to acquire a new token to regain access once a token times out. This value - needs to be set only if the default set in configuration is not appropriate - for this client. Valid values are: - 0: Tokens for this client never time out - - X: Tokens time out if there is no activity for X seconds The current minimum - allowed value for X is 300 (5 minutes)' - type: int - access_token_max_age_seconds: - description: - - AccessTokenMaxAgeSeconds overrides the default access token max age for tokens - granted to this client. 0 means no expiration. - type: int - additional_secrets: - description: - - AdditionalSecrets holds other secrets that may be used to identify the client. - This is useful for rotation and for service account token validation - type: list - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - grant_method: - description: - - 'GrantMethod determines how to handle grants for this client. If no method is - provided, the cluster default grant handling method will be used. Valid grant - handling methods are: - auto: always approves grant requests, useful for trusted - clients - prompt: prompts the end user for approval of grant requests, useful - for third-party clients - deny: always denies grant requests, useful for black-listed - clients' - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - redirect_ur_is: - description: - - RedirectURIs is the valid redirection URIs associated with a client - type: list - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - respond_with_challenges: - description: - - RespondWithChallenges indicates whether the client wants authentication needed - responses made in the form of challenges instead of redirects - type: bool - scope_restrictions: - description: - - ScopeRestrictions describes which scopes this client can request. Each requested - scope is checked against each restriction. If any restriction matches, then - the scope is allowed. If no restriction matches, then the scope is denied. - type: list - secret: - description: - - Secret is the unique secret associated with a client - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_client: - type: complex - returned: when I(state) = C(present) - contains: - access_token_inactivity_timeout_seconds: - description: - - 'AccessTokenInactivityTimeoutSeconds overrides the default token inactivity - timeout for tokens granted to this client. The value represents the maximum - amount of time that can occur between consecutive uses of the token. Tokens - become invalid if they are not used within this temporal window. The user - will need to acquire a new token to regain access once a token times out. - This value needs to be set only if the default set in configuration is not - appropriate for this client. Valid values are: - 0: Tokens for this client - never time out - X: Tokens time out if there is no activity for X seconds - The current minimum allowed value for X is 300 (5 minutes)' - type: int - access_token_max_age_seconds: - description: - - AccessTokenMaxAgeSeconds overrides the default access token max age for tokens - granted to this client. 0 means no expiration. - type: int - additional_secrets: - description: - - AdditionalSecrets holds other secrets that may be used to identify the client. - This is useful for rotation and for service account token validation - type: list - contains: str - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - grant_method: - description: - - 'GrantMethod determines how to handle grants for this client. If no method - is provided, the cluster default grant handling method will be used. Valid - grant handling methods are: - auto: always approves grant requests, useful - for trusted clients - prompt: prompts the end user for approval of grant requests, - useful for third-party clients - deny: always denies grant requests, useful - for black-listed clients' - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - redirect_ur_is: - description: - - RedirectURIs is the valid redirection URIs associated with a client - type: list - contains: str - respond_with_challenges: - description: - - RespondWithChallenges indicates whether the client wants authentication needed - responses made in the form of challenges instead of redirects - type: bool - scope_restrictions: - description: - - ScopeRestrictions describes which scopes this client can request. Each requested - scope is checked against each restriction. If any restriction matches, then - the scope is allowed. If no restriction matches, then the scope is denied. - type: list - contains: - cluster_role: - description: - - ClusterRole describes a set of restrictions for cluster role scoping. - type: complex - literals: - description: - - ExactValues means the scope has to match a particular set of strings exactly - type: list - contains: str - secret: - description: - - Secret is the unique secret associated with a client - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_client', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_client_authorization.py b/library/openshift_v1_o_auth_client_authorization.py deleted file mode 100644 index 41baccb6..00000000 --- a/library/openshift_v1_o_auth_client_authorization.py +++ /dev/null @@ -1,190 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_client_authorization -short_description: OpenShift OAuthClientAuthorization -description: -- Manage the lifecycle of a o_auth_client_authorization object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - client_name: - description: - - ClientName references the client that created this authorization - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - scopes: - description: - - Scopes is an array of the granted scopes. - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - user_name: - description: - - UserName is the user name that authorized this client - user_uid: - description: - - UserUID is the unique UID associated with this authorization. UserUID and UserName - must both match for this authorization to be valid. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_client_authorization: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - client_name: - description: - - ClientName references the client that created this authorization - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - scopes: - description: - - Scopes is an array of the granted scopes. - type: list - contains: str - user_name: - description: - - UserName is the user name that authorized this client - type: str - user_uid: - description: - - UserUID is the unique UID associated with this authorization. UserUID and - UserName must both match for this authorization to be valid. - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_client_authorization', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_client_authorization_list.py b/library/openshift_v1_o_auth_client_authorization_list.py deleted file mode 100644 index 755a729a..00000000 --- a/library/openshift_v1_o_auth_client_authorization_list.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_client_authorization_list -short_description: OpenShift OAuthClientAuthorizationList -description: -- Retrieve a list of o_auth_client_authorizations. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_client_authorization_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of OAuth client authorizations - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - client_name: - description: - - ClientName references the client that created this authorization - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - scopes: - description: - - Scopes is an array of the granted scopes. - type: list - contains: str - user_name: - description: - - UserName is the user name that authorized this client - type: str - user_uid: - description: - - UserUID is the unique UID associated with this authorization. UserUID - and UserName must both match for this authorization to be valid. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_client_authorization_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_client_list.py b/library/openshift_v1_o_auth_client_list.py deleted file mode 100644 index d6737685..00000000 --- a/library/openshift_v1_o_auth_client_list.py +++ /dev/null @@ -1,221 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_client_list -short_description: OpenShift OAuthClientList -description: -- Retrieve a list of o_auth_clients. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_client_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of OAuth clients - type: list - contains: - access_token_inactivity_timeout_seconds: - description: - - 'AccessTokenInactivityTimeoutSeconds overrides the default token inactivity - timeout for tokens granted to this client. The value represents the maximum - amount of time that can occur between consecutive uses of the token. Tokens - become invalid if they are not used within this temporal window. The user - will need to acquire a new token to regain access once a token times out. - This value needs to be set only if the default set in configuration is - not appropriate for this client. Valid values are: - 0: Tokens for this - client never time out - X: Tokens time out if there is no activity for - X seconds The current minimum allowed value for X is 300 (5 minutes)' - type: int - access_token_max_age_seconds: - description: - - AccessTokenMaxAgeSeconds overrides the default access token max age for - tokens granted to this client. 0 means no expiration. - type: int - additional_secrets: - description: - - AdditionalSecrets holds other secrets that may be used to identify the - client. This is useful for rotation and for service account token validation - type: list - contains: str - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - grant_method: - description: - - 'GrantMethod determines how to handle grants for this client. If no method - is provided, the cluster default grant handling method will be used. Valid - grant handling methods are: - auto: always approves grant requests, useful - for trusted clients - prompt: prompts the end user for approval of grant - requests, useful for third-party clients - deny: always denies grant requests, - useful for black-listed clients' - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - redirect_ur_is: - description: - - RedirectURIs is the valid redirection URIs associated with a client - type: list - contains: str - respond_with_challenges: - description: - - RespondWithChallenges indicates whether the client wants authentication - needed responses made in the form of challenges instead of redirects - type: bool - scope_restrictions: - description: - - ScopeRestrictions describes which scopes this client can request. Each - requested scope is checked against each restriction. If any restriction - matches, then the scope is allowed. If no restriction matches, then the - scope is denied. - type: list - contains: - cluster_role: - description: - - ClusterRole describes a set of restrictions for cluster role scoping. - type: complex - literals: - description: - - ExactValues means the scope has to match a particular set of strings - exactly - type: list - contains: str - secret: - description: - - Secret is the unique secret associated with a client - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_client_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_pod_security_policy_review.py b/library/openshift_v1_pod_security_policy_review.py deleted file mode 100644 index dc9f26bd..00000000 --- a/library/openshift_v1_pod_security_policy_review.py +++ /dev/null @@ -1,446 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_pod_security_policy_review -short_description: OpenShift PodSecurityPolicyReview -description: -- Manage the lifecycle of a pod_security_policy_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_service_account_names: - description: - - serviceAccountNames is an optional set of ServiceAccounts to run the check with. - If serviceAccountNames is empty, the template.spec.serviceAccountName is used, - unless it's empty, in which case "default" is used instead. If serviceAccountNames - is specified, template.spec.serviceAccountName is ignored. - aliases: - - service_account_names - type: list - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_security_policy_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - spec: - description: - - spec is the PodSecurityPolicy to check. - type: complex - status: - description: - - status represents the current information/status for the PodSecurityPolicyReview. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('pod_security_policy_review', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_pod_security_policy_self_subject_review.py b/library/openshift_v1_pod_security_policy_self_subject_review.py deleted file mode 100644 index 492bf0e6..00000000 --- a/library/openshift_v1_pod_security_policy_self_subject_review.py +++ /dev/null @@ -1,437 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_pod_security_policy_self_subject_review -short_description: OpenShift PodSecurityPolicySelfSubjectReview -description: -- Manage the lifecycle of a pod_security_policy_self_subject_review object. Supports - check mode, and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_security_policy_self_subject_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - spec: - description: - - spec defines specification the PodSecurityPolicySelfSubjectReview. - type: complex - status: - description: - - status represents the current information/status for the PodSecurityPolicySelfSubjectReview. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('pod_security_policy_self_subject_review', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_pod_security_policy_subject_review.py b/library/openshift_v1_pod_security_policy_subject_review.py deleted file mode 100644 index a6563aa4..00000000 --- a/library/openshift_v1_pod_security_policy_subject_review.py +++ /dev/null @@ -1,451 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_pod_security_policy_subject_review -short_description: OpenShift PodSecurityPolicySubjectReview -description: -- Manage the lifecycle of a pod_security_policy_subject_review object. Supports check - mode, and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_groups: - description: - - groups is the groups you're testing for. - aliases: - - groups - type: list - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_user: - description: - - user is the user you're testing for. If you specify "user" but not "group", - then is it interpreted as "What if user were not a member of any groups. If - user and groups are empty, then the check is performed using *only* the serviceAccountName - in the template. - aliases: - - user - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_security_policy_subject_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - spec: - description: - - spec defines specification for the PodSecurityPolicySubjectReview. - type: complex - status: - description: - - status represents the current information/status for the PodSecurityPolicySubjectReview. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('pod_security_policy_subject_review', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_project.py b/library/openshift_v1_project.py deleted file mode 100644 index 1ad523f1..00000000 --- a/library/openshift_v1_project.py +++ /dev/null @@ -1,188 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_project -short_description: OpenShift Project -description: -- Manage the lifecycle of a project object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - description: - description: - - Provides a brief overview or narrative for the project. - display_name: - description: - - Provides a descriptive name for the project. - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_finalizers: - description: - - Finalizers is an opaque list of values that must be empty to permanently remove - object from storage - aliases: - - finalizers - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -- name: Create project - openshift_v1_project.yml: - name: example - state: present - -- name: Remove project - openshift_v1_project.yml: - name: example - state: absent -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -project: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of the Namespace. - type: complex - status: - description: - - Status describes the current status of a Namespace - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('project', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_project_list.py b/library/openshift_v1_project_list.py deleted file mode 100644 index 5b3c1c07..00000000 --- a/library/openshift_v1_project_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_project_list -short_description: OpenShift ProjectList -description: -- Retrieve a list of projects. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -project_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of projects - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of the Namespace. - type: complex - status: - description: - - Status describes the current status of a Namespace - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('project_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_replica_set.py b/library/openshift_v1_replica_set.py deleted file mode 100644 index 3d3f48f6..00000000 --- a/library/openshift_v1_replica_set.py +++ /dev/null @@ -1,521 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_replica_set -short_description: OpenShift ReplicaSet -description: -- Manage the lifecycle of a replica_set object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_replicas: - description: - - Replicas is the number of desired replicas. This is a pointer to distinguish - between explicit zero and unspecified. Defaults to 1. - aliases: - - replicas - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replica_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicaSet are empty, they are defaulted to be the same - as the Pod(s) that the ReplicaSet manages. Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the ReplicaSet. - type: complex - status: - description: - - Status is the most recently observed status of the ReplicaSet. This data may - be out of date by some window of time. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('replica_set', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_replica_set_list.py b/library/openshift_v1_replica_set_list.py deleted file mode 100644 index af37202c..00000000 --- a/library/openshift_v1_replica_set_list.py +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_replica_set_list -short_description: OpenShift ReplicaSetList -description: -- Retrieve a list of replica_sets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replica_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ReplicaSets. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicaSet are empty, they are defaulted to be the - same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the ReplicaSet. - type: complex - status: - description: - - Status is the most recently observed status of the ReplicaSet. This data - may be out of date by some window of time. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('replica_set_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_role.py b/library/openshift_v1_role.py deleted file mode 100644 index 7d3b5575..00000000 --- a/library/openshift_v1_role.py +++ /dev/null @@ -1,208 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_role -short_description: OpenShift Role -description: -- Manage the lifecycle of a role object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - this field is empty, then both kubernetes and origin API groups are assumed. - That means that if an action is requested against one of the enumerated - resources in either the kubernetes or the origin API group, the request - will be allowed - type: list - contains: str - attribute_restrictions: - description: - - AttributeRestrictions will vary depending on what the Authorizer/AuthorizationAttributeBuilder - pair supports. If the Authorizer does not recognize how to handle the - AttributeRestrictions, the Authorizer should report an error. - type: complex - non_resource_ur_ls: - description: - - NonResourceURLsSlice is a set of partial urls that a user should have - access to. *s are allowed, but only as the full, final step in the path - This name is intentionally different than the internal type so that the - DefaultConvert works nicely and because the ordering may be different. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('role', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_role_binding.py b/library/openshift_v1_role_binding.py deleted file mode 100644 index 5029d7a7..00000000 --- a/library/openshift_v1_role_binding.py +++ /dev/null @@ -1,281 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_role_binding -short_description: OpenShift RoleBinding -description: -- Manage the lifecycle of a role_binding object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - group_names: - description: - - GroupNames holds all the groups directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects for - further details. - type: list - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_version: - description: - - API version of the referent. - aliases: - - api_version - role_ref_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - role_ref_kind: - description: - - Kind of the referent. - aliases: - - kind - role_ref_name: - description: - - Name of the referent. - role_ref_namespace: - description: - - Namespace of the referent. - role_ref_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - role_ref_uid: - description: - - UID of the referent. - aliases: - - uid - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects hold object references to authorize with this rule. This field is ignored - if UserNames or GroupNames are specified to support legacy clients and servers. - Thus newer clients that do not need to support backwards compatibility should - send only fully qualified Subjects and should omit the UserNames and GroupNames - fields. Clients that need to support backwards compatibility can use this field - to build the UserNames and GroupNames. - type: list - user_names: - description: - - UserNames holds all the usernames directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects for - further details. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - group_names: - description: - - GroupNames holds all the groups directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects - for further details. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference the current namespace and the global namespace. - If the RoleRef cannot be resolved, the Authorizer must return an error. Since - Policy is a singleton, this is sufficient knowledge to locate a role. - type: complex - subjects: - description: - - Subjects hold object references to authorize with this rule. This field is - ignored if UserNames or GroupNames are specified to support legacy clients - and servers. Thus newer clients that do not need to support backwards compatibility - should send only fully qualified Subjects and should omit the UserNames and - GroupNames fields. Clients that need to support backwards compatibility can - use this field to build the UserNames and GroupNames. - type: list - contains: - api_version: - description: - - API version of the referent. - type: str - field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this - string should contain a valid JSON/Go field access statement, such as - desiredState.manifest.containers[2]. For example, if the object reference - is to a container within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered the event) - or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object.' - type: str - kind: - description: - - Kind of the referent. - type: str - name: - description: - - Name of the referent. - type: str - namespace: - description: - - Namespace of the referent. - type: str - resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - type: str - uid: - description: - - UID of the referent. - type: str - user_names: - description: - - UserNames holds all the usernames directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects - for further details. - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('role_binding', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_role_binding_list.py b/library/openshift_v1_role_binding_list.py deleted file mode 100644 index 64a4c42f..00000000 --- a/library/openshift_v1_role_binding_list.py +++ /dev/null @@ -1,224 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_role_binding_list -short_description: OpenShift RoleBindingList -description: -- Retrieve a list of role_bindings. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of RoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - group_names: - description: - - GroupNames holds all the groups directly bound to the role. This field - should only be specified when supporting legacy clients and servers. See - Subjects for further details. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference the current namespace and the global namespace. - If the RoleRef cannot be resolved, the Authorizer must return an error. - Since Policy is a singleton, this is sufficient knowledge to locate a - role. - type: complex - subjects: - description: - - Subjects hold object references to authorize with this rule. This field - is ignored if UserNames or GroupNames are specified to support legacy - clients and servers. Thus newer clients that do not need to support backwards - compatibility should send only fully qualified Subjects and should omit - the UserNames and GroupNames fields. Clients that need to support backwards - compatibility can use this field to build the UserNames and GroupNames. - type: list - contains: - api_version: - description: - - API version of the referent. - type: str - field_path: - description: - - 'If referring to a piece of an object instead of an entire object, - this string should contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For example, if the object - reference is to a container within a pod, this would take on a value - like: "spec.containers{name}" (where "name" refers to the name of - the container that triggered the event) or if no container name is - specified "spec.containers[2]" (container with index 2 in this pod). - This syntax is chosen only to have some well-defined way of referencing - a part of an object.' - type: str - kind: - description: - - Kind of the referent. - type: str - name: - description: - - Name of the referent. - type: str - namespace: - description: - - Namespace of the referent. - type: str - resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - type: str - uid: - description: - - UID of the referent. - type: str - user_names: - description: - - UserNames holds all the usernames directly bound to the role. This field - should only be specified when supporting legacy clients and servers. See - Subjects for further details. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('role_binding_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_role_binding_restriction.py b/library/openshift_v1_role_binding_restriction.py deleted file mode 100644 index 1f9746b0..00000000 --- a/library/openshift_v1_role_binding_restriction.py +++ /dev/null @@ -1,206 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_role_binding_restriction -short_description: OpenShift RoleBindingRestriction -description: -- Manage the lifecycle of a role_binding_restriction object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_grouprestriction_groups: - description: - - Groups is a list of groups used to match against an individual user's groups. - If the user is a member of one of the whitelisted groups, the user is allowed - to be bound to a role. - aliases: - - grouprestriction_groups - type: list - spec_grouprestriction_labels: - description: - - Selectors specifies a list of label selectors over group labels. - aliases: - - grouprestriction_labels - type: list - spec_serviceaccountrestriction_namespaces: - description: - - Namespaces specifies a list of literal namespace names. - aliases: - - serviceaccountrestriction_namespaces - type: list - spec_serviceaccountrestriction_serviceaccounts: - description: - - ServiceAccounts specifies a list of literal service-account names. - aliases: - - serviceaccountrestriction_serviceaccounts - type: list - spec_userrestriction_groups: - description: - - Groups specifies a list of literal group names. - aliases: - - userrestriction_groups - type: list - spec_userrestriction_labels: - description: - - Selectors specifies a list of label selectors over user labels. - aliases: - - userrestriction_labels - type: list - spec_userrestriction_users: - description: - - Users specifies a list of literal user names. - aliases: - - userrestriction_users - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding_restriction: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the matcher. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('role_binding_restriction', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_role_binding_restriction_list.py b/library/openshift_v1_role_binding_restriction_list.py deleted file mode 100644 index ff0d5aa4..00000000 --- a/library/openshift_v1_role_binding_restriction_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_role_binding_restriction_list -short_description: OpenShift RoleBindingRestrictionList -description: -- Retrieve a list of role_binding_restrictions. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding_restriction_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of RoleBindingRestriction objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the matcher. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('role_binding_restriction_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_role_list.py b/library/openshift_v1_role_list.py deleted file mode 100644 index eaba63d0..00000000 --- a/library/openshift_v1_role_list.py +++ /dev/null @@ -1,204 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_role_list -short_description: OpenShift RoleList -description: -- Retrieve a list of roles. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of Roles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If this field is empty, then both kubernetes and origin API groups - are assumed. That means that if an action is requested against one - of the enumerated resources in either the kubernetes or the origin - API group, the request will be allowed - type: list - contains: str - attribute_restrictions: - description: - - AttributeRestrictions will vary depending on what the Authorizer/AuthorizationAttributeBuilder - pair supports. If the Authorizer does not recognize how to handle - the AttributeRestrictions, the Authorizer should report an error. - type: complex - non_resource_ur_ls: - description: - - NonResourceURLsSlice is a set of partial urls that a user should have - access to. *s are allowed, but only as the full, final step in the - path This name is intentionally different than the internal type so - that the DefaultConvert works nicely and because the ordering may - be different. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('role_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_route.py b/library/openshift_v1_route.py deleted file mode 100644 index 9fd5ac94..00000000 --- a/library/openshift_v1_route.py +++ /dev/null @@ -1,304 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_route -short_description: OpenShift Route -description: -- Manage the lifecycle of a route object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_alternate_backends: - description: - - alternateBackends allows up to 3 additional backends to be assigned to the route. - Only the Service kind is allowed, and it will be defaulted to Service. Use the - weight field in RouteTargetReference object to specify relative preference. - aliases: - - alternate_backends - type: list - spec_host: - description: - - host is an alias/DNS that points to the service. Optional. If not specified - a route name will typically be automatically chosen. Must follow DNS952 subdomain - conventions. - spec_path: - description: - - Path that the router watches for, to route traffic for to the service. Optional - aliases: - - path - spec_port_target_port: - description: - - The target port on pods selected by the service this route points to. If this - is a string, it will be looked up as a named port in the target endpoints port - list. Required - aliases: - - port_target_port - type: object - spec_tls_ca_certificate: - description: - - caCertificate provides the cert authority certificate contents - aliases: - - tls_ca_certificate - spec_tls_certificate: - description: - - certificate provides certificate contents - aliases: - - tls_certificate - spec_tls_destination_ca_certificate: - description: - - destinationCACertificate provides the contents of the ca certificate of the - final destination. When using reencrypt termination this file should be provided - in order to have routers use it for health checks on the secure connection. - If this field is not specified, the router may provide its own destination CA - and perform hostname validation using the short service name (service.namespace.svc), - which allows infrastructure generated certificates to automatically verify. - aliases: - - tls_destination_ca_certificate - spec_tls_insecure_edge_termination_policy: - description: - - insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections - to a route. While each router may make its own decisions on which ports to expose, - this is normally port 80. * Allow - traffic is sent to the server on the insecure - port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - - clients are redirected to the secure port. - aliases: - - tls_insecure_edge_termination_policy - spec_tls_key: - description: - - key provides key file contents - aliases: - - tls_key - spec_tls_termination: - description: - - termination indicates termination type. - aliases: - - tls_termination - spec_to_kind: - description: - - The kind of target that the route is referring to. Currently, only 'Service' - is allowed - aliases: - - to_kind - spec_to_name: - description: - - name of the service/target that is being referred to. e.g. name of the service - aliases: - - to_name - spec_to_weight: - description: - - weight as an integer between 0 and 256, default 1, that specifies the target's - relative weight against other target reference objects. 0 suppresses requests - to this backend. - aliases: - - to_weight - type: int - spec_wildcard_policy: - description: - - Wildcard policy if any for the route. Currently only 'Subdomain' or 'None' is - allowed. - aliases: - - wildcard_policy - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -- name: Create route - openshift_v1_route.yml: - name: myroute - namespace: k8s-project - state: present - host: www.example.com - spec_to_kind: Service - spec_to_name: service-name - tls_termination: edge - tls_key: |- - -----BEGIN PRIVATE KEY----- - key_file_contents - -----END PRIVATE KEY----- - tls_certificate: |- - -----BEGIN CERTIFICATE----- - certificate contents - -----END CERTIFICATE----- - tls_ca_certificate: |- - -----BEGIN CERTIFICATE----- - ca_certificate_contents - -----END CERTIFICATE----- - -- name: Patch route - openshift_v1_route.yml: - name: myroute - namespace: k8s-project - state: present - host: www.example.com - tls_termination: reencrypt - spec_to_kind: Service - spec_to_name: other-service-name - -- name: Replace route - openshift_v1_route.yml: - name: myroute - namespace: k8s-project - state: replaced - host: www.example.com - path: /foo/bar/baz.html - spec_to_kind: Service - spec_to_name: whimsy-name - tls_termination: edge - -- name: Remove route - openshift_v1_route.yml: - name: myroute - namespace: k8s-project - state: absent -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -route: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - spec is the desired state of the route - type: complex - status: - description: - - status is the current state of the route - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('route', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_route_list.py b/library/openshift_v1_route_list.py deleted file mode 100644 index 3e6ae269..00000000 --- a/library/openshift_v1_route_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_route_list -short_description: OpenShift RouteList -description: -- Retrieve a list of routes. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -route_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is a list of routes - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - spec is the desired state of the route - type: complex - status: - description: - - status is the current state of the route - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('route_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_security_context_constraints.py b/library/openshift_v1_security_context_constraints.py deleted file mode 100644 index 48b94687..00000000 --- a/library/openshift_v1_security_context_constraints.py +++ /dev/null @@ -1,434 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_security_context_constraints -short_description: OpenShift SecurityContextConstraints -description: -- Manage the lifecycle of a security_context_constraints object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - allow_host_dir_volume_plugin: - description: - - AllowHostDirVolumePlugin determines if the policy allow containers to use the - HostDir volume plugin - type: bool - allow_host_ipc: - description: - - AllowHostIPC determines if the policy allows host ipc in the containers. - type: bool - allow_host_network: - description: - - AllowHostNetwork determines if the policy allows the use of HostNetwork in the - pod spec. - type: bool - allow_host_pid: - description: - - AllowHostPID determines if the policy allows host pid in the containers. - type: bool - allow_host_ports: - description: - - AllowHostPorts determines if the policy allows host ports in the containers. - type: bool - allow_privileged_container: - description: - - AllowPrivilegedContainer determines if a container can request to be run as - privileged. - type: bool - allowed_capabilities: - description: - - AllowedCapabilities is a list of capabilities that can be requested to add to - the container. Capabilities in this field maybe added at the pod author's discretion. - You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities. - To allow all capabilities you may use '*'. - type: list - allowed_flex_volumes: - description: - - AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates - that all Flexvolumes may be used. This parameter is effective only when the - usage of the Flexvolumes is allowed in the "Volumes" field. - type: list - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - default_add_capabilities: - description: - - DefaultAddCapabilities is the default set of capabilities that will be added - to the container unless the pod spec specifically drops the capability. You - may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities. - type: list - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - fs_group_ranges: - description: - - Ranges are the allowed ranges of fs groups. If you would like to force a single - fs group then supply a single range with the same start and end. - aliases: - - ranges - type: list - fs_group_type: - description: - - Type is the strategy that will dictate what FSGroup is used in the SecurityContext. - aliases: - - type - groups: - description: - - The groups that have permission to use this security context constraints - type: list - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - priority: - description: - - Priority influences the sort order of SCCs when evaluating which SCCs to try - first for a given pod request based on access in the Users and Groups fields. - The higher the int, the higher priority. An unset value is considered a 0 priority. - If scores for multiple SCCs are equal they will be sorted from most restrictive - to least restrictive. If both priorities and restrictions are equal the SCCs - will be sorted by name. - type: int - read_only_root_filesystem: - description: - - ReadOnlyRootFilesystem when set to true will force containers to run with a - read only root file system. If the container specifically requests to run with - a non-read only root file system the SCC should deny the pod. If set to false - the container may run with a read only root file system if it wishes but it - will not be forced to. - type: bool - required_drop_capabilities: - description: - - RequiredDropCapabilities are the capabilities that will be dropped from the - container. These are required to be dropped and cannot be added. - type: list - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - run_as_user_type: - description: - - Type is the strategy that will dictate what RunAsUser is used in the SecurityContext. - run_as_user_uid: - description: - - UID is the user id that containers must run as. Required for the MustRunAs strategy - if not using namespace/service account allocated uids. - aliases: - - uid - type: int - run_as_user_uid_range_max: - description: - - UIDRangeMax defines the max value for a strategy that allocates by range. - aliases: - - uid_range_max - type: int - run_as_user_uid_range_min: - description: - - UIDRangeMin defines the min value for a strategy that allocates by range. - aliases: - - uid_range_min - type: int - se_linux_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - level - se_linux_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - role - se_linux_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - se_linux_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - user - se_linux_context_type: - description: - - Type is the strategy that will dictate what SELinux context is used in the SecurityContext. - seccomp_profiles: - description: - - SeccompProfiles lists the allowed profiles that may be set for the pod or container's - seccomp annotations. An unset (nil) or empty value means that no profiles may - be specifid by the pod or container. The wildcard '*' may be used to allow all - profiles. When used to generate a value for a pod the first non-wildcard profile - will be used as the default. - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - supplemental_groups_ranges: - description: - - Ranges are the allowed ranges of supplemental groups. If you would like to force - a single supplemental group then supply a single range with the same start and - end. - type: list - supplemental_groups_type: - description: - - Type is the strategy that will dictate what supplemental groups is used in the - SecurityContext. - username: - description: - - Provide a username for connecting to the API. - users: - description: - - The users who have permissions to use this security context constraints - type: list - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool - volumes: - description: - - Volumes is a white list of allowed volume plugins. FSType corresponds directly - with the field names of a VolumeSource (azureFile, configMap, emptyDir). To - allow all volumes you may use "*". To allow no volumes, set to ["none"]. - type: list -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -security_context_constraints: - type: complex - returned: when I(state) = C(present) - contains: - allow_host_dir_volume_plugin: - description: - - AllowHostDirVolumePlugin determines if the policy allow containers to use - the HostDir volume plugin - type: bool - allow_host_ipc: - description: - - AllowHostIPC determines if the policy allows host ipc in the containers. - type: bool - allow_host_network: - description: - - AllowHostNetwork determines if the policy allows the use of HostNetwork in - the pod spec. - type: bool - allow_host_pid: - description: - - AllowHostPID determines if the policy allows host pid in the containers. - type: bool - allow_host_ports: - description: - - AllowHostPorts determines if the policy allows host ports in the containers. - type: bool - allow_privileged_container: - description: - - AllowPrivilegedContainer determines if a container can request to be run as - privileged. - type: bool - allowed_capabilities: - description: - - AllowedCapabilities is a list of capabilities that can be requested to add - to the container. Capabilities in this field maybe added at the pod author's - discretion. You must not list a capability in both AllowedCapabilities and - RequiredDropCapabilities. To allow all capabilities you may use '*'. - type: list - contains: str - allowed_flex_volumes: - description: - - AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates - that all Flexvolumes may be used. This parameter is effective only when the - usage of the Flexvolumes is allowed in the "Volumes" field. - type: list - contains: - driver: - description: - - Driver is the name of the Flexvolume driver. - type: str - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - default_add_capabilities: - description: - - DefaultAddCapabilities is the default set of capabilities that will be added - to the container unless the pod spec specifically drops the capability. You - may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities. - type: list - contains: str - fs_group: - description: - - FSGroup is the strategy that will dictate what fs group is used by the SecurityContext. - type: complex - groups: - description: - - The groups that have permission to use this security context constraints - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - priority: - description: - - Priority influences the sort order of SCCs when evaluating which SCCs to try - first for a given pod request based on access in the Users and Groups fields. - The higher the int, the higher priority. An unset value is considered a 0 - priority. If scores for multiple SCCs are equal they will be sorted from most - restrictive to least restrictive. If both priorities and restrictions are - equal the SCCs will be sorted by name. - type: int - read_only_root_filesystem: - description: - - ReadOnlyRootFilesystem when set to true will force containers to run with - a read only root file system. If the container specifically requests to run - with a non-read only root file system the SCC should deny the pod. If set - to false the container may run with a read only root file system if it wishes - but it will not be forced to. - type: bool - required_drop_capabilities: - description: - - RequiredDropCapabilities are the capabilities that will be dropped from the - container. These are required to be dropped and cannot be added. - type: list - contains: str - run_as_user: - description: - - RunAsUser is the strategy that will dictate what RunAsUser is used in the - SecurityContext. - type: complex - se_linux_context: - description: - - SELinuxContext is the strategy that will dictate what labels will be set in - the SecurityContext. - type: complex - seccomp_profiles: - description: - - SeccompProfiles lists the allowed profiles that may be set for the pod or - container's seccomp annotations. An unset (nil) or empty value means that - no profiles may be specifid by the pod or container. The wildcard '*' may - be used to allow all profiles. When used to generate a value for a pod the - first non-wildcard profile will be used as the default. - type: list - contains: str - supplemental_groups: - description: - - SupplementalGroups is the strategy that will dictate what supplemental groups - are used by the SecurityContext. - type: complex - users: - description: - - The users who have permissions to use this security context constraints - type: list - contains: str - volumes: - description: - - Volumes is a white list of allowed volume plugins. FSType corresponds directly - with the field names of a VolumeSource (azureFile, configMap, emptyDir). To - allow all volumes you may use "*". To allow no volumes, set to ["none"]. - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('security_context_constraints', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_security_context_constraints_list.py b/library/openshift_v1_security_context_constraints_list.py deleted file mode 100644 index d2341f1d..00000000 --- a/library/openshift_v1_security_context_constraints_list.py +++ /dev/null @@ -1,280 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_security_context_constraints_list -short_description: OpenShift SecurityContextConstraintsList -description: -- Retrieve a list of security_context_constraints. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -security_context_constraints_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of security context constraints. - type: list - contains: - allow_host_dir_volume_plugin: - description: - - AllowHostDirVolumePlugin determines if the policy allow containers to - use the HostDir volume plugin - type: bool - allow_host_ipc: - description: - - AllowHostIPC determines if the policy allows host ipc in the containers. - type: bool - allow_host_network: - description: - - AllowHostNetwork determines if the policy allows the use of HostNetwork - in the pod spec. - type: bool - allow_host_pid: - description: - - AllowHostPID determines if the policy allows host pid in the containers. - type: bool - allow_host_ports: - description: - - AllowHostPorts determines if the policy allows host ports in the containers. - type: bool - allow_privileged_container: - description: - - AllowPrivilegedContainer determines if a container can request to be run - as privileged. - type: bool - allowed_capabilities: - description: - - AllowedCapabilities is a list of capabilities that can be requested to - add to the container. Capabilities in this field maybe added at the pod - author's discretion. You must not list a capability in both AllowedCapabilities - and RequiredDropCapabilities. To allow all capabilities you may use '*'. - type: list - contains: str - allowed_flex_volumes: - description: - - AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil - indicates that all Flexvolumes may be used. This parameter is effective - only when the usage of the Flexvolumes is allowed in the "Volumes" field. - type: list - contains: - driver: - description: - - Driver is the name of the Flexvolume driver. - type: str - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - default_add_capabilities: - description: - - DefaultAddCapabilities is the default set of capabilities that will be - added to the container unless the pod spec specifically drops the capability. - You may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities. - type: list - contains: str - fs_group: - description: - - FSGroup is the strategy that will dictate what fs group is used by the - SecurityContext. - type: complex - groups: - description: - - The groups that have permission to use this security context constraints - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - priority: - description: - - Priority influences the sort order of SCCs when evaluating which SCCs - to try first for a given pod request based on access in the Users and - Groups fields. The higher the int, the higher priority. An unset value - is considered a 0 priority. If scores for multiple SCCs are equal they - will be sorted from most restrictive to least restrictive. If both priorities - and restrictions are equal the SCCs will be sorted by name. - type: int - read_only_root_filesystem: - description: - - ReadOnlyRootFilesystem when set to true will force containers to run with - a read only root file system. If the container specifically requests to - run with a non-read only root file system the SCC should deny the pod. - If set to false the container may run with a read only root file system - if it wishes but it will not be forced to. - type: bool - required_drop_capabilities: - description: - - RequiredDropCapabilities are the capabilities that will be dropped from - the container. These are required to be dropped and cannot be added. - type: list - contains: str - run_as_user: - description: - - RunAsUser is the strategy that will dictate what RunAsUser is used in - the SecurityContext. - type: complex - se_linux_context: - description: - - SELinuxContext is the strategy that will dictate what labels will be set - in the SecurityContext. - type: complex - seccomp_profiles: - description: - - SeccompProfiles lists the allowed profiles that may be set for the pod - or container's seccomp annotations. An unset (nil) or empty value means - that no profiles may be specifid by the pod or container. The wildcard - '*' may be used to allow all profiles. When used to generate a value for - a pod the first non-wildcard profile will be used as the default. - type: list - contains: str - supplemental_groups: - description: - - SupplementalGroups is the strategy that will dictate what supplemental - groups are used by the SecurityContext. - type: complex - users: - description: - - The users who have permissions to use this security context constraints - type: list - contains: str - volumes: - description: - - Volumes is a white list of allowed volume plugins. FSType corresponds - directly with the field names of a VolumeSource (azureFile, configMap, - emptyDir). To allow all volumes you may use "*". To allow no volumes, - set to ["none"]. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - '' - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('security_context_constraints_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_self_subject_rules_review.py b/library/openshift_v1_self_subject_rules_review.py deleted file mode 100644 index d0532ea4..00000000 --- a/library/openshift_v1_self_subject_rules_review.py +++ /dev/null @@ -1,122 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_self_subject_rules_review -short_description: OpenShift SelfSubjectRulesReview -description: -- Manage the lifecycle of a self_subject_rules_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_scopes: - description: - - Scopes to use for the evaluation. Empty means "use the unscoped (full) permissions - of the user/groups". Nil means "use the scopes on this request". - aliases: - - scopes - type: list - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -self_subject_rules_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - spec: - description: - - Spec adds information about how to conduct the check - type: complex - status: - description: - - Status is completed by the server to tell which permissions you have - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('self_subject_rules_review', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_stateful_set.py b/library/openshift_v1_stateful_set.py deleted file mode 100644 index 4748f5a9..00000000 --- a/library/openshift_v1_stateful_set.py +++ /dev/null @@ -1,564 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_stateful_set -short_description: OpenShift StatefulSet -description: -- Manage the lifecycle of a stateful_set object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_pod_management_policy: - description: - - podManagementPolicy controls how pods are created during initial scale up, when - replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, - where pods are created in increasing order (pod-0, then pod-1, etc) and the - controller will wait until each pod is ready before continuing. When scaling - down, the pods are removed in the opposite order. The alternative policy is - `Parallel` which will create pods in parallel to match the desired scale without - waiting, and on scale down will delete all pods at once. - aliases: - - pod_management_policy - spec_replicas: - description: - - replicas is the desired number of replicas of the given Template. These are - replicas in the sense that they are instantiations of the same Template, but - individual replicas also have a consistent identity. If unspecified, defaults - to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - revisionHistoryLimit is the maximum number of revisions that will be maintained - in the StatefulSet's revision history. The revision history consists of all - revisions not represented by a currently applied StatefulSetSpec version. The - default value is 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_service_name: - description: - - 'serviceName is the name of the service that governs this StatefulSet. This - service must exist before the StatefulSet, and is responsible for the network - identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local - where "pod-specific-string" is managed by the StatefulSet controller.' - aliases: - - service_name - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_update_strategy_rolling_update_partition: - description: - - Partition indicates the ordinal at which the StatefulSet should be partitioned. - Default value is 0. - aliases: - - update_strategy_rolling_update_partition - type: int - spec_update_strategy_type: - description: - - Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. - aliases: - - update_strategy_type - spec_volume_claim_templates: - description: - - volumeClaimTemplates is a list of claims that pods are allowed to reference. - The StatefulSet controller is responsible for mapping network identities to - claims in a way that maintains the identity of a pod. Every claim in this list - must have at least one matching (by name) volumeMount in one container in the - template. A claim in this list takes precedence over any volumes in the template, - with the same name. - aliases: - - volume_claim_templates - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -stateful_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec defines the desired identities of pods in this set. - type: complex - status: - description: - - Status is the current status of Pods in this StatefulSet. This data may be - out of date by some window of time. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('stateful_set', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_stateful_set_list.py b/library/openshift_v1_stateful_set_list.py deleted file mode 100644 index 786b233e..00000000 --- a/library/openshift_v1_stateful_set_list.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_stateful_set_list -short_description: OpenShift StatefulSetList -description: -- Retrieve a list of stateful_sets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -stateful_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: [] - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec defines the desired identities of pods in this set. - type: complex - status: - description: - - Status is the current status of Pods in this StatefulSet. This data may - be out of date by some window of time. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('stateful_set_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_subject_rules_review.py b/library/openshift_v1_subject_rules_review.py deleted file mode 100644 index 560dc3b1..00000000 --- a/library/openshift_v1_subject_rules_review.py +++ /dev/null @@ -1,134 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_subject_rules_review -short_description: OpenShift SubjectRulesReview -description: -- Manage the lifecycle of a subject_rules_review object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_groups: - description: - - Groups is optional. Groups is the list of groups to which the User belongs. - At least one of User and Groups must be specified. - aliases: - - groups - type: list - spec_scopes: - description: - - Scopes to use for the evaluation. Empty means "use the unscoped (full) permissions - of the user/groups". - aliases: - - scopes - type: list - spec_user: - description: - - User is optional. At least one of User and Groups must be specified. - aliases: - - user - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -subject_rules_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - spec: - description: - - Spec adds information about how to conduct the check - type: complex - status: - description: - - Status is completed by the server to tell which permissions you have - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('subject_rules_review', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_template.py b/library/openshift_v1_template.py deleted file mode 100644 index 8fdd2d0b..00000000 --- a/library/openshift_v1_template.py +++ /dev/null @@ -1,250 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_template -short_description: OpenShift Template -description: -- Manage the lifecycle of a template object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - message: - description: - - message is an optional instructional message that will be displayed when this - template is instantiated. This field should inform the user how to utilize the - newly created resources. Parameter substitution will be performed on the message - before being displayed so that generated credentials and other parameters can - be included in the output. - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - objects: - description: - - objects is an array of resources to include in this template. If a namespace - value is hardcoded in the object, it will be removed during template instantiation, - however if the namespace value is, or contains, a ${PARAMETER_REFERENCE}, the - resolved value after parameter substitution will be respected and the object - will be created in that namespace. - type: list - parameters: - description: - - parameters is an optional array of Parameters used during the Template to Config - transformation. - type: list - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -template: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - labels: - description: - - labels is a optional set of labels that are applied to every object during - the Template to Config transformation. - type: complex - contains: str, str - message: - description: - - message is an optional instructional message that will be displayed when this - template is instantiated. This field should inform the user how to utilize - the newly created resources. Parameter substitution will be performed on the - message before being displayed so that generated credentials and other parameters - can be included in the output. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - objects: - description: - - objects is an array of resources to include in this template. If a namespace - value is hardcoded in the object, it will be removed during template instantiation, - however if the namespace value is, or contains, a ${PARAMETER_REFERENCE}, - the resolved value after parameter substitution will be respected and the - object will be created in that namespace. - type: list - contains: - raw: - description: - - Raw is the underlying serialization of this object. - type: str - parameters: - description: - - parameters is an optional array of Parameters used during the Template to - Config transformation. - type: list - contains: - from: - description: - - From is an input value for the generator. Optional. - type: str - description: - description: - - Description of a parameter. Optional. - type: str - display_name: - description: - - "Optional: The name that will show in UI instead of parameter 'Name'" - type: str - generate: - description: - - 'generate specifies the generator to be used to generate random string - from an input value specified by From field. The result string is stored - into Value field. If empty, no generator is being used, leaving the result - Value untouched. Optional. The only supported generator is "expression", - which accepts a "from" value in the form of a simple regular expression - containing the range expression "[a-zA-Z0-9]", and the length expression - "a{length}". Examples: from | value ----------------------------- "test[0-9]{1}x" - | "test7x" "[0-1]{8}" | "01001100" "0x[A-F0-9]{4}" | "0xB3AF" "[a-zA-Z0-9]{8}" - | "hW4yQU5i"' - type: str - name: - description: - - Name must be set and it can be referenced in Template Items using ${PARAMETER_NAME}. - Required. - type: str - required: - description: - - 'Optional: Indicates the parameter must have a value. Defaults to false.' - type: bool - value: - description: - - Value holds the Parameter data. If specified, the generator will be ignored. - The value replaces all occurrences of the Parameter ${Name} expression - during the Template to Config transformation. Optional. - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('template', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_template_instance.py b/library/openshift_v1_template_instance.py deleted file mode 100644 index f87a3c3f..00000000 --- a/library/openshift_v1_template_instance.py +++ /dev/null @@ -1,263 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_template_instance -short_description: OpenShift TemplateInstance -description: -- Manage the lifecycle of a template_instance object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_requester_extra: - description: - - extra holds additional information provided by the authenticator. - aliases: - - requester_extra - type: dict - spec_requester_groups: - description: - - groups represent the groups this user is a part of. - aliases: - - requester_groups - type: list - spec_requester_uid: - description: - - uid is a unique value that identifies this user across time; if this user is - deleted and another user by the same name is added, they will have different - UIDs. - aliases: - - requester_uid - spec_requester_username: - description: - - username uniquely identifies this user among all active users. - aliases: - - requester_username - spec_secret_name: - description: - - Name of the referent. - aliases: - - secret_name - spec_template_api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - aliases: - - api_version - spec_template_kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - aliases: - - kind - spec_template_labels: - description: - - labels is a optional set of labels that are applied to every object during the - Template to Config transformation. - type: dict - spec_template_message: - description: - - message is an optional instructional message that will be displayed when this - template is instantiated. This field should inform the user how to utilize the - newly created resources. Parameter substitution will be performed on the message - before being displayed so that generated credentials and other parameters can - be included in the output. - aliases: - - message - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_objects: - description: - - objects is an array of resources to include in this template. If a namespace - value is hardcoded in the object, it will be removed during template instantiation, - however if the namespace value is, or contains, a ${PARAMETER_REFERENCE}, the - resolved value after parameter substitution will be respected and the object - will be created in that namespace. - aliases: - - objects - type: list - spec_template_parameters: - description: - - parameters is an optional array of Parameters used during the Template to Config - transformation. - aliases: - - parameters - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -template_instance: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - spec describes the desired state of this TemplateInstance. - type: complex - status: - description: - - status describes the current state of this TemplateInstance. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('template_instance', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_template_instance_list.py b/library/openshift_v1_template_instance_list.py deleted file mode 100644 index 28a7f136..00000000 --- a/library/openshift_v1_template_instance_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_template_instance_list -short_description: OpenShift TemplateInstanceList -description: -- Retrieve a list of template_instances. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -template_instance_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is a list of Templateinstances - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - spec describes the desired state of this TemplateInstance. - type: complex - status: - description: - - status describes the current state of this TemplateInstance. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('template_instance_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_template_list.py b/library/openshift_v1_template_list.py deleted file mode 100644 index 117b383f..00000000 --- a/library/openshift_v1_template_list.py +++ /dev/null @@ -1,230 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_template_list -short_description: OpenShift TemplateList -description: -- Retrieve a list of templates. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -template_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of templates - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - labels: - description: - - labels is a optional set of labels that are applied to every object during - the Template to Config transformation. - type: complex - contains: str, str - message: - description: - - message is an optional instructional message that will be displayed when - this template is instantiated. This field should inform the user how to - utilize the newly created resources. Parameter substitution will be performed - on the message before being displayed so that generated credentials and - other parameters can be included in the output. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - objects: - description: - - objects is an array of resources to include in this template. If a namespace - value is hardcoded in the object, it will be removed during template instantiation, - however if the namespace value is, or contains, a ${PARAMETER_REFERENCE}, - the resolved value after parameter substitution will be respected and - the object will be created in that namespace. - type: list - contains: - raw: - description: - - Raw is the underlying serialization of this object. - type: str - parameters: - description: - - parameters is an optional array of Parameters used during the Template - to Config transformation. - type: list - contains: - from: - description: - - From is an input value for the generator. Optional. - type: str - description: - description: - - Description of a parameter. Optional. - type: str - display_name: - description: - - "Optional: The name that will show in UI instead of parameter 'Name'" - type: str - generate: - description: - - 'generate specifies the generator to be used to generate random string - from an input value specified by From field. The result string is - stored into Value field. If empty, no generator is being used, leaving - the result Value untouched. Optional. The only supported generator - is "expression", which accepts a "from" value in the form of a simple - regular expression containing the range expression "[a-zA-Z0-9]", - and the length expression "a{length}". Examples: from | value ----------------------------- - "test[0-9]{1}x" | "test7x" "[0-1]{8}" | "01001100" "0x[A-F0-9]{4}" - | "0xB3AF" "[a-zA-Z0-9]{8}" | "hW4yQU5i"' - type: str - name: - description: - - Name must be set and it can be referenced in Template Items using - ${PARAMETER_NAME}. Required. - type: str - required: - description: - - 'Optional: Indicates the parameter must have a value. Defaults to - false.' - type: bool - value: - description: - - Value holds the Parameter data. If specified, the generator will be - ignored. The value replaces all occurrences of the Parameter ${Name} - expression during the Template to Config transformation. Optional. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('template_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_user.py b/library/openshift_v1_user.py deleted file mode 100644 index b95eac40..00000000 --- a/library/openshift_v1_user.py +++ /dev/null @@ -1,187 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_user -short_description: OpenShift User -description: -- Manage the lifecycle of a user object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - full_name: - description: - - FullName is the full name of user - groups: - description: - - Groups specifies group names this user is a member of. This field is deprecated - and will be removed in a future release. Instead, create a Group object containing - the name of this User. - type: list - host: - description: - - Provide a URL for acessing the Kubernetes API. - identities: - description: - - Identities are the identities associated with this user - type: list - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -user: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - full_name: - description: - - FullName is the full name of user - type: str - groups: - description: - - Groups specifies group names this user is a member of. This field is deprecated - and will be removed in a future release. Instead, create a Group object containing - the name of this User. - type: list - contains: str - identities: - description: - - Identities are the identities associated with this user - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('user', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_user_identity_mapping.py b/library/openshift_v1_user_identity_mapping.py deleted file mode 100644 index 5760b8cf..00000000 --- a/library/openshift_v1_user_identity_mapping.py +++ /dev/null @@ -1,230 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_user_identity_mapping -short_description: OpenShift UserIdentityMapping -description: -- Manage the lifecycle of a user_identity_mapping object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - identity_api_version: - description: - - API version of the referent. - aliases: - - api_version - identity_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - identity_kind: - description: - - Kind of the referent. - aliases: - - kind - identity_name: - description: - - Name of the referent. - identity_namespace: - description: - - Namespace of the referent. - identity_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - identity_uid: - description: - - UID of the referent. - aliases: - - uid - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - user_api_version: - description: - - API version of the referent. - user_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - user_kind: - description: - - Kind of the referent. - user_name: - description: - - Name of the referent. - user_namespace: - description: - - Namespace of the referent. - user_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - user_uid: - description: - - UID of the referent. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -user_identity_mapping: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - identity: - description: - - Identity is a reference to an identity - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - user: - description: - - User is a reference to a user - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('user_identity_mapping', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_user_list.py b/library/openshift_v1_user_list.py deleted file mode 100644 index 8750b710..00000000 --- a/library/openshift_v1_user_list.py +++ /dev/null @@ -1,173 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_user_list -short_description: OpenShift UserList -description: -- Retrieve a list of users. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -user_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of users - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - full_name: - description: - - FullName is the full name of user - type: str - groups: - description: - - Groups specifies group names this user is a member of. This field is deprecated - and will be removed in a future release. Instead, create a Group object - containing the name of this User. - type: list - contains: str - identities: - description: - - Identities are the identities associated with this user - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('user_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1beta1_event.py b/library/openshift_v1beta1_event.py deleted file mode 100644 index b5c1d409..00000000 --- a/library/openshift_v1beta1_event.py +++ /dev/null @@ -1,341 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1beta1_event -short_description: OpenShift Event -description: -- Manage the lifecycle of a event object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - action: - description: - - What action was taken/failed regarding to the regarding object. - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - deprecated_count: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: int - deprecated_first_timestamp: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - deprecated_last_timestamp: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - deprecated_source_component: - description: - - Component from which the event is generated. - aliases: - - component - deprecated_source_host: - description: - - Node name on which the event is generated. - event_time: - description: - - Required. Time when this Event was first observed. - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - note: - description: - - Optional. A human-readable description of the status of this operation. Maximal - length of the note is 1kB, but libraries should be prepared to handle values - up to 64kB. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - reason: - description: - - Why the action was taken. - regarding_api_version: - description: - - API version of the referent. - aliases: - - api_version - regarding_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - regarding_kind: - description: - - Kind of the referent. - aliases: - - kind - regarding_name: - description: - - Name of the referent. - regarding_namespace: - description: - - Namespace of the referent. - regarding_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - regarding_uid: - description: - - UID of the referent. - aliases: - - uid - related_api_version: - description: - - API version of the referent. - related_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - related_kind: - description: - - Kind of the referent. - related_name: - description: - - Name of the referent. - related_namespace: - description: - - Namespace of the referent. - related_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - related_uid: - description: - - UID of the referent. - reporting_controller: - description: - - Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`. - reporting_instance: - description: - - ID of the controller instance, e.g. `kubelet-xyzf`. - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - series_count: - description: - - Number of occurrences in this series up to the last heartbeat time - aliases: - - count - type: int - series_last_observed_time: - description: - - Time when last Event from the series was seen before last heartbeat. - aliases: - - last_observed_time - series_state: - description: - - Information whether this series is ongoing or finished. - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - type: - description: - - Type of this event (Normal, Warning), new types could be added in the future. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -event: - type: complex - returned: when I(state) = C(present) - contains: - action: - description: - - What action was taken/failed regarding to the regarding object. - type: str - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - deprecated_count: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: int - deprecated_first_timestamp: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: complex - contains: {} - deprecated_last_timestamp: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: complex - contains: {} - deprecated_source: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: complex - event_time: - description: - - Required. Time when this Event was first observed. - type: complex - contains: {} - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - note: - description: - - Optional. A human-readable description of the status of this operation. Maximal - length of the note is 1kB, but libraries should be prepared to handle values - up to 64kB. - type: str - reason: - description: - - Why the action was taken. - type: str - regarding: - description: - - The object this Event is about. In most cases it's an Object reporting controller - implements. E.g. ReplicaSetController implements ReplicaSets and this event - is emitted because it acts on some changes in a ReplicaSet object. - type: complex - related: - description: - - Optional secondary object for more complex actions. E.g. when regarding object - triggers a creation or deletion of related object. - type: complex - reporting_controller: - description: - - Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`. - type: str - reporting_instance: - description: - - ID of the controller instance, e.g. `kubelet-xyzf`. - type: str - series: - description: - - Data about the Event series this event represents or nil if it's a singleton - Event. - type: complex - type: - description: - - Type of this event (Normal, Warning), new types could be added in the future. - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('event', 'v1beta1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1beta1_event_list.py b/library/openshift_v1beta1_event_list.py deleted file mode 100644 index fb56a6e1..00000000 --- a/library/openshift_v1beta1_event_list.py +++ /dev/null @@ -1,223 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1beta1_event_list -short_description: OpenShift EventList -description: -- Retrieve a list of events. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -event_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of schema objects. - type: list - contains: - action: - description: - - What action was taken/failed regarding to the regarding object. - type: str - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - deprecated_count: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: int - deprecated_first_timestamp: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: complex - contains: {} - deprecated_last_timestamp: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: complex - contains: {} - deprecated_source: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: complex - event_time: - description: - - Required. Time when this Event was first observed. - type: complex - contains: {} - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - note: - description: - - Optional. A human-readable description of the status of this operation. - Maximal length of the note is 1kB, but libraries should be prepared to - handle values up to 64kB. - type: str - reason: - description: - - Why the action was taken. - type: str - regarding: - description: - - The object this Event is about. In most cases it's an Object reporting - controller implements. E.g. ReplicaSetController implements ReplicaSets - and this event is emitted because it acts on some changes in a ReplicaSet - object. - type: complex - related: - description: - - Optional secondary object for more complex actions. E.g. when regarding - object triggers a creation or deletion of related object. - type: complex - reporting_controller: - description: - - Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`. - type: str - reporting_instance: - description: - - ID of the controller instance, e.g. `kubelet-xyzf`. - type: str - series: - description: - - Data about the Event series this event represents or nil if it's a singleton - Event. - type: complex - type: - description: - - Type of this event (Normal, Warning), new types could be added in the - future. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('event_list', 'v1beta1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1beta1_mutating_webhook_configuration.py b/library/openshift_v1beta1_mutating_webhook_configuration.py deleted file mode 100644 index cf130183..00000000 --- a/library/openshift_v1beta1_mutating_webhook_configuration.py +++ /dev/null @@ -1,238 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1beta1_mutating_webhook_configuration -short_description: OpenShift MutatingWebhookConfiguration -description: -- Manage the lifecycle of a mutating_webhook_configuration object. Supports check - mode, and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool - webhooks: - description: - - Webhooks is a list of webhooks and the affected resources and operations. - type: list -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -mutating_webhook_configuration: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - webhooks: - description: - - Webhooks is a list of webhooks and the affected resources and operations. - type: list - contains: - client_config: - description: - - ClientConfig defines how to communicate with the hook. Required - type: complex - failure_policy: - description: - - FailurePolicy defines how unrecognized errors from the admission endpoint - are handled - allowed values are Ignore or Fail. Defaults to Ignore. - type: str - name: - description: - - The name of the admission webhook. Name should be fully qualified, e.g., - imagepolicy.kubernetes.io, where "imagepolicy" is the name of the webhook, - and kubernetes.io is the name of the organization. Required. - type: str - namespace_selector: - description: - - 'NamespaceSelector decides whether to run the webhook on an object based - on whether the namespace for that object matches the selector. If the - object itself is a namespace, the matching is performed on object.metadata.labels. - If the object is other cluster scoped resource, it is not subjected to - the webhook. For example, to run the webhook on any objects whose namespace - is not associated with "runlevel" of "0" or "1"; you will set the selector - as follows: "namespaceSelector": { "matchExpressions": [ { "key": "runlevel", - "operator": "NotIn", "values": [ "0", "1" ] } ] } If instead you want - to only run the webhook on any objects whose namespace is associated with - the "environment" of "prod" or "staging"; you will set the selector as - follows: "namespaceSelector": { "matchExpressions": [ { "key": "environment", - "operator": "In", "values": [ "prod", "staging" ] } ] } See for more examples - of label selectors. Default to the empty LabelSelector, which matches - everything.' - type: complex - rules: - description: - - Rules describes what operations on what resources/subresources the webhook - cares about. The webhook cares about an operation if it matches _any_ - Rule. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all groups. - If '*' is present, the length of the slice must be one. Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is all - versions. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - operations: - description: - - Operations is the operations the admission hook cares about - CREATE, - UPDATE, or * for all operations. If '*' is present, the length of - the slice must be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means all\ - \ subresources of pods. '*/scale' means all scale subresources. '*/*'\ - \ means all resources and their subresources. If wildcard is present,\ - \ the validation rule will ensure resources do not overlap with each\ - \ other. Depending on the enclosing object, subresources might not\ - \ be allowed. Required." - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('mutating_webhook_configuration', 'v1beta1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1beta1_mutating_webhook_configuration_list.py b/library/openshift_v1beta1_mutating_webhook_configuration_list.py deleted file mode 100644 index 6b3279bc..00000000 --- a/library/openshift_v1beta1_mutating_webhook_configuration_list.py +++ /dev/null @@ -1,234 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1beta1_mutating_webhook_configuration_list -short_description: OpenShift MutatingWebhookConfigurationList -description: -- Retrieve a list of mutating_webhook_configurations. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -mutating_webhook_configuration_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of MutatingWebhookConfiguration. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - webhooks: - description: - - Webhooks is a list of webhooks and the affected resources and operations. - type: list - contains: - client_config: - description: - - ClientConfig defines how to communicate with the hook. Required - type: complex - failure_policy: - description: - - FailurePolicy defines how unrecognized errors from the admission endpoint - are handled - allowed values are Ignore or Fail. Defaults to Ignore. - type: str - name: - description: - - The name of the admission webhook. Name should be fully qualified, - e.g., imagepolicy.kubernetes.io, where "imagepolicy" is the name of - the webhook, and kubernetes.io is the name of the organization. Required. - type: str - namespace_selector: - description: - - 'NamespaceSelector decides whether to run the webhook on an object - based on whether the namespace for that object matches the selector. - If the object itself is a namespace, the matching is performed on - object.metadata.labels. If the object is other cluster scoped resource, - it is not subjected to the webhook. For example, to run the webhook - on any objects whose namespace is not associated with "runlevel" of - "0" or "1"; you will set the selector as follows: "namespaceSelector": - { "matchExpressions": [ { "key": "runlevel", "operator": "NotIn", - "values": [ "0", "1" ] } ] } If instead you want to only run the webhook - on any objects whose namespace is associated with the "environment" - of "prod" or "staging"; you will set the selector as follows: "namespaceSelector": - { "matchExpressions": [ { "key": "environment", "operator": "In", - "values": [ "prod", "staging" ] } ] } See for more examples of label - selectors. Default to the empty LabelSelector, which matches everything.' - type: complex - rules: - description: - - Rules describes what operations on what resources/subresources the - webhook cares about. The webhook cares about an operation if it matches - _any_ Rule. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all - groups. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is - all versions. If '*' is present, the length of the slice must - be one. Required. - type: list - contains: str - operations: - description: - - Operations is the operations the admission hook cares about - - CREATE, UPDATE, or * for all operations. If '*' is present, the - length of the slice must be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means\ - \ all subresources of pods. '*/scale' means all scale subresources.\ - \ '*/*' means all resources and their subresources. If wildcard\ - \ is present, the validation rule will ensure resources do not\ - \ overlap with each other. Depending on the enclosing object,\ - \ subresources might not be allowed. Required." - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('mutating_webhook_configuration_list', 'v1beta1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1beta1_validating_webhook_configuration.py b/library/openshift_v1beta1_validating_webhook_configuration.py deleted file mode 100644 index 7bd1fdfc..00000000 --- a/library/openshift_v1beta1_validating_webhook_configuration.py +++ /dev/null @@ -1,238 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1beta1_validating_webhook_configuration -short_description: OpenShift ValidatingWebhookConfiguration -description: -- Manage the lifecycle of a validating_webhook_configuration object. Supports check - mode, and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool - webhooks: - description: - - Webhooks is a list of webhooks and the affected resources and operations. - type: list -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -validating_webhook_configuration: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - webhooks: - description: - - Webhooks is a list of webhooks and the affected resources and operations. - type: list - contains: - client_config: - description: - - ClientConfig defines how to communicate with the hook. Required - type: complex - failure_policy: - description: - - FailurePolicy defines how unrecognized errors from the admission endpoint - are handled - allowed values are Ignore or Fail. Defaults to Ignore. - type: str - name: - description: - - The name of the admission webhook. Name should be fully qualified, e.g., - imagepolicy.kubernetes.io, where "imagepolicy" is the name of the webhook, - and kubernetes.io is the name of the organization. Required. - type: str - namespace_selector: - description: - - 'NamespaceSelector decides whether to run the webhook on an object based - on whether the namespace for that object matches the selector. If the - object itself is a namespace, the matching is performed on object.metadata.labels. - If the object is other cluster scoped resource, it is not subjected to - the webhook. For example, to run the webhook on any objects whose namespace - is not associated with "runlevel" of "0" or "1"; you will set the selector - as follows: "namespaceSelector": { "matchExpressions": [ { "key": "runlevel", - "operator": "NotIn", "values": [ "0", "1" ] } ] } If instead you want - to only run the webhook on any objects whose namespace is associated with - the "environment" of "prod" or "staging"; you will set the selector as - follows: "namespaceSelector": { "matchExpressions": [ { "key": "environment", - "operator": "In", "values": [ "prod", "staging" ] } ] } See for more examples - of label selectors. Default to the empty LabelSelector, which matches - everything.' - type: complex - rules: - description: - - Rules describes what operations on what resources/subresources the webhook - cares about. The webhook cares about an operation if it matches _any_ - Rule. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all groups. - If '*' is present, the length of the slice must be one. Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is all - versions. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - operations: - description: - - Operations is the operations the admission hook cares about - CREATE, - UPDATE, or * for all operations. If '*' is present, the length of - the slice must be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means all\ - \ subresources of pods. '*/scale' means all scale subresources. '*/*'\ - \ means all resources and their subresources. If wildcard is present,\ - \ the validation rule will ensure resources do not overlap with each\ - \ other. Depending on the enclosing object, subresources might not\ - \ be allowed. Required." - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('validating_webhook_configuration', 'v1beta1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1beta1_validating_webhook_configuration_list.py b/library/openshift_v1beta1_validating_webhook_configuration_list.py deleted file mode 100644 index 583599ae..00000000 --- a/library/openshift_v1beta1_validating_webhook_configuration_list.py +++ /dev/null @@ -1,234 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1beta1_validating_webhook_configuration_list -short_description: OpenShift ValidatingWebhookConfigurationList -description: -- Retrieve a list of validating_webhook_configurations. List operations provide a - snapshot read of the underlying objects, returning a resource_version representing - a consistent version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -validating_webhook_configuration_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ValidatingWebhookConfiguration. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - webhooks: - description: - - Webhooks is a list of webhooks and the affected resources and operations. - type: list - contains: - client_config: - description: - - ClientConfig defines how to communicate with the hook. Required - type: complex - failure_policy: - description: - - FailurePolicy defines how unrecognized errors from the admission endpoint - are handled - allowed values are Ignore or Fail. Defaults to Ignore. - type: str - name: - description: - - The name of the admission webhook. Name should be fully qualified, - e.g., imagepolicy.kubernetes.io, where "imagepolicy" is the name of - the webhook, and kubernetes.io is the name of the organization. Required. - type: str - namespace_selector: - description: - - 'NamespaceSelector decides whether to run the webhook on an object - based on whether the namespace for that object matches the selector. - If the object itself is a namespace, the matching is performed on - object.metadata.labels. If the object is other cluster scoped resource, - it is not subjected to the webhook. For example, to run the webhook - on any objects whose namespace is not associated with "runlevel" of - "0" or "1"; you will set the selector as follows: "namespaceSelector": - { "matchExpressions": [ { "key": "runlevel", "operator": "NotIn", - "values": [ "0", "1" ] } ] } If instead you want to only run the webhook - on any objects whose namespace is associated with the "environment" - of "prod" or "staging"; you will set the selector as follows: "namespaceSelector": - { "matchExpressions": [ { "key": "environment", "operator": "In", - "values": [ "prod", "staging" ] } ] } See for more examples of label - selectors. Default to the empty LabelSelector, which matches everything.' - type: complex - rules: - description: - - Rules describes what operations on what resources/subresources the - webhook cares about. The webhook cares about an operation if it matches - _any_ Rule. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all - groups. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is - all versions. If '*' is present, the length of the slice must - be one. Required. - type: list - contains: str - operations: - description: - - Operations is the operations the admission hook cares about - - CREATE, UPDATE, or * for all operations. If '*' is present, the - length of the slice must be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means\ - \ all subresources of pods. '*/scale' means all scale subresources.\ - \ '*/*' means all resources and their subresources. If wildcard\ - \ is present, the validation rule will ensure resources do not\ - \ overlap with each other. Depending on the enclosing object,\ - \ subresources might not be allowed. Required." - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('validating_webhook_configuration_list', 'v1beta1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/meta/main.yml b/meta/main.yml deleted file mode 100644 index 8f509dd8..00000000 --- a/meta/main.yml +++ /dev/null @@ -1,52 +0,0 @@ -galaxy_info: - author: Ansible - description: Pre-release Kubernetes modules - company: Ansible by Red Hat - - # If the issue tracker for your role is not on github, uncomment the - # next line and provide a value - issue_tracker_url: https://github.com/openshift/openshift-restclient-python/issues - - # Some suggested licenses: - # - BSD (default) - # - MIT - # - GPLv2 - # - GPLv3 - # - Apache - # - CC-BY - license: Apache V2 - - min_ansible_version: 2.3 - - # Optionally specify the branch Galaxy will use when accessing the GitHub - # repo for this role. During role install, if no tags are available, - # Galaxy will use this branch. During import Galaxy will access files on - # this branch. If travis integration is cofigured, only notification for this - # branch will be accepted. Otherwise, in all cases, the repo's default branch - # (usually master) will be used. - #github_branch: - - # - # Below are all platforms currently available. Just uncomment - # the ones that apply to your role. If you don't see your - # platform on this list, let us know and we'll get it added! - # - platforms: - - name: Fedora - versions: - - all - - name: Ubuntu - versions: - - all - - name: EL - versions: - - all - - galaxy_tags: - - k8s - - kubernetes - - openshift - - modules - - api - -dependencies: [] diff --git a/module_utils/README.md b/module_utils/README.md deleted file mode 100644 index 9847c7f1..00000000 --- a/module_utils/README.md +++ /dev/null @@ -1,3 +0,0 @@ -The `k8_common.py` and `openshift_common.py` modules are not currently available in an official release of Ansible. They are part of Ansible, as you'll find them in the `devel` branch. At some point they will make it into an official release. Until then, they're included here for convenience. - -If you have uncovered a problem, or would like to make a change, please open an issue and submit pull requess at the [Ansible repo](https://github.com/ansible/ansible). diff --git a/module_utils/k8s_common.py b/module_utils/k8s_common.py deleted file mode 100644 index 06716e43..00000000 --- a/module_utils/k8s_common.py +++ /dev/null @@ -1,313 +0,0 @@ -# -# Copyright 2017 Red Hat | Ansible -# -# This file is part of Ansible -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see . - -import copy -import json -import os - -from ansible.module_utils.basic import AnsibleModule - -try: - from openshift.helper.ansible import KubernetesAnsibleModuleHelper, ARG_ATTRIBUTES_BLACKLIST - from openshift.helper.exceptions import KubernetesException - HAS_K8S_MODULE_HELPER = True -except ImportError as exc: - HAS_K8S_MODULE_HELPER = False - -try: - import yaml - HAS_YAML = True -except ImportError: - HAS_YAML = False - - -class KubernetesAnsibleException(Exception): - pass - - -class KubernetesAnsibleModule(AnsibleModule): - @staticmethod - def get_helper(api_version, kind): - return KubernetesAnsibleModuleHelper(api_version, kind) - - def __init__(self, kind, api_version): - self.api_version = api_version - self.kind = kind - self.argspec_cache = None - - if not HAS_K8S_MODULE_HELPER: - raise KubernetesAnsibleException( - "This module requires the OpenShift Python client. Try `pip install openshift`" - ) - - if not HAS_YAML: - raise KubernetesAnsibleException( - "This module requires PyYAML. Try `pip install PyYAML`" - ) - - try: - self.helper = self.get_helper(api_version, kind) - except Exception as exc: - raise KubernetesAnsibleException( - "Error initializing AnsibleModuleHelper: {}".format(exc) - ) - - mutually_exclusive = ( - ('resource_definition', 'src'), - ) - - AnsibleModule.__init__(self, - argument_spec=self.argspec, - supports_check_mode=True, - mutually_exclusive=mutually_exclusive) - - @property - def argspec(self): - """ - Build the module argument spec from the helper.argspec, removing any extra attributes not needed by - Ansible. - - :return: dict: a valid Ansible argument spec - """ - if not self.argspec_cache: - spec = { - 'dry_run': { - 'type': 'bool', - 'default': False, - 'description': [ - "If set to C(True) the module will exit without executing any action." - "Useful to only generate YAML file definitions for the resources in the tasks." - ] - } - } - - for arg_name, arg_properties in self.helper.argspec.items(): - spec[arg_name] = {} - for option, option_value in arg_properties.items(): - if option not in ARG_ATTRIBUTES_BLACKLIST: - if option == 'choices': - if isinstance(option_value, dict): - spec[arg_name]['choices'] = [value for key, value in option_value.items()] - else: - spec[arg_name]['choices'] = option_value - else: - spec[arg_name][option] = option_value - - self.argspec_cache = spec - return self.argspec_cache - - def execute_module(self): - """ - Performs basic CRUD operations on the model object. Ends by calling - AnsibleModule.fail_json(), if an error is encountered, otherwise - AnsibleModule.exit_json() with a dict containing: - changed: boolean - api_version: the API version - : a dict representing the object's state - :return: None - """ - - if self.params.get('debug'): - self.helper.enable_debug(reset_logfile=False) - self.helper.log_argspec() - - resource_definition = self.params.get('resource_definition') - if self.params.get('src'): - resource_definition = self.load_resource_definition(self.params['src']) - if resource_definition: - resource_params = self.resource_to_parameters(resource_definition) - self.params.update(resource_params) - - state = self.params.get('state', None) - force = self.params.get('force', False) - dry_run = self.params.pop('dry_run', False) - name = self.params.get('name') - namespace = self.params.get('namespace', None) - existing = None - - return_attributes = dict(changed=False, - api_version=self.api_version, - request=self.helper.request_body_from_params(self.params)) - return_attributes[self.helper.base_model_name_snake] = {} - - if dry_run: - self.exit_json(**return_attributes) - - try: - auth_options = {} - for key, value in self.helper.argspec.items(): - if value.get('auth_option') and self.params.get(key) is not None: - auth_options[key] = self.params[key] - self.helper.set_client_config(**auth_options) - except KubernetesException as e: - self.fail_json(msg='Error loading config', error=str(e)) - - if state is None: - # This is a list, rollback or ? module with no 'state' param - if self.helper.base_model_name_snake.endswith('list'): - # For list modules, execute a GET, and exit - k8s_obj = self._read(name, namespace) - return_attributes[self.kind] = k8s_obj.to_dict() if k8s_obj else {} - self.exit_json(**return_attributes) - elif self.helper.has_method('create'): - # For a rollback, execute a POST, and exit - k8s_obj = self._create(namespace) - return_attributes[self.kind] = k8s_obj.to_dict() if k8s_obj else {} - return_attributes['changed'] = True - self.exit_json(**return_attributes) - else: - self.fail_json(msg="Missing state parameter. Expected one of: present, absent") - - # CRUD modules - try: - existing = self.helper.get_object(name, namespace) - except KubernetesException as exc: - self.fail_json(msg='Failed to retrieve requested object: {}'.format(exc.message), - error=exc.value.get('status')) - - if state == 'absent': - if not existing: - # The object already does not exist - self.exit_json(**return_attributes) - else: - # Delete the object - if not self.check_mode: - try: - self.helper.delete_object(name, namespace) - except KubernetesException as exc: - self.fail_json(msg="Failed to delete object: {}".format(exc.message), - error=exc.value.get('status')) - return_attributes['changed'] = True - self.exit_json(**return_attributes) - else: - if not existing: - k8s_obj = self._create(namespace) - return_attributes[self.kind] = k8s_obj.to_dict() if k8s_obj else {} - return_attributes['changed'] = True - self.exit_json(**return_attributes) - - if existing and force: - k8s_obj = None - request_body = self.helper.request_body_from_params(self.params) - if not self.check_mode: - try: - k8s_obj = self.helper.replace_object(name, namespace, body=request_body) - except KubernetesException as exc: - self.fail_json(msg="Failed to replace object: {}".format(exc.message), - error=exc.value.get('status')) - return_attributes[self.kind] = k8s_obj.to_dict() if k8s_obj else {} - return_attributes['changed'] = True - self.exit_json(**return_attributes) - - # Check if existing object should be patched - k8s_obj = copy.deepcopy(existing) - try: - self.helper.object_from_params(self.params, obj=k8s_obj) - except KubernetesException as exc: - self.fail_json(msg="Failed to patch object: {}".format(exc.message)) - match, diff = self.helper.objects_match(existing, k8s_obj) - if match: - return_attributes[self.kind] = existing.to_dict() - self.exit_json(**return_attributes) - else: - self.helper.log('Existing:') - self.helper.log(existing.to_str()) - self.helper.log('\nDifferences:') - self.helper.log(json.dumps(diff, indent=4)) - # Differences exist between the existing obj and requested params - if not self.check_mode: - try: - k8s_obj = self.helper.patch_object(name, namespace, k8s_obj) - except KubernetesException as exc: - self.fail_json(msg="Failed to patch object: {}".format(exc.message)) - return_attributes[self.kind] = k8s_obj.to_dict() if k8s_obj else {} - return_attributes['changed'] = True - self.exit_json(**return_attributes) - - def _create(self, namespace): - request_body = None - k8s_obj = None - try: - request_body = self.helper.request_body_from_params(self.params) - except KubernetesException as exc: - self.fail_json(msg="Failed to create object: {}".format(exc.message)) - if not self.check_mode: - try: - k8s_obj = self.helper.create_object(namespace, body=request_body) - except KubernetesException as exc: - self.fail_json(msg="Failed to create object: {}".format(exc.message), - error=exc.value.get('status')) - return k8s_obj - - def _read(self, name, namespace): - k8s_obj = None - try: - k8s_obj = self.helper.get_object(name, namespace) - except KubernetesException as exc: - self.fail_json(msg='Failed to retrieve requested object', - error=exc.value.get('status')) - return k8s_obj - - def load_resource_definition(self, src): - """ Load the requested src path """ - result = None - path = os.path.normpath(src) - self.helper.log("Reading definition from {}".format(path)) - if not os.path.exists(path): - self.fail_json(msg="Error accessing {}. Does the file exist?".format(path)) - try: - result = yaml.safe_load(open(path, 'r')) - except (IOError, yaml.YAMLError) as exc: - self.fail_json(msg="Error loading resource_definition: {}".format(exc)) - return result - - def resource_to_parameters(self, resource): - """ Converts a resource definition to module parameters """ - parameters = {} - for key, value in resource.items(): - if key in ('apiVersion', 'kind', 'status'): - continue - elif key == 'metadata' and isinstance(value, dict): - for meta_key, meta_value in value.items(): - if meta_key in ('name', 'namespace', 'labels', 'annotations'): - parameters[meta_key] = meta_value - elif key in self.helper.argspec and value is not None: - parameters[key] = value - elif isinstance(value, dict): - self._add_parameter(value, [key], parameters) - self.helper.log("Request to parameters: {}".format(json.dumps(parameters))) - return parameters - - def _add_parameter(self, request, path, parameters): - for key, value in request.items(): - if path: - param_name = '_'.join(path + [self.helper.attribute_to_snake(key)]) - else: - param_name = self.helper.attribute_to_snake(key) - if param_name in self.helper.argspec and value is not None: - parameters[param_name] = value - elif isinstance(value, dict): - continue_path = copy.copy(path) if path else [] - continue_path.append(self.helper.attribute_to_snake(key)) - self._add_parameter(value, continue_path, parameters) - else: - self.fail_json( - msg=("Error parsing resource definition. Encountered {}, which does not map to a module " - "parameter. If this looks like a problem with the module, please open an issue at " - "github.com/openshift/openshift-restclient-python/issues").format(param_name) - ) diff --git a/module_utils/openshift_common.py b/module_utils/openshift_common.py deleted file mode 100644 index 7b20f2b5..00000000 --- a/module_utils/openshift_common.py +++ /dev/null @@ -1,69 +0,0 @@ -# -# Copyright 2017 Red Hat | Ansible -# -# This file is part of Ansible -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see . - -from ansible.module_utils.k8s_common import KubernetesAnsibleException, KubernetesAnsibleModule - -try: - from openshift.helper.ansible import OpenShiftAnsibleModuleHelper, ARG_ATTRIBUTES_BLACKLIST - from openshift.helper.exceptions import KubernetesException, OpenShiftException - HAS_OPENSHIFT_HELPER = True -except ImportError as exc: - HAS_OPENSHIFT_HELPER = False - - -class OpenShiftAnsibleException(KubernetesAnsibleException): - pass - - -class OpenShiftAnsibleModule(KubernetesAnsibleModule): - def __init__(self, kind, api_version): - if not HAS_OPENSHIFT_HELPER: - raise OpenShiftAnsibleException( - "This module requires the OpenShift Python client. Try `pip install openshift`" - ) - - try: - super(OpenShiftAnsibleModule, self).__init__(kind, api_version) - except KubernetesAnsibleException as exc: - raise OpenShiftAnsibleException(exc.args) - - @staticmethod - def get_helper(api_version, kind): - return OpenShiftAnsibleModuleHelper(api_version, kind) - - def _create(self, namespace): - if self.kind.lower() == 'project': - return self._create_project() - else: - return super(OpenShiftAnsibleModule, self)._create(namespace) - - def _create_project(self): - new_obj = None - k8s_obj = None - try: - new_obj = self.helper.object_from_params(self.params) - except KubernetesException as exc: - self.fail_json(msg="Failed to create object: {}".format(exc.message)) - try: - k8s_obj = self.helper.create_project(metadata=new_obj.metadata, - display_name=self.params.get('display_name'), - description=self.params.get('description')) - except KubernetesException as exc: - self.fail_json(msg='Failed to retrieve requested object', - error=exc.value.get('status')) - return k8s_obj diff --git a/plugins/modules/__init__.py b/plugins/modules/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/plugins/modules/_kubernetes.py b/plugins/modules/_kubernetes.py new file mode 100644 index 00000000..f039d827 --- /dev/null +++ b/plugins/modules/_kubernetes.py @@ -0,0 +1,18 @@ +#!/usr/bin/python + +# Copyright: (c) 2015, Google Inc. All Rights Reserved. +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['removed'], + 'supported_by': 'community'} + + +from ansible.module_utils.common.removed import removed_module + + +if __name__ == '__main__': + removed_module(removed_in='2.9') diff --git a/plugins/modules/k8s.py b/plugins/modules/k8s.py new file mode 100644 index 00000000..e61b29b8 --- /dev/null +++ b/plugins/modules/k8s.py @@ -0,0 +1,279 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# (c) 2018, Chris Houseknecht <@chouseknecht> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = ''' + +module: k8s + +short_description: Manage Kubernetes (K8s) objects + +version_added: "2.6" + +author: + - "Chris Houseknecht (@chouseknecht)" + - "Fabian von Feilitzsch (@fabianvf)" + +description: + - Use the OpenShift Python client to perform CRUD operations on K8s objects. + - Pass the object definition from a source file or inline. See examples for reading + files and using Jinja templates or vault-encrypted files. + - Access to the full range of K8s APIs. + - Use the M(k8s_info) module to obtain a list of items about an object of type C(kind) + - Authenticate using either a config file, certificates, password or token. + - Supports check mode. + +extends_documentation_fragment: + - k8s_state_options + - k8s_name_options + - k8s_resource_options + - k8s_auth_options + +notes: + - If your OpenShift Python library is not 0.9.0 or newer and you are trying to + remove an item from an associative array/dictionary, for example a label or + an annotation, you will need to explicitly set the value of the item to be + removed to `null`. Simply deleting the entry in the dictionary will not + remove it from openshift or kubernetes. + +options: + merge_type: + description: + - Whether to override the default patch merge approach with a specific type. By default, the strategic + merge will typically be used. + - For example, Custom Resource Definitions typically aren't updatable by the usual strategic merge. You may + want to use C(merge) if you see "strategic merge patch format is not supported" + - See U(https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment) + - Requires openshift >= 0.6.2 + - If more than one merge_type is given, the merge_types will be tried in order + - If openshift >= 0.6.2, this defaults to C(['strategic-merge', 'merge']), which is ideal for using the same parameters + on resource kinds that combine Custom Resources and built-in resources. For openshift < 0.6.2, the default + is simply C(strategic-merge). + - mutually exclusive with C(apply) + choices: + - json + - merge + - strategic-merge + type: list + version_added: "2.7" + wait: + description: + - Whether to wait for certain resource kinds to end up in the desired state. By default the module exits once Kubernetes has + received the request + - Implemented for C(state=present) for C(Deployment), C(DaemonSet) and C(Pod), and for C(state=absent) for all resource kinds. + - For resource kinds without an implementation, C(wait) returns immediately unless C(wait_condition) is set. + default: no + type: bool + version_added: "2.8" + wait_sleep: + description: + - Number of seconds to sleep between checks. + default: 5 + version_added: "2.9" + wait_timeout: + description: + - How long in seconds to wait for the resource to end up in the desired state. Ignored if C(wait) is not set. + default: 120 + version_added: "2.8" + wait_condition: + description: + - Specifies a custom condition on the status to wait for. Ignored if C(wait) is not set or is set to False. + suboptions: + type: + description: + - The type of condition to wait for. For example, the C(Pod) resource will set the C(Ready) condition (among others) + - Required if you are specifying a C(wait_condition). If left empty, the C(wait_condition) field will be ignored. + - The possible types for a condition are specific to each resource type in Kubernetes. See the API documentation of the status field + for a given resource to see possible choices. + status: + description: + - The value of the status field in your desired condition. + - For example, if a C(Deployment) is paused, the C(Progressing) C(type) will have the C(Unknown) status. + choices: + - True + - False + - Unknown + reason: + description: + - The value of the reason field in your desired condition + - For example, if a C(Deployment) is paused, The C(Progressing) c(type) will have the C(DeploymentPaused) reason. + - The possible reasons in a condition are specific to each resource type in Kubernetes. See the API documentation of the status field + for a given resource to see possible choices. + version_added: "2.8" + validate: + description: + - how (if at all) to validate the resource definition against the kubernetes schema. + Requires the kubernetes-validate python module + suboptions: + fail_on_error: + description: whether to fail on validation errors. + required: yes + type: bool + version: + description: version of Kubernetes to validate against. defaults to Kubernetes server version + strict: + description: whether to fail when passing unexpected properties + default: no + type: bool + version_added: "2.8" + append_hash: + description: + - Whether to append a hash to a resource name for immutability purposes + - Applies only to ConfigMap and Secret resources + - The parameter will be silently ignored for other resource kinds + - The full definition of an object is needed to generate the hash - this means that deleting an object created with append_hash + will only work if the same object is passed with state=absent (alternatively, just use state=absent with the name including + the generated hash and append_hash=no) + type: bool + version_added: "2.8" + apply: + description: + - C(apply) compares the desired resource definition with the previously supplied resource definition, + ignoring properties that are automatically generated + - C(apply) works better with Services than 'force=yes' + - mutually exclusive with C(merge_type) + type: bool + version_added: "2.9" + +requirements: + - "python >= 2.7" + - "openshift >= 0.6" + - "PyYAML >= 3.11" +''' + +EXAMPLES = ''' +- name: Create a k8s namespace + k8s: + name: testing + api_version: v1 + kind: Namespace + state: present + +- name: Create a Service object from an inline definition + k8s: + state: present + definition: + apiVersion: v1 + kind: Service + metadata: + name: web + namespace: testing + labels: + app: galaxy + service: web + spec: + selector: + app: galaxy + service: web + ports: + - protocol: TCP + targetPort: 8000 + name: port-8000-tcp + port: 8000 + +- name: Create a Service object by reading the definition from a file + k8s: + state: present + src: /testing/service.yml + +- name: Remove an existing Service object + k8s: + state: absent + api_version: v1 + kind: Service + namespace: testing + name: web + +# Passing the object definition from a file + +- name: Create a Deployment by reading the definition from a local file + k8s: + state: present + src: /testing/deployment.yml + +- name: >- + Read definition file from the Ansible controller file system. + If the definition file has been encrypted with Ansible Vault it will automatically be decrypted. + k8s: + state: present + definition: "{{ lookup('file', '/testing/deployment.yml') }}" + +- name: Read definition file from the Ansible controller file system after Jinja templating + k8s: + state: present + definition: "{{ lookup('template', '/testing/deployment.yml') }}" + +- name: fail on validation errors + k8s: + state: present + definition: "{{ lookup('template', '/testing/deployment.yml') }}" + validate: + fail_on_error: yes + +- name: warn on validation errors, check for unexpected properties + k8s: + state: present + definition: "{{ lookup('template', '/testing/deployment.yml') }}" + validate: + fail_on_error: no + strict: yes +''' + +RETURN = ''' +result: + description: + - The created, patched, or otherwise present object. Will be empty in the case of a deletion. + returned: success + type: complex + contains: + api_version: + description: The versioned schema of this representation of an object. + returned: success + type: str + kind: + description: Represents the REST resource this object represents. + returned: success + type: str + metadata: + description: Standard object metadata. Includes name, namespace, annotations, labels, etc. + returned: success + type: complex + spec: + description: Specific attributes of the object. Will vary based on the I(api_version) and I(kind). + returned: success + type: complex + status: + description: Current status details for the object. + returned: success + type: complex + items: + description: Returned only when multiple yaml documents are passed to src or resource_definition + returned: when resource_definition or src contains list of objects + type: list + duration: + description: elapsed time of task in seconds + returned: when C(wait) is true + type: int + sample: 48 +''' + +from ansible.module_utils.k8s.raw import KubernetesRawModule + + +def main(): + KubernetesRawModule().execute_module() + + +if __name__ == '__main__': + main() diff --git a/plugins/modules/k8s_auth.py b/plugins/modules/k8s_auth.py new file mode 100644 index 00000000..8dfd2efc --- /dev/null +++ b/plugins/modules/k8s_auth.py @@ -0,0 +1,336 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2018, KubeVirt Team <@kubevirt> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = ''' + +module: k8s_auth + +short_description: Authenticate to Kubernetes clusters which require an explicit login step + +version_added: "2.8" + +author: KubeVirt Team (@kubevirt) + +description: + - "This module handles authenticating to Kubernetes clusters requiring I(explicit) authentication procedures, + meaning ones where a client logs in (obtains an authentication token), performs API operations using said + token and then logs out (revokes the token). An example of a Kubernetes distribution requiring this module + is OpenShift." + - "On the other hand a popular configuration for username+password authentication is one utilizing HTTP Basic + Auth, which does not involve any additional login/logout steps (instead login credentials can be attached + to each and every API call performed) and as such is handled directly by the C(k8s) module (and other + resource–specific modules) by utilizing the C(host), C(username) and C(password) parameters. Please + consult your preferred module's documentation for more details." + +options: + state: + description: + - If set to I(present) connect to the API server using the URL specified in C(host) and attempt to log in. + - If set to I(absent) attempt to log out by revoking the authentication token specified in C(api_key). + default: present + choices: + - present + - absent + host: + description: + - Provide a URL for accessing the API server. + required: true + username: + description: + - Provide a username for authenticating with the API server. + password: + description: + - Provide a password for authenticating with the API server. + ca_cert: + description: + - "Path to a CA certificate file used to verify connection to the API server. The full certificate chain + must be provided to avoid certificate validation errors." + aliases: [ ssl_ca_cert ] + validate_certs: + description: + - "Whether or not to verify the API server's SSL certificates." + type: bool + default: true + aliases: [ verify_ssl ] + api_key: + description: + - When C(state) is set to I(absent), this specifies the token to revoke. + +requirements: + - python >= 2.7 + - urllib3 + - requests + - requests-oauthlib +''' + +EXAMPLES = ''' +- hosts: localhost + module_defaults: + group/k8s: + host: https://k8s.example.com/ + ca_cert: ca.pem + tasks: + - block: + # It's good practice to store login credentials in a secure vault and not + # directly in playbooks. + - include_vars: k8s_passwords.yml + + - name: Log in (obtain access token) + k8s_auth: + username: admin + password: "{{ k8s_admin_password }}" + register: k8s_auth_results + + # Previous task provides the token/api_key, while all other parameters + # are taken from module_defaults + - name: Get a list of all pods from any namespace + k8s_info: + api_key: "{{ k8s_auth_results.k8s_auth.api_key }}" + kind: Pod + register: pod_list + + always: + - name: If login succeeded, try to log out (revoke access token) + when: k8s_auth_results.k8s_auth.api_key is defined + k8s_auth: + state: absent + api_key: "{{ k8s_auth_results.k8s_auth.api_key }}" +''' + +# Returned value names need to match k8s modules parameter names, to make it +# easy to pass returned values of k8s_auth to other k8s modules. +# Discussion: https://github.com/ansible/ansible/pull/50807#discussion_r248827899 +RETURN = ''' +k8s_auth: + description: Kubernetes authentication facts. + returned: success + type: complex + contains: + api_key: + description: Authentication token. + returned: success + type: str + host: + description: URL for accessing the API server. + returned: success + type: str + ca_cert: + description: Path to a CA certificate file used to verify connection to the API server. + returned: success + type: str + validate_certs: + description: "Whether or not to verify the API server's SSL certificates." + returned: success + type: bool + username: + description: Username for authenticating with the API server. + returned: success + type: str +''' + + +import traceback + +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.six.moves.urllib_parse import urlparse, parse_qs, urlencode + +# 3rd party imports +try: + import requests + HAS_REQUESTS = True +except ImportError: + HAS_REQUESTS = False + +try: + from requests_oauthlib import OAuth2Session + HAS_REQUESTS_OAUTH = True +except ImportError: + HAS_REQUESTS_OAUTH = False + +try: + from urllib3.util import make_headers + HAS_URLLIB3 = True +except ImportError: + HAS_URLLIB3 = False + + +K8S_AUTH_ARG_SPEC = { + 'state': { + 'default': 'present', + 'choices': ['present', 'absent'], + }, + 'host': {'required': True}, + 'username': {}, + 'password': {'no_log': True}, + 'ca_cert': {'type': 'path', 'aliases': ['ssl_ca_cert']}, + 'validate_certs': { + 'type': 'bool', + 'default': True, + 'aliases': ['verify_ssl'] + }, + 'api_key': {'no_log': True}, +} + + +class KubernetesAuthModule(AnsibleModule): + def __init__(self): + AnsibleModule.__init__( + self, + argument_spec=K8S_AUTH_ARG_SPEC, + required_if=[ + ('state', 'present', ['username', 'password']), + ('state', 'absent', ['api_key']), + ] + ) + + if not HAS_REQUESTS: + self.fail("This module requires the python 'requests' package. Try `pip install requests`.") + + if not HAS_REQUESTS_OAUTH: + self.fail("This module requires the python 'requests-oauthlib' package. Try `pip install requests-oauthlib`.") + + if not HAS_URLLIB3: + self.fail("This module requires the python 'urllib3' package. Try `pip install urllib3`.") + + def execute_module(self): + state = self.params.get('state') + verify_ssl = self.params.get('validate_certs') + ssl_ca_cert = self.params.get('ca_cert') + + self.auth_username = self.params.get('username') + self.auth_password = self.params.get('password') + self.auth_api_key = self.params.get('api_key') + self.con_host = self.params.get('host') + + # python-requests takes either a bool or a path to a ca file as the 'verify' param + if verify_ssl and ssl_ca_cert: + self.con_verify_ca = ssl_ca_cert # path + else: + self.con_verify_ca = verify_ssl # bool + + # Get needed info to access authorization APIs + self.openshift_discover() + + if state == 'present': + new_api_key = self.openshift_login() + result = dict( + host=self.con_host, + validate_certs=verify_ssl, + ca_cert=ssl_ca_cert, + api_key=new_api_key, + username=self.auth_username, + ) + else: + self.openshift_logout() + result = dict() + + self.exit_json(changed=False, k8s_auth=result) + + def openshift_discover(self): + url = '{0}/.well-known/oauth-authorization-server'.format(self.con_host) + ret = requests.get(url, verify=self.con_verify_ca) + + if ret.status_code != 200: + self.fail_request("Couldn't find OpenShift's OAuth API", method='GET', url=url, + reason=ret.reason, status_code=ret.status_code) + + try: + oauth_info = ret.json() + + self.openshift_auth_endpoint = oauth_info['authorization_endpoint'] + self.openshift_token_endpoint = oauth_info['token_endpoint'] + except Exception as e: + self.fail_json(msg="Something went wrong discovering OpenShift OAuth details.", + exception=traceback.format_exc()) + + def openshift_login(self): + os_oauth = OAuth2Session(client_id='openshift-challenging-client') + authorization_url, state = os_oauth.authorization_url(self.openshift_auth_endpoint, + state="1", code_challenge_method='S256') + auth_headers = make_headers(basic_auth='{0}:{1}'.format(self.auth_username, self.auth_password)) + + # Request authorization code using basic auth credentials + ret = os_oauth.get( + authorization_url, + headers={'X-Csrf-Token': state, 'authorization': auth_headers.get('authorization')}, + verify=self.con_verify_ca, + allow_redirects=False + ) + + if ret.status_code != 302: + self.fail_request("Authorization failed.", method='GET', url=authorization_url, + reason=ret.reason, status_code=ret.status_code) + + # In here we have `code` and `state`, I think `code` is the important one + qwargs = {} + for k, v in parse_qs(urlparse(ret.headers['Location']).query).items(): + qwargs[k] = v[0] + qwargs['grant_type'] = 'authorization_code' + + # Using authorization code given to us in the Location header of the previous request, request a token + ret = os_oauth.post( + self.openshift_token_endpoint, + headers={ + 'Accept': 'application/json', + 'Content-Type': 'application/x-www-form-urlencoded', + # This is just base64 encoded 'openshift-challenging-client:' + 'Authorization': 'Basic b3BlbnNoaWZ0LWNoYWxsZW5naW5nLWNsaWVudDo=' + }, + data=urlencode(qwargs), + verify=self.con_verify_ca + ) + + if ret.status_code != 200: + self.fail_request("Failed to obtain an authorization token.", method='POST', + url=self.openshift_token_endpoint, + reason=ret.reason, status_code=ret.status_code) + + return ret.json()['access_token'] + + def openshift_logout(self): + url = '{0}/apis/oauth.openshift.io/v1/oauthaccesstokens/{1}'.format(self.con_host, self.auth_api_key) + headers = { + 'Accept': 'application/json', + 'Content-Type': 'application/json', + 'Authorization': 'Bearer {0}'.format(self.auth_api_key) + } + json = { + "apiVersion": "oauth.openshift.io/v1", + "kind": "DeleteOptions" + } + + ret = requests.delete(url, headers=headers, json=json, verify=self.con_verify_ca) + # Ignore errors, the token will time out eventually anyway + + def fail(self, msg=None): + self.fail_json(msg=msg) + + def fail_request(self, msg, **kwargs): + req_info = {} + for k, v in kwargs.items(): + req_info['req_' + k] = v + self.fail_json(msg=msg, **req_info) + + +def main(): + module = KubernetesAuthModule() + try: + module.execute_module() + except Exception as e: + module.fail_json(msg=str(e), exception=traceback.format_exc()) + + +if __name__ == '__main__': + main() diff --git a/plugins/modules/k8s_info.py b/plugins/modules/k8s_info.py new file mode 100644 index 00000000..99a8fd8c --- /dev/null +++ b/plugins/modules/k8s_info.py @@ -0,0 +1,179 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# (c) 2018, Will Thames <@willthames> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = ''' +module: k8s_info + +short_description: Describe Kubernetes (K8s) objects + +version_added: "2.7" + +author: + - "Will Thames (@willthames)" + +description: + - Use the OpenShift Python client to perform read operations on K8s objects. + - Access to the full range of K8s APIs. + - Authenticate using either a config file, certificates, password or token. + - Supports check mode. + - This module was called C(k8s_facts) before Ansible 2.9. The usage did not change. + +options: + api_version: + description: + - Use to specify the API version. in conjunction with I(kind), I(name), and I(namespace) to identify a + specific object. + default: v1 + aliases: + - api + - version + kind: + description: + - Use to specify an object model. Use in conjunction with I(api_version), I(name), and I(namespace) to identify a + specific object. + required: yes + name: + description: + - Use to specify an object name. Use in conjunction with I(api_version), I(kind) and I(namespace) to identify a + specific object. + namespace: + description: + - Use to specify an object namespace. Use in conjunction with I(api_version), I(kind), and I(name) + to identify a specific object. + label_selectors: + description: List of label selectors to use to filter results + field_selectors: + description: List of field selectors to use to filter results + +extends_documentation_fragment: + - k8s_auth_options + +requirements: + - "python >= 2.7" + - "openshift >= 0.6" + - "PyYAML >= 3.11" +''' + +EXAMPLES = ''' +- name: Get an existing Service object + k8s_info: + api_version: v1 + kind: Service + name: web + namespace: testing + register: web_service + +- name: Get a list of all service objects + k8s_info: + api_version: v1 + kind: Service + namespace: testing + register: service_list + +- name: Get a list of all pods from any namespace + k8s_info: + kind: Pod + register: pod_list + +- name: Search for all Pods labelled app=web + k8s_info: + kind: Pod + label_selectors: + - app = web + - tier in (dev, test) + +- name: Search for all running pods + k8s_info: + kind: Pod + field_selectors: + - status.phase=Running +''' + +RETURN = ''' +resources: + description: + - The object(s) that exists + returned: success + type: complex + contains: + api_version: + description: The versioned schema of this representation of an object. + returned: success + type: str + kind: + description: Represents the REST resource this object represents. + returned: success + type: str + metadata: + description: Standard object metadata. Includes name, namespace, annotations, labels, etc. + returned: success + type: dict + spec: + description: Specific attributes of the object. Will vary based on the I(api_version) and I(kind). + returned: success + type: dict + status: + description: Current status details for the object. + returned: success + type: dict +''' + + +from ansible.module_utils.k8s.common import KubernetesAnsibleModule, AUTH_ARG_SPEC +import copy + + +class KubernetesInfoModule(KubernetesAnsibleModule): + + def __init__(self, *args, **kwargs): + KubernetesAnsibleModule.__init__(self, *args, + supports_check_mode=True, + **kwargs) + if self._name == 'k8s_facts': + self.deprecate("The 'k8s_facts' module has been renamed to 'k8s_info'", version='2.13') + + def execute_module(self): + self.client = self.get_api_client() + + self.exit_json(changed=False, + **self.kubernetes_facts(self.params['kind'], + self.params['api_version'], + self.params['name'], + self.params['namespace'], + self.params['label_selectors'], + self.params['field_selectors'])) + + @property + def argspec(self): + args = copy.deepcopy(AUTH_ARG_SPEC) + args.update( + dict( + kind=dict(required=True), + api_version=dict(default='v1', aliases=['api', 'version']), + name=dict(), + namespace=dict(), + label_selectors=dict(type='list', default=[]), + field_selectors=dict(type='list', default=[]), + ) + ) + return args + + +def main(): + KubernetesInfoModule().execute_module() + + +if __name__ == '__main__': + main() diff --git a/plugins/modules/k8s_scale.py b/plugins/modules/k8s_scale.py new file mode 100644 index 00000000..2afb0f95 --- /dev/null +++ b/plugins/modules/k8s_scale.py @@ -0,0 +1,129 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# (c) 2018, Chris Houseknecht <@chouseknecht> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + + +__metaclass__ = type + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = ''' + +module: k8s_scale + +short_description: Set a new size for a Deployment, ReplicaSet, Replication Controller, or Job. + +version_added: "2.5" + +author: + - "Chris Houseknecht (@chouseknecht)" + - "Fabian von Feilitzsch (@fabianvf)" + +description: + - Similar to the kubectl scale command. Use to set the number of replicas for a Deployment, ReplicaSet, + or Replication Controller, or the parallelism attribute of a Job. Supports check mode. + +extends_documentation_fragment: + - k8s_name_options + - k8s_auth_options + - k8s_resource_options + - k8s_scale_options + +requirements: + - "python >= 2.7" + - "openshift >= 0.6" + - "PyYAML >= 3.11" +''' + +EXAMPLES = ''' +- name: Scale deployment up, and extend timeout + k8s_scale: + api_version: v1 + kind: Deployment + name: elastic + namespace: myproject + replicas: 3 + wait_timeout: 60 + +- name: Scale deployment down when current replicas match + k8s_scale: + api_version: v1 + kind: Deployment + name: elastic + namespace: myproject + current_replicas: 3 + replicas: 2 + +- name: Increase job parallelism + k8s_scale: + api_version: batch/v1 + kind: job + name: pi-with-timeout + namespace: testing + replicas: 2 + +# Match object using local file or inline definition + +- name: Scale deployment based on a file from the local filesystem + k8s_scale: + src: /myproject/elastic_deployment.yml + replicas: 3 + wait: no + +- name: Scale deployment based on a template output + k8s_scale: + resource_definition: "{{ lookup('template', '/myproject/elastic_deployment.yml') | from_yaml }}" + replicas: 3 + wait: no + +- name: Scale deployment based on a file from the Ansible controller filesystem + k8s_scale: + resource_definition: "{{ lookup('file', '/myproject/elastic_deployment.yml') | from_yaml }}" + replicas: 3 + wait: no +''' + +RETURN = ''' +result: + description: + - If a change was made, will return the patched object, otherwise returns the existing object. + returned: success + type: complex + contains: + api_version: + description: The versioned schema of this representation of an object. + returned: success + type: str + kind: + description: Represents the REST resource this object represents. + returned: success + type: str + metadata: + description: Standard object metadata. Includes name, namespace, annotations, labels, etc. + returned: success + type: complex + spec: + description: Specific attributes of the object. Will vary based on the I(api_version) and I(kind). + returned: success + type: complex + status: + description: Current status details for the object. + returned: success + type: complex +''' + +from ansible.module_utils.k8s.scale import KubernetesAnsibleScaleModule + + +def main(): + KubernetesAnsibleScaleModule().execute_module() + + +if __name__ == '__main__': + main() diff --git a/plugins/modules/k8s_service.py b/plugins/modules/k8s_service.py new file mode 100644 index 00000000..82a89828 --- /dev/null +++ b/plugins/modules/k8s_service.py @@ -0,0 +1,267 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2018, KubeVirt Team <@kubevirt> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = ''' + +module: k8s_service + +short_description: Manage Services on Kubernetes + +version_added: "2.8" + +author: KubeVirt Team (@kubevirt) + +description: + - Use Openshift Python SDK to manage Services on Kubernetes + +extends_documentation_fragment: + - k8s_auth_options + +options: + resource_definition: + description: + - A partial YAML definition of the Service object being created/updated. Here you can define Kubernetes + Service Resource parameters not covered by this module's parameters. + - "NOTE: I(resource_definition) has lower priority than module parameters. If you try to define e.g. + I(metadata.namespace) here, that value will be ignored and I(metadata) used instead." + aliases: + - definition + - inline + type: dict + state: + description: + - Determines if an object should be created, patched, or deleted. When set to C(present), an object will be + created, if it does not already exist. If set to C(absent), an existing object will be deleted. If set to + C(present), an existing object will be patched, if its attributes differ from those specified using + module options and I(resource_definition). + default: present + choices: + - present + - absent + force: + description: + - If set to C(True), and I(state) is C(present), an existing object will be replaced. + default: false + type: bool + merge_type: + description: + - Whether to override the default patch merge approach with a specific type. By default, the strategic + merge will typically be used. + - For example, Custom Resource Definitions typically aren't updatable by the usual strategic merge. You may + want to use C(merge) if you see "strategic merge patch format is not supported" + - See U(https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment) + - Requires openshift >= 0.6.2 + - If more than one merge_type is given, the merge_types will be tried in order + - If openshift >= 0.6.2, this defaults to C(['strategic-merge', 'merge']), which is ideal for using the same parameters + on resource kinds that combine Custom Resources and built-in resources. For openshift < 0.6.2, the default + is simply C(strategic-merge). + choices: + - json + - merge + - strategic-merge + type: list + name: + description: + - Use to specify a Service object name. + required: true + type: str + namespace: + description: + - Use to specify a Service object namespace. + required: true + type: str + type: + description: + - Specifies the type of Service to create. + - See U(https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) + choices: + - NodePort + - ClusterIP + - LoadBalancer + - ExternalName + ports: + description: + - A list of ports to expose. + - U(https://kubernetes.io/docs/concepts/services-networking/service/#multi-port-services) + type: list + selector: + description: + - Label selectors identify objects this Service should apply to. + - U(https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) + type: dict + +requirements: + - python >= 2.7 + - openshift >= 0.6.2 +''' + +EXAMPLES = ''' +- name: Expose https port with ClusterIP + k8s_service: + state: present + name: test-https + namespace: default + ports: + - port: 443 + protocol: TCP + selector: + key: special + +- name: Expose https port with ClusterIP using spec + k8s_service: + state: present + name: test-https + namespace: default + inline: + spec: + ports: + - port: 443 + protocol: TCP + selector: + key: special +''' + +RETURN = ''' +result: + description: + - The created, patched, or otherwise present Service object. Will be empty in the case of a deletion. + returned: success + type: complex + contains: + api_version: + description: The versioned schema of this representation of an object. + returned: success + type: str + kind: + description: Always 'Service'. + returned: success + type: str + metadata: + description: Standard object metadata. Includes name, namespace, annotations, labels, etc. + returned: success + type: complex + spec: + description: Specific attributes of the object. Will vary based on the I(api_version) and I(kind). + returned: success + type: complex + status: + description: Current status details for the object. + returned: success + type: complex +''' + +import copy +import traceback + +from collections import defaultdict + +from ansible.module_utils.k8s.common import AUTH_ARG_SPEC, COMMON_ARG_SPEC +from ansible.module_utils.k8s.raw import KubernetesRawModule + + +SERVICE_ARG_SPEC = { + 'state': { + 'default': 'present', + 'choices': ['present', 'absent'], + }, + 'force': { + 'type': 'bool', + 'default': False, + }, + 'resource_definition': { + 'type': 'dict', + 'aliases': ['definition', 'inline'] + }, + 'name': {'required': True}, + 'namespace': {'required': True}, + 'merge_type': {'type': 'list', 'choices': ['json', 'merge', 'strategic-merge']}, + 'selector': {'type': 'dict'}, + 'type': { + 'type': 'str', + 'choices': [ + 'NodePort', 'ClusterIP', 'LoadBalancer', 'ExternalName' + ], + }, + 'ports': {'type': 'list'}, +} + + +class KubernetesService(KubernetesRawModule): + def __init__(self, *args, **kwargs): + super(KubernetesService, self).__init__(*args, k8s_kind='Service', **kwargs) + + @staticmethod + def merge_dicts(x, y): + for k in set(x.keys()).union(y.keys()): + if k in x and k in y: + if isinstance(x[k], dict) and isinstance(y[k], dict): + yield (k, dict(KubernetesService.merge_dicts(x[k], y[k]))) + else: + yield (k, y[k]) + elif k in x: + yield (k, x[k]) + else: + yield (k, y[k]) + + @property + def argspec(self): + """ argspec property builder """ + argument_spec = copy.deepcopy(AUTH_ARG_SPEC) + argument_spec.update(SERVICE_ARG_SPEC) + return argument_spec + + def execute_module(self): + """ Module execution """ + self.client = self.get_api_client() + + api_version = 'v1' + selector = self.params.get('selector') + service_type = self.params.get('type') + ports = self.params.get('ports') + + definition = defaultdict(defaultdict) + + definition['kind'] = 'Service' + definition['apiVersion'] = api_version + + def_spec = definition['spec'] + def_spec['type'] = service_type + def_spec['ports'] = ports + def_spec['selector'] = selector + + def_meta = definition['metadata'] + def_meta['name'] = self.params.get('name') + def_meta['namespace'] = self.params.get('namespace') + + # 'resource_definition:' has lower priority than module parameters + definition = dict(self.merge_dicts(self.resource_definitions[0], definition)) + + resource = self.find_resource('Service', api_version, fail=True) + definition = self.set_defaults(resource, definition) + result = self.perform_action(resource, definition) + + self.exit_json(**result) + + +def main(): + module = KubernetesService() + try: + module.execute_module() + except Exception as e: + module.fail_json(msg=str(e), exception=traceback.format_exc()) + + +if __name__ == '__main__': + main() diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index be9925fe..00000000 --- a/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -https://github.com/openshift/openshift-restclient-python/archive/master.tar.gz#egg=openshift diff --git a/tasks/main.yml b/tasks/main.yml deleted file mode 100644 index 55c73ccf..00000000 --- a/tasks/main.yml +++ /dev/null @@ -1,10 +0,0 @@ -# tasks/main.yml ---- - -- name: Install latest openshift client - pip: - name: https://github.com/openshift/openshift-restclient-python/archive/master.tar.gz - state: latest - virtualenv: "{{ virtualenv }}" - when: install_python_requirements - diff --git a/test/integration/targets/k8s/k8s/README.md b/test/integration/targets/k8s/k8s/README.md new file mode 100644 index 00000000..7cb72b16 --- /dev/null +++ b/test/integration/targets/k8s/k8s/README.md @@ -0,0 +1,23 @@ +Wait tests +---------- + +wait tests require at least one node, and don't work on the normal k8s +openshift-origin container as provided by ansible-test --docker -v k8s + +minikube, Kubernetes from Docker or any other Kubernetes service will +suffice. + +If kubectl is already using the right config file and context, you can +just do + +``` +cd test/integration/targets/k8s +./runme.sh -vv +``` + +otherwise set one or both of `K8S_AUTH_KUBECONFIG` and `K8S_AUTH_CONTEXT` +and use the same command + + + + diff --git a/test/integration/targets/k8s/k8s/aliases b/test/integration/targets/k8s/k8s/aliases new file mode 100644 index 00000000..326e6910 --- /dev/null +++ b/test/integration/targets/k8s/k8s/aliases @@ -0,0 +1,2 @@ +cloud/openshift +shippable/cloud/group1 diff --git a/test/integration/targets/k8s/k8s/defaults/main.yml b/test/integration/targets/k8s/k8s/defaults/main.yml new file mode 100644 index 00000000..68fde7c4 --- /dev/null +++ b/test/integration/targets/k8s/k8s/defaults/main.yml @@ -0,0 +1,32 @@ +recreate_crd_default_merge_expectation: recreate_crd is not failed + +k8s_pod_metadata: + labels: + app: "{{ k8s_pod_name }}" + +k8s_pod_spec: + containers: + - image: "{{ k8s_pod_image }}" + imagePullPolicy: Always + name: "{{ k8s_pod_name }}" + command: "{{ k8s_pod_command }}" + readinessProbe: + initialDelaySeconds: 15 + exec: + command: + - /bin/true + resources: + limits: + cpu: "100m" + memory: "100Mi" + ports: "{{ k8s_pod_ports }}" + +k8s_pod_command: [] + +k8s_pod_ports: [] + +k8s_pod_template: + metadata: "{{ k8s_pod_metadata }}" + spec: "{{ k8s_pod_spec }}" + +k8s_openshift: yes diff --git a/test/integration/targets/k8s/k8s/files/crd-resource.yml b/test/integration/targets/k8s/k8s/files/crd-resource.yml new file mode 100644 index 00000000..9804d4d1 --- /dev/null +++ b/test/integration/targets/k8s/k8s/files/crd-resource.yml @@ -0,0 +1,20 @@ +apiVersion: certmanager.k8s.io/v1alpha1 +kind: Certificate +metadata: + name: acme-crt +spec: + secretName: acme-crt-secret + dnsNames: + - foo.example.com + - bar.example.com + acme: + config: + - ingressClass: nginx + domains: + - foo.example.com + - bar.example.com + issuerRef: + name: letsencrypt-prod + # We can reference ClusterIssuers by changing the kind here. + # The default value is Issuer (i.e. a locally namespaced Issuer) + kind: Issuer diff --git a/test/integration/targets/k8s/k8s/files/kuard-extra-property.yml b/test/integration/targets/k8s/k8s/files/kuard-extra-property.yml new file mode 100644 index 00000000..2d5b7994 --- /dev/null +++ b/test/integration/targets/k8s/k8s/files/kuard-extra-property.yml @@ -0,0 +1,21 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: kuard + name: kuard + namespace: default +spec: + replicas: 3 + selector: + matchLabels: + app: kuard + unwanted: value + template: + metadata: + labels: + app: kuard + spec: + containers: + - image: gcr.io/kuar-demo/kuard-amd64:1 + name: kuard diff --git a/test/integration/targets/k8s/k8s/files/kuard-invalid-type.yml b/test/integration/targets/k8s/k8s/files/kuard-invalid-type.yml new file mode 100644 index 00000000..7a5f73d9 --- /dev/null +++ b/test/integration/targets/k8s/k8s/files/kuard-invalid-type.yml @@ -0,0 +1,20 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: kuard + name: kuard + namespace: default +spec: + replicas: hello + selector: + matchLabels: + app: kuard + template: + metadata: + labels: + app: kuard + spec: + containers: + - image: gcr.io/kuar-demo/kuard-amd64:1 + name: kuard diff --git a/test/integration/targets/k8s/k8s/files/setup-crd.yml b/test/integration/targets/k8s/k8s/files/setup-crd.yml new file mode 100644 index 00000000..a8e2d51e --- /dev/null +++ b/test/integration/targets/k8s/k8s/files/setup-crd.yml @@ -0,0 +1,14 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: certificates.certmanager.k8s.io +spec: + group: certmanager.k8s.io + version: v1alpha1 + scope: Namespaced + names: + kind: Certificate + plural: certificates + shortNames: + - cert + - certs diff --git a/test/integration/targets/k8s/k8s/meta/main.yml b/test/integration/targets/k8s/k8s/meta/main.yml new file mode 100644 index 00000000..1810d4be --- /dev/null +++ b/test/integration/targets/k8s/k8s/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_remote_tmp_dir diff --git a/test/integration/targets/k8s/k8s/tasks/append_hash.yml b/test/integration/targets/k8s/k8s/tasks/append_hash.yml new file mode 100644 index 00000000..876e876a --- /dev/null +++ b/test/integration/targets/k8s/k8s/tasks/append_hash.yml @@ -0,0 +1,68 @@ +- block: + - name: Ensure that append_hash namespace exists + k8s: + kind: Namespace + name: append-hash + + - name: create k8s_resource variable + set_fact: + k8s_resource: + metadata: + name: config-map-test + namespace: append-hash + apiVersion: v1 + kind: ConfigMap + data: + hello: world + + - name: Create config map + k8s: + definition: "{{ k8s_resource }}" + append_hash: yes + register: k8s_configmap1 + + - name: check configmap is created with a hash + assert: + that: + - k8s_configmap1 is changed + - k8s_configmap1.result.metadata.name != 'config-map-test' + - k8s_configmap1.result.metadata.name[:-10] == 'config-map-test-' + + - name: recreate same config map + k8s: + definition: "{{ k8s_resource }}" + append_hash: yes + register: k8s_configmap2 + + - name: check configmaps are different + assert: + that: + - k8s_configmap2 is not changed + - k8s_configmap1.result.metadata.name == k8s_configmap2.result.metadata.name + + - name: add key to config map + k8s: + definition: + metadata: + name: config-map-test + namespace: append-hash + apiVersion: v1 + kind: ConfigMap + data: + hello: world + another: value + append_hash: yes + register: k8s_configmap3 + + - name: check configmaps are different + assert: + that: + - k8s_configmap3 is changed + - k8s_configmap1.result.metadata.name != k8s_configmap3.result.metadata.name + + always: + - name: ensure that namespace is removed + k8s: + kind: Namespace + name: append-hash + state: absent diff --git a/test/integration/targets/k8s/k8s/tasks/apply.yml b/test/integration/targets/k8s/k8s/tasks/apply.yml new file mode 100644 index 00000000..abfda06a --- /dev/null +++ b/test/integration/targets/k8s/k8s/tasks/apply.yml @@ -0,0 +1,191 @@ +- block: + - python_requirements_info: + dependencies: + - openshift + - kubernetes + + - set_fact: + apply_namespace: apply + + - name: ensure namespace exists + k8s: + definition: + apiVersion: v1 + kind: Namespace + metadata: + name: "{{ apply_namespace }}" + + - name: add a configmap + k8s: + name: "apply-configmap" + namespace: "{{ apply_namespace }}" + definition: + kind: ConfigMap + apiVersion: v1 + data: + one: "1" + two: "2" + three: "3" + apply: yes + register: k8s_configmap + + - name: check configmap was created + assert: + that: + - k8s_configmap is changed + - k8s_configmap.result.metadata.annotations|default(False) + + - name: add same configmap again + k8s: + definition: + kind: ConfigMap + apiVersion: v1 + metadata: + name: "apply-configmap" + namespace: "{{ apply_namespace }}" + data: + one: "1" + two: "2" + three: "3" + apply: yes + register: k8s_configmap_2 + + - name: check nothing changed + assert: + that: + - k8s_configmap_2 is not changed + + - name: add same configmap again with check mode on + k8s: + definition: + kind: ConfigMap + apiVersion: v1 + metadata: + name: "apply-configmap" + namespace: "{{ apply_namespace }}" + data: + one: "1" + two: "2" + three: "3" + apply: yes + check_mode: yes + register: k8s_configmap_check + + - name: check nothing changed + assert: + that: + - k8s_configmap_check is not changed + + - name: add same configmap again but using name and namespace args + k8s: + name: "apply-configmap" + namespace: "{{ apply_namespace }}" + definition: + kind: ConfigMap + apiVersion: v1 + data: + one: "1" + two: "2" + three: "3" + apply: yes + register: k8s_configmap_2a + + - name: check nothing changed + assert: + that: + - k8s_configmap_2a is not changed + + - name: update configmap + k8s: + definition: + kind: ConfigMap + apiVersion: v1 + metadata: + name: "apply-configmap" + namespace: "{{ apply_namespace }}" + data: + one: "1" + three: "3" + four: "4" + apply: yes + register: k8s_configmap_3 + + - name: ensure that configmap has been correctly updated + assert: + that: + - k8s_configmap_3 is changed + - "'four' in k8s_configmap_3.result.data" + - "'two' not in k8s_configmap_3.result.data" + + - name: add a service + k8s: + definition: + apiVersion: v1 + kind: Service + metadata: + name: apply-svc + namespace: "{{ apply_namespace }}" + spec: + selector: + app: whatever + ports: + - name: http + port: 8080 + targetPort: 8080 + apply: yes + register: k8s_service + + - name: add exactly same service + k8s: + definition: + apiVersion: v1 + kind: Service + metadata: + name: apply-svc + namespace: "{{ apply_namespace }}" + spec: + selector: + app: whatever + ports: + - name: http + port: 8080 + targetPort: 8080 + apply: yes + register: k8s_service_2 + + - name: check nothing changed + assert: + that: + - k8s_service_2 is not changed + + - name: change service ports + k8s: + definition: + apiVersion: v1 + kind: Service + metadata: + name: apply-svc + namespace: "{{ apply_namespace }}" + spec: + selector: + app: whatever + ports: + - name: http + port: 8081 + targetPort: 8081 + apply: yes + register: k8s_service_3 + + - name: check ports are correct + assert: + that: + - k8s_service_3 is changed + - k8s_service_3.result.spec.ports | length == 1 + - k8s_service_3.result.spec.ports[0].port == 8081 + + always: + - name: remove namespace + k8s: + kind: Namespace + name: "{{ apply_namespace }}" + state: absent diff --git a/test/integration/targets/k8s/k8s/tasks/crd.yml b/test/integration/targets/k8s/k8s/tasks/crd.yml new file mode 100644 index 00000000..c9e47632 --- /dev/null +++ b/test/integration/targets/k8s/k8s/tasks/crd.yml @@ -0,0 +1,71 @@ +# TODO: This is the only way I could get the kubeconfig, I don't know why. Running the lookup outside of debug seems to return an empty string +#- debug: msg={{ lookup('env', 'K8S_AUTH_KUBECONFIG') }} +# register: kubeconfig + +# Kubernetes resources + +- block: + - name: Create a namespace + k8s: + name: crd + kind: Namespace + + - name: install custom resource definitions + k8s: + definition: "{{ lookup('file', role_path + '/files/setup-crd.yml') }}" + + - name: pause 5 seconds to avoid race condition + pause: + seconds: 5 + + - name: create custom resource definition + k8s: + definition: "{{ lookup('file', role_path + '/files/crd-resource.yml') }}" + namespace: crd + apply: "{{ create_crd_with_apply | default(omit) }}" + register: create_crd + + - name: patch custom resource definition + k8s: + definition: "{{ lookup('file', role_path + '/files/crd-resource.yml') }}" + namespace: crd + register: recreate_crd + ignore_errors: yes + + - name: assert that recreating crd is as expected + assert: + that: + - recreate_crd_default_merge_expectation + + - block: + - name: recreate custom resource definition with merge_type + k8s: + definition: "{{ lookup('file', role_path + '/files/crd-resource.yml') }}" + merge_type: merge + namespace: crd + register: recreate_crd_with_merge + + - name: recreate custom resource definition with merge_type list + k8s: + definition: "{{ lookup('file', role_path + '/files/crd-resource.yml') }}" + merge_type: + - strategic-merge + - merge + namespace: crd + register: recreate_crd_with_merge_list + when: recreate_crd is successful + + + - name: remove crd + k8s: + definition: "{{ lookup('file', role_path + '/files/crd-resource.yml') }}" + namespace: crd + state: absent + + always: + - name: remove crd namespace + k8s: + kind: Namespace + name: crd + state: absent + ignore_errors: yes diff --git a/test/integration/targets/k8s/k8s/tasks/delete.yml b/test/integration/targets/k8s/k8s/tasks/delete.yml new file mode 100644 index 00000000..fef6e5e9 --- /dev/null +++ b/test/integration/targets/k8s/k8s/tasks/delete.yml @@ -0,0 +1,101 @@ +- name: ensure that there are actually some nodes + k8s_info: + kind: Node + register: nodes + +- block: + - set_fact: + delete_namespace: delete + + - name: ensure namespace exists + k8s: + definition: + apiVersion: v1 + kind: Namespace + metadata: + name: "{{ delete_namespace }}" + + - name: add a daemonset + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: DaemonSet + metadata: + name: delete-daemonset + namespace: "{{ delete_namespace }}" + spec: + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + template: "{{ k8s_pod_template }}" + wait: yes + wait_timeout: 180 + vars: + k8s_pod_name: delete-ds + k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:1 + register: ds + + - name: check that daemonset wait worked + assert: + that: + - ds.result.status.currentNumberScheduled == ds.result.status.desiredNumberScheduled + + - name: check if pods exist + k8s_info: + namespace: "{{ delete_namespace }}" + kind: Pod + label_selectors: + - "app={{ k8s_pod_name }}" + vars: + k8s_pod_name: delete-ds + register: pods_create + + - name: assert that there are pods + assert: + that: + - pods_create.resources + + - name: remove the daemonset + k8s: + kind: DaemonSet + name: delete-daemonset + namespace: "{{ delete_namespace }}" + state: absent + wait: yes + + - name: show status of pods + k8s_info: + namespace: "{{ delete_namespace }}" + kind: Pod + label_selectors: + - "app={{ k8s_pod_name }}" + vars: + k8s_pod_name: delete-ds + + - name: wait for background deletion + pause: + seconds: 30 + + - name: check if pods still exist + k8s_info: + namespace: "{{ delete_namespace }}" + kind: Pod + label_selectors: + - "app={{ k8s_pod_name }}" + vars: + k8s_pod_name: delete-ds + register: pods_delete + + - name: assert that deleting the daemonset deleted the pods + assert: + that: + - not pods_delete.resources + + always: + - name: remove namespace + k8s: + kind: Namespace + name: "{{ delete_namespace }}" + state: absent + + when: (nodes.resources | length) > 0 diff --git a/test/integration/targets/k8s/k8s/tasks/full_test.yml b/test/integration/targets/k8s/k8s/tasks/full_test.yml new file mode 100644 index 00000000..fdf3d700 --- /dev/null +++ b/test/integration/targets/k8s/k8s/tasks/full_test.yml @@ -0,0 +1,375 @@ +# TODO: This is the only way I could get the kubeconfig, I don't know why. Running the lookup outside of debug seems to return an empty string +#- debug: msg={{ lookup('env', 'K8S_AUTH_KUBECONFIG') }} +# register: kubeconfig + +# Kubernetes resources + +- include_tasks: delete.yml +- include_tasks: apply.yml +- include_tasks: waiter.yml + +- block: + - name: Create a namespace + k8s: + name: testing + kind: Namespace + register: output + + - name: show output + debug: + var: output + + - name: Setting validate_certs to true causes a failure + k8s: + name: testing + kind: Namespace + validate_certs: yes + ignore_errors: yes + register: output + + - name: assert that validate_certs caused a failure (and therefore was correctly translated to verify_ssl) + assert: + that: + - output is failed + + - name: k8s_info works with empty resources + k8s_info: + kind: Deployment + namespace: testing + api_version: extensions/v1beta1 + register: k8s_info + + - name: assert that k8s_info is in correct format + assert: + that: + - "'resources' in k8s_info" + - not k8s_info.resources + + - name: Create a service + k8s: + state: present + resource_definition: &svc + apiVersion: v1 + kind: Service + metadata: + name: web + namespace: testing + labels: + app: galaxy + service: web + spec: + selector: + app: galaxy + service: web + ports: + - protocol: TCP + targetPort: 8000 + name: port-8000-tcp + port: 8000 + register: output + + - name: show output + debug: + var: output + + - name: Create the service again + k8s: + state: present + resource_definition: *svc + register: output + + - name: Service creation should be idempotent + assert: + that: not output.changed + + - name: Create a ConfigMap + k8s: + kind: ConfigMap + name: test-force-update + namespace: testing + definition: + data: + key: value + + - name: Force update ConfigMap + k8s: + kind: ConfigMap + name: test-force-update + namespace: testing + definition: + data: + key: newvalue + force: yes + + - name: Create PVC + k8s: + state: present + inline: &pvc + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: elastic-volume + namespace: testing + spec: + resources: + requests: + storage: 5Gi + accessModes: + - ReadWriteOnce + + - name: Show output + debug: + var: output + + - name: Create the PVC again + k8s: + state: present + inline: *pvc + + - name: PVC creation should be idempotent + assert: + that: not output.changed + + - name: Create deployment + k8s: + state: present + inline: &deployment + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: elastic + labels: + app: galaxy + service: elastic + namespace: testing + spec: + template: + metadata: + labels: + app: galaxy + service: elastic + spec: + containers: + - name: elastic + volumeMounts: + - mountPath: /usr/share/elasticsearch/data + name: elastic-volume + command: ['elasticsearch'] + image: 'ansible/galaxy-elasticsearch:2.4.6' + volumes: + - name: elastic-volume + persistentVolumeClaim: + claimName: elastic-volume + replicas: 1 + strategy: + type: RollingUpdate + register: output + + - name: Show output + debug: + var: output + + - name: Create deployment again + k8s: + state: present + inline: *deployment + register: output + + - name: Deployment creation should be idempotent + assert: + that: not output.changed + + - debug: + var: k8s_openshift + + - include: openshift.yml + when: k8s_openshift | bool + + ### Type tests + - name: Create a namespace from a string + k8s: + definition: |+ + --- + kind: Namespace + apiVersion: v1 + metadata: + name: testing1 + + - name: Namespace should exist + k8s_info: + kind: Namespace + api_version: v1 + name: testing1 + register: k8s_info_testing1 + failed_when: not k8s_info_testing1.resources or k8s_info_testing1.resources[0].status.phase != "Active" + + - name: Create resources from a multidocument yaml string + k8s: + definition: |+ + --- + kind: Namespace + apiVersion: v1 + metadata: + name: testing2 + --- + kind: Namespace + apiVersion: v1 + metadata: + name: testing3 + + - name: Lookup namespaces + k8s_info: + api_version: v1 + kind: Namespace + name: "{{ item }}" + loop: + - testing2 + - testing3 + register: k8s_namespaces + + - name: Resources should exist + assert: + that: item.resources[0].status.phase == 'Active' + loop: "{{ k8s_namespaces.results }}" + + - name: Delete resources from a multidocument yaml string + k8s: + state: absent + definition: |+ + --- + kind: Namespace + apiVersion: v1 + metadata: + name: testing2 + --- + kind: Namespace + apiVersion: v1 + metadata: + name: testing3 + + - name: Lookup namespaces + k8s_info: + api_version: v1 + kind: Namespace + name: "{{ item }}" + loop: + - testing2 + - testing3 + register: k8s_namespaces + + - name: Resources should not exist + assert: + that: + - not item.resources or item.resources[0].status.phase == "Terminating" + loop: "{{ k8s_namespaces.results }}" + + - name: Create resources from a list + k8s: + definition: + - kind: Namespace + apiVersion: v1 + metadata: + name: testing4 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing5 + + - name: Lookup namespaces + k8s_info: + api_version: v1 + kind: Namespace + name: "{{ item }}" + loop: + - testing4 + - testing5 + register: k8s_namespaces + + - name: Resources should exist + assert: + that: item.resources[0].status.phase == 'Active' + loop: "{{ k8s_namespaces.results }}" + + - name: Delete resources from a list + k8s: + state: absent + definition: + - kind: Namespace + apiVersion: v1 + metadata: + name: testing4 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing5 + + - k8s_info: + api_version: v1 + kind: Namespace + name: "{{ item }}" + loop: + - testing4 + - testing5 + register: k8s_info + + - name: Resources are terminating if still in results + assert: + that: not item.resources or item.resources[0].status.phase == "Terminating" + loop: "{{ k8s_info.results }}" + + - name: Create resources from a yaml string ending with --- + k8s: + definition: |+ + --- + kind: Namespace + apiVersion: v1 + metadata: + name: testing6 + --- + + - name: Namespace should exist + k8s_info: + kind: Namespace + api_version: v1 + name: testing6 + register: k8s_info_testing6 + failed_when: not k8s_info_testing6.resources or k8s_info_testing6.resources[0].status.phase != "Active" + + - include_tasks: crd.yml + - include_tasks: lists.yml + - include_tasks: append_hash.yml + + always: + - name: Delete all namespaces + k8s: + state: absent + definition: + - kind: Namespace + apiVersion: v1 + metadata: + name: testing + - kind: Namespace + apiVersion: v1 + metadata: + name: testing1 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing2 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing3 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing4 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing5 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing6 + ignore_errors: yes diff --git a/test/integration/targets/k8s/k8s/tasks/lists.yml b/test/integration/targets/k8s/k8s/tasks/lists.yml new file mode 100644 index 00000000..4d464df7 --- /dev/null +++ b/test/integration/targets/k8s/k8s/tasks/lists.yml @@ -0,0 +1,140 @@ +--- + +- name: Ensure testing1 namespace exists + k8s: + api_version: v1 + kind: Namespace + name: testing1 + +- block: + - name: Create configmaps + k8s: + namespace: testing1 + definition: + apiVersion: v1 + kind: ConfigMapList + items: '{{ configmaps }}' + + - name: Get ConfigMaps + k8s_info: + api_version: v1 + kind: ConfigMap + namespace: testing1 + label_selectors: + - app=test + register: cms + + - name: All three configmaps should exist + assert: + that: item.data.a is defined + with_items: '{{ cms.resources }}' + + - name: Delete configmaps + k8s: + state: absent + namespace: testing1 + definition: + apiVersion: v1 + kind: ConfigMapList + items: '{{ configmaps }}' + + - name: Get ConfigMaps + k8s_info: + api_version: v1 + kind: ConfigMap + namespace: testing1 + label_selectors: + - app=test + register: cms + + - name: All three configmaps should not exist + assert: + that: not cms.resources + vars: + configmaps: + - metadata: + name: list-example-1 + labels: + app: test + data: + a: first + - metadata: + name: list-example-2 + labels: + app: test + data: + a: second + - metadata: + name: list-example-3 + labels: + app: test + data: + a: third + +- block: + - name: Create list of arbitrary resources + k8s: + namespace: testing1 + definition: + apiVersion: v1 + kind: List + namespace: testing1 + items: '{{ resources }}' + + - name: Get the created resources + k8s_info: + api_version: '{{ item.apiVersion }}' + kind: '{{ item.kind }}' + namespace: testing1 + name: '{{ item.metadata.name }}' + register: list_resources + with_items: '{{ resources }}' + + - name: All resources should exist + assert: + that: ((list_resources.results | sum(attribute="resources", start=[])) | length) == (resources | length) + + - name: Delete list of arbitrary resources + k8s: + state: absent + namespace: testing1 + definition: + apiVersion: v1 + kind: List + namespace: testing1 + items: '{{ resources }}' + + - name: Get the resources + k8s_info: + api_version: '{{ item.apiVersion }}' + kind: '{{ item.kind }}' + namespace: testing1 + name: '{{ item.metadata.name }}' + register: list_resources + with_items: '{{ resources }}' + + - name: The resources should not exist + assert: + that: not ((list_resources.results | sum(attribute="resources", start=[])) | length) + vars: + resources: + - apiVersion: v1 + kind: ConfigMap + metadata: + name: list-example-4 + data: + key: value + - apiVersion: v1 + kind: Service + metadata: + name: list-example-svc + labels: + app: test + spec: + selector: + app: test + ports: + - protocol: TCP + targetPort: 8000 + name: port-8000-tcp + port: 8000 diff --git a/test/integration/targets/k8s/k8s/tasks/main.yml b/test/integration/targets/k8s/k8s/tasks/main.yml new file mode 100644 index 00000000..bb11bbc6 --- /dev/null +++ b/test/integration/targets/k8s/k8s/tasks/main.yml @@ -0,0 +1,92 @@ +- set_fact: + virtualenv: "{{ remote_tmp_dir }}/virtualenv" + virtualenv_command: "{{ ansible_python_interpreter }} -m virtualenv" + +- set_fact: + virtualenv_interpreter: "{{ virtualenv }}/bin/python" + +- pip: + name: virtualenv + +# Test graceful failure for missing kubernetes-validate + +- pip: + name: + - openshift>=0.9.2 + - coverage + virtualenv: "{{ virtualenv }}" + virtualenv_command: "{{ virtualenv_command }}" + virtualenv_site_packages: no + +- include_tasks: validate_not_installed.yml + vars: + ansible_python_interpreter: "{{ virtualenv_interpreter }}" + +- file: + path: "{{ virtualenv }}" + state: absent + no_log: yes + +# Test validate with kubernetes-validate + +- pip: + name: + - kubernetes-validate==1.12.0 + - openshift>=0.9.2 + - coverage + virtualenv: "{{ virtualenv }}" + virtualenv_command: "{{ virtualenv_command }}" + virtualenv_site_packages: no + +- include_tasks: validate_installed.yml + vars: + ansible_python_interpreter: "{{ virtualenv_interpreter }}" + playbook_namespace: ansible-test-k8s-validate + +- file: + path: "{{ virtualenv }}" + state: absent + no_log: yes + +# Test graceful failure for older versions of openshift + +- pip: + name: + - openshift==0.6.0 + - kubernetes==6.0.0 + - coverage + virtualenv: "{{ virtualenv }}" + virtualenv_command: "{{ virtualenv_command }}" + virtualenv_site_packages: no + +- include_tasks: older_openshift_fail.yml + vars: + ansible_python_interpreter: "{{ virtualenv_interpreter }}" + recreate_crd_default_merge_expectation: recreate_crd is failed + playbook_namespace: ansible-test-k8s-older-openshift + +- file: + path: "{{ virtualenv }}" + state: absent + no_log: yes + +# Run full test suite + +- pip: + name: + - openshift>=0.9.2 + - coverage + virtualenv: "{{ virtualenv }}" + virtualenv_command: "{{ virtualenv_command }}" + virtualenv_site_packages: no + +- include_tasks: full_test.yml + vars: + ansible_python_interpreter: "{{ virtualenv_interpreter }}" + create_crd_with_apply: no + playbook_namespace: ansible-test-k8s-full + +- file: + path: "{{ virtualenv }}" + state: absent + no_log: yes diff --git a/test/integration/targets/k8s/k8s/tasks/older_openshift_fail.yml b/test/integration/targets/k8s/k8s/tasks/older_openshift_fail.yml new file mode 100644 index 00000000..2acf3d21 --- /dev/null +++ b/test/integration/targets/k8s/k8s/tasks/older_openshift_fail.yml @@ -0,0 +1,69 @@ + - python_requirements_info: + dependencies: + - openshift==0.6.0 + - kubernetes==6.0.0 + + # append_hash + - name: use append_hash with ConfigMap + k8s: + definition: + metadata: + name: config-map-test + namespace: "{{ playbook_namespace }}" + apiVersion: v1 + kind: ConfigMap + data: + hello: world + append_hash: yes + ignore_errors: yes + register: k8s_append_hash + + - name: assert that append_hash fails gracefully + assert: + that: + - k8s_append_hash is failed + - "'Failed to import the required Python library (openshift >= 0.7.2)' in k8s_append_hash.msg" + - "'. This is required for append_hash.' in k8s_append_hash.msg" + + # validate + - name: attempt to use validate with older openshift + k8s: + definition: + metadata: + name: config-map-test + namespace: "{{ playbook_namespace }}" + apiVersion: v1 + kind: ConfigMap + data: + hello: world + validate: + fail_on_error: yes + ignore_errors: yes + register: k8s_validate + + - name: assert that validate fails gracefully + assert: + that: + - k8s_validate is failed + - "k8s_validate.msg == 'openshift >= 0.8.0 is required for validate'" + + # apply + - name: attempt to use apply with older openshift + k8s: + definition: + metadata: + name: config-map-test + namespace: "{{ playbook_namespace }}" + apiVersion: v1 + kind: ConfigMap + data: + hello: world + apply: yes + ignore_errors: yes + register: k8s_apply + + - name: assert that apply fails gracefully + assert: + that: + - k8s_apply is failed + - "k8s_apply.msg.startswith('Failed to import the required Python library (openshift >= 0.9.2)')" diff --git a/test/integration/targets/k8s/k8s/tasks/openshift.yml b/test/integration/targets/k8s/k8s/tasks/openshift.yml new file mode 100644 index 00000000..f4a90061 --- /dev/null +++ b/test/integration/targets/k8s/k8s/tasks/openshift.yml @@ -0,0 +1,61 @@ +# OpenShift Resources +- name: Create a project + k8s: + name: testing + kind: Project + api_version: v1 + apply: no + register: output + +- name: show output + debug: + var: output + +- name: Create deployment config + k8s: + state: present + inline: &dc + apiVersion: v1 + kind: DeploymentConfig + metadata: + name: elastic + labels: + app: galaxy + service: elastic + namespace: testing + spec: + template: + metadata: + labels: + app: galaxy + service: elastic + spec: + containers: + - name: elastic + volumeMounts: + - mountPath: /usr/share/elasticsearch/data + name: elastic-volume + command: ['elasticsearch'] + image: 'ansible/galaxy-elasticsearch:2.4.6' + volumes: + - name: elastic-volume + persistentVolumeClaim: + claimName: elastic-volume + replicas: 1 + strategy: + type: Rolling + register: output + +- name: Show output + debug: + var: output + +- name: Create deployment config again + k8s: + state: present + inline: *dc + register: output + +- name: DC creation should be idempotent + assert: + that: not output.changed diff --git a/test/integration/targets/k8s/k8s/tasks/validate_installed.yml b/test/integration/targets/k8s/k8s/tasks/validate_installed.yml new file mode 100644 index 00000000..224bd2eb --- /dev/null +++ b/test/integration/targets/k8s/k8s/tasks/validate_installed.yml @@ -0,0 +1,125 @@ +- block: + - name: Create a namespace + k8s: + name: "{{ playbook_namespace }}" + kind: Namespace + + - copy: + src: files + dest: "{{ remote_tmp_dir }}" + + - name: incredibly simple ConfigMap + k8s: + definition: + apiVersion: v1 + kind: ConfigMap + metadata: + name: hello + namespace: "{{ playbook_namespace }}" + validate: + fail_on_error: yes + register: k8s_with_validate + + - name: assert that k8s_with_validate succeeds + assert: + that: + - k8s_with_validate is successful + + - name: extra property does not fail without strict + k8s: + src: "{{ remote_tmp_dir }}/files/kuard-extra-property.yml" + namespace: "{{ playbook_namespace }}" + validate: + fail_on_error: yes + strict: no + + - name: extra property fails with strict + k8s: + src: "{{ remote_tmp_dir }}/files/kuard-extra-property.yml" + namespace: "{{ playbook_namespace }}" + validate: + fail_on_error: yes + strict: yes + ignore_errors: yes + register: extra_property + + - name: check that extra property fails with strict + assert: + that: + - extra_property is failed + + - name: invalid type fails at validation stage + k8s: + src: "{{ remote_tmp_dir }}/files/kuard-invalid-type.yml" + namespace: "{{ playbook_namespace }}" + validate: + fail_on_error: yes + strict: no + ignore_errors: yes + register: invalid_type + + - name: check that invalid type fails + assert: + that: + - invalid_type is failed + + - name: invalid type fails with warnings when fail_on_error is False + k8s: + src: "{{ remote_tmp_dir }}/files/kuard-invalid-type.yml" + namespace: "{{ playbook_namespace }}" + validate: + fail_on_error: no + strict: no + ignore_errors: yes + register: invalid_type_no_fail + + - name: check that invalid type fails + assert: + that: + - invalid_type_no_fail is failed + + - name: setup custom resource definition + k8s: + src: "{{ remote_tmp_dir }}/files/setup-crd.yml" + + - name: wait a few seconds + pause: + seconds: 5 + + - name: add custom resource definition + k8s: + src: "{{ remote_tmp_dir }}/files/crd-resource.yml" + namespace: "{{ playbook_namespace }}" + validate: + fail_on_error: yes + strict: yes + register: unknown_kind + + - name: check that unknown kind warns + assert: + that: + - unknown_kind is successful + - "'warnings' in unknown_kind" + + always: + - name: remove custom resource + k8s: + definition: "{{ lookup('file', role_path + '/files/crd-resource.yml') }}" + namespace: "{{ playbook_namespace }}" + state: absent + ignore_errors: yes + + - name: remove custom resource definitions + k8s: + definition: "{{ lookup('file', role_path + '/files/setup-crd.yml') }}" + state: absent + + - name: Delete namespace + k8s: + state: absent + definition: + - kind: Namespace + apiVersion: v1 + metadata: + name: "{{ playbook_namespace }}" + ignore_errors: yes diff --git a/test/integration/targets/k8s/k8s/tasks/validate_not_installed.yml b/test/integration/targets/k8s/k8s/tasks/validate_not_installed.yml new file mode 100644 index 00000000..ecd17f7e --- /dev/null +++ b/test/integration/targets/k8s/k8s/tasks/validate_not_installed.yml @@ -0,0 +1,23 @@ + - python_requirements_info: + dependencies: + - openshift + - kubernetes + - kubernetes-validate + + - k8s: + definition: + apiVersion: v1 + kind: ConfigMap + metadata: + name: hello + namespace: default + validate: + fail_on_error: yes + ignore_errors: yes + register: k8s_no_validate + + - name: assert that k8s_no_validate fails gracefully + assert: + that: + - k8s_no_validate is failed + - "k8s_no_validate.msg == 'kubernetes-validate python library is required to validate resources'" diff --git a/test/integration/targets/k8s/k8s/tasks/waiter.yml b/test/integration/targets/k8s/k8s/tasks/waiter.yml new file mode 100644 index 00000000..757d7899 --- /dev/null +++ b/test/integration/targets/k8s/k8s/tasks/waiter.yml @@ -0,0 +1,355 @@ +- name: ensure that there are actually some nodes + k8s_info: + kind: Node + register: nodes + +- block: + - set_fact: + wait_namespace: wait + + - name: ensure namespace exists + k8s: + definition: + apiVersion: v1 + kind: Namespace + metadata: + name: "{{ wait_namespace }}" + + - name: add a simple pod + k8s: + definition: + apiVersion: v1 + kind: Pod + metadata: + name: "{{ k8s_pod_name }}" + namespace: "{{ wait_namespace }}" + spec: "{{ k8s_pod_spec }}" + wait: yes + vars: + k8s_pod_name: wait-pod + k8s_pod_image: alpine:3.8 + k8s_pod_command: + - sleep + - "10000" + register: wait_pod + ignore_errors: yes + + - name: assert that pod creation succeeded + assert: + that: + - wait_pod is successful + + - name: add a daemonset + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: DaemonSet + metadata: + name: wait-daemonset + namespace: "{{ wait_namespace }}" + spec: + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + template: "{{ k8s_pod_template }}" + wait: yes + wait_sleep: 3 + wait_timeout: 180 + vars: + k8s_pod_name: wait-ds + k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:1 + register: ds + + - name: check that daemonset wait worked + assert: + that: + - ds.result.status.currentNumberScheduled == ds.result.status.desiredNumberScheduled + + - name: update a daemonset in check_mode + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: DaemonSet + metadata: + name: wait-daemonset + namespace: "{{ wait_namespace }}" + spec: + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + updateStrategy: + type: RollingUpdate + template: "{{ k8s_pod_template }}" + wait: yes + wait_sleep: 3 + wait_timeout: 180 + vars: + k8s_pod_name: wait-ds + k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:2 + register: update_ds_check_mode + + - name: check that check_mode returned changed + assert: + that: + - update_ds_check_mode is changed + + - name: update a daemonset + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: DaemonSet + metadata: + name: wait-daemonset + namespace: "{{ wait_namespace }}" + spec: + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + updateStrategy: + type: RollingUpdate + template: "{{ k8s_pod_template }}" + wait: yes + wait_sleep: 3 + wait_timeout: 180 + vars: + k8s_pod_name: wait-ds + k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:3 + register: ds + + - name: get updated pods + k8s_info: + api_version: v1 + kind: Pod + namespace: "{{ wait_namespace }}" + label_selectors: + - app=wait-ds + register: updated_ds_pods + + - name: check that daemonset wait worked + assert: + that: + - ds.result.status.currentNumberScheduled == ds.result.status.desiredNumberScheduled + - updated_ds_pods.resources[0].spec.containers[0].image.endswith(":3") + + - name: add a crashing pod + k8s: + definition: + apiVersion: v1 + kind: Pod + metadata: + name: "{{ k8s_pod_name }}" + namespace: "{{ wait_namespace }}" + spec: "{{ k8s_pod_spec }}" + wait: yes + wait_sleep: 1 + wait_timeout: 30 + vars: + k8s_pod_name: wait-crash-pod + k8s_pod_image: alpine:3.8 + k8s_pod_command: + - /bin/false + register: crash_pod + ignore_errors: yes + + - name: check that task failed + assert: + that: + - crash_pod is failed + + - name: use a non-existent image + k8s: + definition: + apiVersion: v1 + kind: Pod + metadata: + name: "{{ k8s_pod_name }}" + namespace: "{{ wait_namespace }}" + spec: "{{ k8s_pod_spec }}" + wait: yes + wait_sleep: 1 + wait_timeout: 30 + vars: + k8s_pod_name: wait-no-image-pod + k8s_pod_image: i_made_this_up:and_this_too + register: no_image_pod + ignore_errors: yes + + - name: check that task failed + assert: + that: + - no_image_pod is failed + + - name: add a deployment + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: wait-deploy + namespace: "{{ wait_namespace }}" + spec: + replicas: 3 + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + template: "{{ k8s_pod_template }}" + wait: yes + vars: + k8s_pod_name: wait-deploy + k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:1 + k8s_pod_ports: + - containerPort: 8080 + name: http + protocol: TCP + + register: deploy + + - name: check that deployment wait worked + assert: + that: + - deploy.result.status.availableReplicas == deploy.result.status.replicas + + - name: update a deployment + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: wait-deploy + namespace: "{{ wait_namespace }}" + spec: + replicas: 3 + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + template: "{{ k8s_pod_template }}" + wait: yes + vars: + k8s_pod_name: wait-deploy + k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:2 + k8s_pod_ports: + - containerPort: 8080 + name: http + protocol: TCP + register: update_deploy + + - name: get updated pods + k8s_info: + api_version: v1 + kind: Pod + namespace: "{{ wait_namespace }}" + label_selectors: + - app=wait-deploy + register: updated_deploy_pods + + - name: check that deployment wait worked + assert: + that: + - deploy.result.status.availableReplicas == deploy.result.status.replicas + - updated_deploy_pods.resources[0].spec.containers[0].image.endswith(":2") + + - name: pause a deployment + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: wait-deploy + namespace: "{{ wait_namespace }}" + spec: + paused: True + apply: no + wait: yes + wait_condition: + type: Progressing + status: Unknown + reason: DeploymentPaused + register: pause_deploy + + - name: check that paused deployment wait worked + assert: + that: + - condition.reason == "DeploymentPaused" + - condition.status == "Unknown" + vars: + condition: '{{ pause_deploy.result.status.conditions | json_query("[?type==`Progressing`]") | first }}' + + - name: add a service based on the deployment + k8s: + definition: + apiVersion: v1 + kind: Service + metadata: + name: wait-svc + namespace: "{{ wait_namespace }}" + spec: + selector: + app: "{{ k8s_pod_name }}" + ports: + - port: 8080 + targetPort: 8080 + protocol: TCP + wait: yes + vars: + k8s_pod_name: wait-deploy + register: service + + - name: assert that waiting for service works + assert: + that: + - service is successful + + - name: add a crashing deployment + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: wait-crash-deploy + namespace: "{{ wait_namespace }}" + spec: + replicas: 3 + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + template: "{{ k8s_pod_template }}" + wait: yes + vars: + k8s_pod_name: wait-crash-deploy + k8s_pod_image: alpine:3.8 + k8s_pod_command: + - /bin/false + register: wait_crash_deploy + ignore_errors: yes + + - name: check that task failed + assert: + that: + - wait_crash_deploy is failed + + - name: remove Pod with very short timeout + k8s: + api_version: v1 + kind: Pod + name: wait-pod + namespace: "{{ wait_namespace }}" + state: absent + wait: yes + wait_sleep: 2 + wait_timeout: 5 + ignore_errors: yes + register: short_wait_remove_pod + + - name: check that task failed + assert: + that: + - short_wait_remove_pod is failed + + always: + - name: remove namespace + k8s: + kind: Namespace + name: "{{ wait_namespace }}" + state: absent + + when: (nodes.resources | length) > 0 diff --git a/tests/ansible.cfg b/tests/ansible.cfg deleted file mode 100644 index 914479ca..00000000 --- a/tests/ansible.cfg +++ /dev/null @@ -1,4 +0,0 @@ -[defaults] -command_warnings = False -system_warnings = False -deprecation_warnings = False diff --git a/tests/inventory b/tests/inventory deleted file mode 100644 index 2302edae..00000000 --- a/tests/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost ansible_connection=local diff --git a/tests/roles/hello-templates/files/deployment.yml b/tests/roles/hello-templates/files/deployment.yml deleted file mode 100644 index 80ab1075..00000000 --- a/tests/roles/hello-templates/files/deployment.yml +++ /dev/null @@ -1,43 +0,0 @@ -apiVersion: v1 -kind: DeploymentConfig -metadata: - name: hello-depoy - namespace: hello - labels: - app: hello -spec: - strategy: - type: Rolling - rollingParams: - updatePeriodSeconds: 1 - intervalSeconds: 1 - timeoutSeconds: 600 - maxUnavailable: 25% - maxSurge: 25% - resources: {} - triggers: - - type: ConfigChange - replicas: 1 - test: false - selector: - app: hello - template: - metadata: - name: hello-pod - labels: - app: hello - spec: - containers: - - name: hello - image: openshift/busybox-http-app - ports: - - name: web-8100-tcp - containerPort: 8080 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - imagePullPolicy: Always - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst - securityContext: {} diff --git a/tests/roles/hello-templates/tasks/main.yml b/tests/roles/hello-templates/tasks/main.yml deleted file mode 100644 index 0e8490e7..00000000 --- a/tests/roles/hello-templates/tasks/main.yml +++ /dev/null @@ -1,60 +0,0 @@ -- name: Create project - openshift_v1_project: - name: test-resource-defn - display_name: Resource Defn - description: Load resources - debug: no - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: create_project - -- debug: var=create_project - -# Create service from unaltered YAML copied from console -- name: Create service from resource definition - k8s_v1_service: - state: present - debug: yes - resource_definition: - apiVersion: v1 - kind: Service - metadata: - name: hello-service - namespace: test-resource-defn - selfLink: /api/v1/namespaces/hello/services/hello-service - uid: fd228ddb-0f38-11e7-840c-a2a3304da08d - resourceVersion: '42303' - creationTimestamp: '2017-03-22T19:51:49Z' - labels: - app: hello - spec: - ports: - - name: web-tcp - protocol: TCP - port: 8080 - targetPort: 8080 - selector: - app: hello - type: ClusterIP - sessionAffinity: None - status: - loadBalancer: {} - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: create_service - -- debug: var=create_service - -- name: Create deployment from resource file - openshift_v1_deployment_config: - state: present - debug: yes - src: "{{ role_path }}/files/deployment.yml" - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: deployment_create - -- debug: var=deployment_create diff --git a/tests/roles/hello-world/tasks/main.yml b/tests/roles/hello-world/tasks/main.yml deleted file mode 100644 index 1409e033..00000000 --- a/tests/roles/hello-world/tasks/main.yml +++ /dev/null @@ -1,96 +0,0 @@ -- name: Delete project - openshift_v1_project: - name: hello - state: absent - debug: yes - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: delete_project - -- debug: var=delete_project - -- name: Create project - openshift_v1_project: - name: hello - state: present - display_name: Hello World - description: Hello. - debug: yes - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: create_project - -- debug: var=create_project - -- name: Create service - k8s_v1_service: - name: hello-service - namespace: hello - state: present - ports: - - port: 8080 - target_port: 8080 - name: web-tcp - selector: - app: hello - labels: - app: hello - debug: yes - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: create_service - -- debug: var=create_service - -- name: Create deployment config - openshift_v1_deployment_config: - name: hello-deploy - namespace: hello - state: present - debug: yes - labels: - app: hello - spec_template_metadata_name: hello-pod - spec_template_metadata_labels: - app: hello - containers: - - name: hello - image: openshift/busybox-http-app - ports: - - container_port: 8080 - protocol: TCP - name: web-8080-tcp - - container_port: 8100 - protocol: TCP - name: web-8100-tcp - replicas: 1 - selector: - app: hello - strategy_type: Rolling - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: create_deployment - -- debug: var=create_deployment - -- name: Create route - openshift_v1_route: - name: hello-route - namespace: hello - state: present - to_kind: Service - to_name: hello-service - to_weight: 100 - port_target_port: web-tcp - tls_termination: edge - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: create_route - -- debug: var=create_route - diff --git a/tests/test.yml b/tests/test.yml deleted file mode 100644 index 46fcaf8d..00000000 --- a/tests/test.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Load the modules - hosts: all - gather_facts: no - vars: - os_kubeconfig: konfig.json - os_host: localhost:8443 - os_verify_ssl: False - roles: - - role: ansible-kubernetes-modules - - role: hello-world - - role: hello-templates