diff --git a/.github/workflows/ansible-test.yml b/.github/workflows/ansible-test.yml new file mode 100644 index 00000000..4e8d96ef --- /dev/null +++ b/.github/workflows/ansible-test.yml @@ -0,0 +1,49 @@ +name: CI +on: + - pull_request + +jobs: + + sanity: + runs-on: ubuntu-latest + strategy: + matrix: + python_version: ["3.6"] + steps: + - name: Check out code + uses: actions/checkout@v1 + with: + path: ansible_collections/community/kubernetes + + - name: Set up Python ${{ matrix.python_version }} + uses: actions/setup-python@v1 + with: + python-version: ${{ matrix.python_version }} + + - name: Install ansible-base + run: pip install git+https://github.com/ansible-collection-migration/ansible-base.git --disable-pip-version-check + + - name: Run sanity tests on Python ${{ matrix.python_version }} + run: ansible-test sanity --docker -v --color --python ${{ matrix.python_version }} + + integration: + runs-on: ubuntu-latest + strategy: + matrix: + python_version: ["3.6"] + steps: + - name: Check out code + uses: actions/checkout@v1 + with: + path: ansible_collections/community/kubernetes + + - name: Set up Python ${{ matrix.python_version }} + uses: actions/setup-python@v1 + with: + python-version: ${{ matrix.python_version }} + + - name: Install ansible-base + run: pip install git+https://github.com/ansible-collection-migration/ansible-base.git --disable-pip-version-check + + - name: Run integration tests on Python ${{ matrix.python_version }} + run: ansible-test integration --docker -v --color --retry-on-error --python ${{ matrix.python_version }} --continue-on-error --diff --coverage diff --git a/.gitignore b/.gitignore index bece7b25..2d197564 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ *.retry .idea *.log +tests/output +tests/integration/cloud-config-* diff --git a/.tito/packages/.readme b/.tito/packages/.readme deleted file mode 100644 index b9411e2d..00000000 --- a/.tito/packages/.readme +++ /dev/null @@ -1,3 +0,0 @@ -the .tito/packages directory contains metadata files -named after their packages. Each file has the latest tagged -version and the project's relative directory. diff --git a/.tito/packages/ansible-kubernetes-modules b/.tito/packages/ansible-kubernetes-modules deleted file mode 100644 index 1f6d26a5..00000000 --- a/.tito/packages/ansible-kubernetes-modules +++ /dev/null @@ -1 +0,0 @@ -0.4.0-8 ./ diff --git a/.tito/releasers.conf b/.tito/releasers.conf deleted file mode 100644 index 66358882..00000000 --- a/.tito/releasers.conf +++ /dev/null @@ -1,30 +0,0 @@ -[asb-copr] -releaser = tito.release.CoprReleaser -project_name = @ansible-service-broker/ansible-service-broker-latest -upload_command = scp -4 %(srpm)s $fas_username@fedorapeople.org:/srv/repos/asb -remote_location = http://repos.fedorapeople.org/asb/ -copr_options = --timeout 600 - -[asb-copr-test] -releaser = tito.release.CoprReleaser -project_name = @ansible-service-broker/ansible-service-broker-nightly -upload_command = scp -4 %(srpm)s $fas_username@fedorapeople.org:/srv/repos/asb -remote_location = http://repos.fedorapeople.org/asb/ -copr_options = --timeout 600 -builder.test = 1 - -[asb-brew-36] -releaser = tito.release.DistGitReleaser -branches = rhaos-3.6-asb-rhel-7 - -[asb-brew-37] -releaser = tito.release.DistGitReleaser -branches = rhaos-3.7-asb-rhel-7 - -[asb-brew-38] -releaser = tito.release.DistGitReleaser -branches = rhaos-3.8-asb-rhel-7 - -[asb-brew-39] -releaser = tito.release.DistGitReleaser -branches = rhaos-3.9-asb-rhel-7 diff --git a/.tito/tito.props b/.tito/tito.props deleted file mode 100644 index 80fe6528..00000000 --- a/.tito/tito.props +++ /dev/null @@ -1,5 +0,0 @@ -[buildconfig] -builder = tito.builder.Builder -tagger = tito.tagger.ReleaseTagger -changelog_do_not_remove_cherrypick = 0 -changelog_format = %s (%ae) diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index f8ed9547..00000000 --- a/.travis.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -language: python -python: "2.7" - -# Use the new container infrastructure -sudo: false - -# Install ansible -addons: - apt: - packages: - - python-pip - -install: - # Install prereqs - - pip install https://github.com/ansible/ansible/archive/devel.tar.gz - - pip install openshift - - pip list | grep openshift - - # Start OpenShift - - docker run --publish 8443:8443 -d --name openshift openshift/origin:v3.7.1 start master --listen https://0.0.0.0:8443 - - sleep 15 - - # Fetch a copy of the kube config file - - docker exec -it openshift cat /var/lib/origin/openshift.local.config/master/admin.kubeconfig >tests/konfig.json - - - printf '[defaults]\nroles_path=../' >ansible.cfg - - echo "localhost ansible_connection=local ansible_python_interpreter=$(which python)">tests/inventory - -script: - - ansible-playbook -i tests/inventory -vvv tests/test.yml - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/LICENSE b/LICENSE index 8dada3ed..e72bfdda 100644 --- a/LICENSE +++ b/LICENSE @@ -1,201 +1,674 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. - 1. Definitions. + Preamble - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. + The GNU General Public License is a free, copyleft license for +software and other kinds of works. - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. + The precise terms and conditions for copying, distribution and +modification follow. - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. + TERMS AND CONDITIONS - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. + 0. Definitions. - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: + "This License" refers to version 3 of the GNU General Public License. - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. + A "covered work" means either the unmodified Program or a work based +on the Program. - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. + 1. Source Code. - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. - END OF TERMS AND CONDITIONS + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. - APPENDIX: How to apply the Apache License to your work. + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. - Copyright {yyyy} {name of copyright owner} + The Corresponding Source for a work in source code form is that +same work. - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at + 2. Basic Permissions. - http://www.apache.org/licenses/LICENSE-2.0 + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. \ No newline at end of file diff --git a/README.md b/README.md index 2a808334..4279bf2b 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,5 @@ # Kubernetes Collection for Ansible -[![Build Status](https://travis-ci.org/ansible-collections/kubernetes.svg?branch=master)](https://travis-ci.org/ansible-collections/kubernetes) - This repo hosts the `community.kubernetes` Ansible Collection. As this is an independent Collection, it can be released on its own release cadence. @@ -16,4 +14,4 @@ For more information see `#ansible-community` on Freenode IRC, or the [Kubernete GNU General Public License v3.0 or later -See LICENCING to see the full text. +See LICENCE to see the full text. diff --git a/ansible-kubernetes-modules.spec b/ansible-kubernetes-modules.spec deleted file mode 100644 index 1234f0af..00000000 --- a/ansible-kubernetes-modules.spec +++ /dev/null @@ -1,71 +0,0 @@ -Name: ansible-kubernetes-modules -Version: 0.4.0 -Release: 8%{?dist} -Summary: Ansible role containing pre-release K8s modules -License: ASL 2.0 -URL: https://github.com/ansible/%{name} -Source0: https://github.com/ansible/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz - -BuildArch: noarch - -Requires: ansible >= 2.3.0.0 -Requires: python-openshift >= 0.4 - -%description -%{summary} - -%prep -%autosetup -p1 - -%build - -%install -mkdir -p %{buildroot}%{_sysconfdir}/ansible/roles/ansible.kubernetes-modules -mv * %{buildroot}%{_sysconfdir}/ansible/roles/ansible.kubernetes-modules - -%check - -%files -%{_sysconfdir}/ansible/roles/ansible.kubernetes-modules - -%changelog -* Fri Jan 19 2018 David Zager 0.4.0-8 -- when in checkmode _create returns None and cannot have to_dict() called (#27) - (trbs@users.noreply.github.com) -- Show openshift version (chousekn@redhat.com) -- Unpin openshift (chousekn@redhat.com) -- regen modules (fabian@fabianism.us) -- Pin openshift. Trying Origin 3.6.7. (chousekn@redhat.com) - -* Wed Jan 17 2018 David Zager 0.4.0-7 -- Bump package version for 4.x (david.j.zager@gmail.com) -- Update releasers (david.j.zager@gmail.com) -- update generated modules (#26) (fabian@fabianism.us) - -* Mon Oct 16 2017 Jason Montleon 0.3.1-6 -- Update to latest k8s_common (chousekn@redhat.com) - -* Fri Oct 13 2017 Jason Montleon 0.3.1-5 -- increment release - -* Fri Oct 13 2017 Jason Montleon 0.3.1-4 -- Bump version - -* Fri Oct 13 2017 Jason Montleon 0.3.1-3 -- add python-openshift rpm dependency (jmontleo@redhat.com) -- Travis file cleanup (#13) (chousekn@redhat.com) -- Removes -i inventory (chousekn@redhat.com) -- Removes ansible-galaxy install (chousekn@redhat.com) -- Regen modules. Add tests. (chousekn@redhat.com) -- Add Travis button (chousekn@redhat.com) -- Add simple module test (chousekn@redhat.com) -- Adds latest generated modules (chousekn@redhat.com) - -* Fri Oct 06 2017 Jason Montleon 0.3.1-2 -- new package built with tito - -* Fri Oct 06 2017 Jason Montleon -- new package built with tito - -* Fri May 12 2017 Jason Montleon - 0.0.1-1 -- initial package diff --git a/defaults/main.yml b/defaults/main.yml deleted file mode 100644 index b7836bc7..00000000 --- a/defaults/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -install_python_requirements: no -virtualenv: diff --git a/galaxy.yml b/galaxy.yml new file mode 100644 index 00000000..31382a5c --- /dev/null +++ b/galaxy.yml @@ -0,0 +1,20 @@ +authors: [] +dependencies: {} +description: Kubernetes Collection for Ansible. +documentation: '' +homepage: '' +issues: https://github.com/ansible-collections/kubernetes/issues +license_file: LICENSE +name: kubernetes +namespace: community +readme: README.md +repository: https://github.com/ansible-collections/kubernetes +tags: + - kubernetes + - k8s + - cloud + - infrastructure + - openshift + - okd + - cluster +version: 0.9.0 diff --git a/library/k8s_apps_v1beta1_deployment.py b/library/k8s_apps_v1beta1_deployment.py deleted file mode 100644 index 2482a9cc..00000000 --- a/library/k8s_apps_v1beta1_deployment.py +++ /dev/null @@ -1,580 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_apps_v1beta1_deployment -short_description: Kubernetes Deployment -description: -- Manage the lifecycle of a deployment object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_paused: - description: - - Indicates that the deployment is paused. - aliases: - - paused - type: bool - spec_progress_deadline_seconds: - description: - - The maximum time in seconds for a deployment to make progress before it is considered - to be failed. The deployment controller will continue to process failed deployments - and a condition with a ProgressDeadlineExceeded reason will be surfaced in the - deployment status. Note that progress will not be estimated during the time - a deployment is paused. Defaults to 600s. - aliases: - - progress_deadline_seconds - type: int - spec_replicas: - description: - - Number of desired pods. This is a pointer to distinguish between explicit zero - and not specified. Defaults to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - The number of old ReplicaSets to retain to allow rollback. This is a pointer - to distinguish between explicit zero and not specified. Defaults to 2. - aliases: - - revision_history_limit - type: int - spec_rollback_to_revision: - description: - - The revision to rollback to. If set to 0, rollback to the last revision. - aliases: - - rollback_to_revision - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_strategy_rolling_update_max_surge: - description: - - 'The maximum number of pods that can be scheduled above the desired number of - pods. Value can be an absolute number (ex: 5) or a percentage of desired pods - (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated - from percentage by rounding up. Defaults to 25%. Example: when this is set to - 30%, the new RC can be scaled up immediately when the rolling update starts, - such that the total number of old and new pods do not exceed 130% of desired - pods. Once old pods have been killed, new RC can be scaled up further, ensuring - that total number of pods running at any time during the update is atmost 130% - of desired pods.' - aliases: - - strategy_rolling_update_max_surge - type: object - spec_strategy_rolling_update_max_unavailable: - description: - - 'The maximum number of pods that can be unavailable during the update. Value - can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. This can not - be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the - old RC can be scaled down to 70% of desired pods immediately when the rolling - update starts. Once new pods are ready, old RC can be scaled down further, followed - by scaling up the new RC, ensuring that the total number of pods available at - all times during the update is at least 70% of desired pods.' - aliases: - - strategy_rolling_update_max_unavailable - type: object - spec_strategy_type: - description: - - Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. - aliases: - - strategy_type - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('deployment', 'apps_v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_apps_v1beta1_deployment_list.py b/library/k8s_apps_v1beta1_deployment_list.py deleted file mode 100644 index 31eb457c..00000000 --- a/library/k8s_apps_v1beta1_deployment_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_apps_v1beta1_deployment_list -short_description: Kubernetes DeploymentList -description: -- Retrieve a list of deployments. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of Deployments. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('deployment_list', 'apps_v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_apps_v1beta1_scale.py b/library/k8s_apps_v1beta1_scale.py deleted file mode 100644 index 68320514..00000000 --- a/library/k8s_apps_v1beta1_scale.py +++ /dev/null @@ -1,148 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_apps_v1beta1_scale -short_description: Kubernetes Scale -description: -- Manage the lifecycle of a scale object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_replicas: - description: - - desired number of instances for the scaled object. - aliases: - - replicas - type: int - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -scale: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - spec: - description: - - defines the behavior of the scale. - type: complex - status: - description: - - current status of the scale. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('scale', 'apps_v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_extensions_v1beta1_deployment.py b/library/k8s_extensions_v1beta1_deployment.py deleted file mode 100644 index 130d67a8..00000000 --- a/library/k8s_extensions_v1beta1_deployment.py +++ /dev/null @@ -1,582 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_extensions_v1beta1_deployment -short_description: Kubernetes Deployment -description: -- Manage the lifecycle of a deployment object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_paused: - description: - - Indicates that the deployment is paused and will not be processed by the deployment - controller. - aliases: - - paused - type: bool - spec_progress_deadline_seconds: - description: - - The maximum time in seconds for a deployment to make progress before it is considered - to be failed. The deployment controller will continue to process failed deployments - and a condition with a ProgressDeadlineExceeded reason will be surfaced in the - deployment status. Note that progress will not be estimated during the time - a deployment is paused. This is not set by default. - aliases: - - progress_deadline_seconds - type: int - spec_replicas: - description: - - Number of desired pods. This is a pointer to distinguish between explicit zero - and not specified. Defaults to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - The number of old ReplicaSets to retain to allow rollback. This is a pointer - to distinguish between explicit zero and not specified. - aliases: - - revision_history_limit - type: int - spec_rollback_to_revision: - description: - - The revision to rollback to. If set to 0, rollback to the last revision. - aliases: - - rollback_to_revision - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_strategy_rolling_update_max_surge: - description: - - 'The maximum number of pods that can be scheduled above the desired number of - pods. Value can be an absolute number (ex: 5) or a percentage of desired pods - (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated - from percentage by rounding up. By default, a value of 1 is used. Example: when - this is set to 30%, the new RC can be scaled up immediately when the rolling - update starts, such that the total number of old and new pods do not exceed - 130% of desired pods. Once old pods have been killed, new RC can be scaled up - further, ensuring that total number of pods running at any time during the update - is atmost 130% of desired pods.' - aliases: - - strategy_rolling_update_max_surge - type: object - spec_strategy_rolling_update_max_unavailable: - description: - - 'The maximum number of pods that can be unavailable during the update. Value - can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. This can not - be 0 if MaxSurge is 0. By default, a fixed value of 1 is used. Example: when - this is set to 30%, the old RC can be scaled down to 70% of desired pods immediately - when the rolling update starts. Once new pods are ready, old RC can be scaled - down further, followed by scaling up the new RC, ensuring that the total number - of pods available at all times during the update is at least 70% of desired - pods.' - aliases: - - strategy_rolling_update_max_unavailable - type: object - spec_strategy_type: - description: - - Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. - aliases: - - strategy_type - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('deployment', 'extensions_v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_extensions_v1beta1_deployment_list.py b/library/k8s_extensions_v1beta1_deployment_list.py deleted file mode 100644 index 99f56b89..00000000 --- a/library/k8s_extensions_v1beta1_deployment_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_extensions_v1beta1_deployment_list -short_description: Kubernetes DeploymentList -description: -- Retrieve a list of deployments. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of Deployments. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('deployment_list', 'extensions_v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_extensions_v1beta1_scale.py b/library/k8s_extensions_v1beta1_scale.py deleted file mode 100644 index 910cfdd8..00000000 --- a/library/k8s_extensions_v1beta1_scale.py +++ /dev/null @@ -1,148 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_extensions_v1beta1_scale -short_description: Kubernetes Scale -description: -- Manage the lifecycle of a scale object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_replicas: - description: - - desired number of instances for the scaled object. - aliases: - - replicas - type: int - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -scale: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - spec: - description: - - defines the behavior of the scale. - type: complex - status: - description: - - current status of the scale. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('scale', 'extensions_v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_binding.py b/library/k8s_v1_binding.py deleted file mode 100644 index dd7fea0b..00000000 --- a/library/k8s_v1_binding.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_binding -short_description: Kubernetes Binding -description: -- Manage the lifecycle of a binding object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - target_api_version: - description: - - API version of the referent. - aliases: - - api_version - target_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - target_kind: - description: - - Kind of the referent. - aliases: - - kind - target_name: - description: - - Name of the referent. - target_namespace: - description: - - Namespace of the referent. - target_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - target_uid: - description: - - UID of the referent. - aliases: - - uid - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -binding: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - target: - description: - - The target object that you want to bind to the standard object. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('binding', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_cluster_role.py b/library/k8s_v1_cluster_role.py deleted file mode 100644 index 92cc733f..00000000 --- a/library/k8s_v1_cluster_role.py +++ /dev/null @@ -1,202 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_cluster_role -short_description: Kubernetes ClusterRole -description: -- Manage the lifecycle of a cluster_role object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable for - ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply - to API resources (such as "pods" or "secrets") or non-resource URL paths - (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_cluster_role_binding.py b/library/k8s_v1_cluster_role_binding.py deleted file mode 100644 index f260e0f4..00000000 --- a/library/k8s_v1_cluster_role_binding.py +++ /dev/null @@ -1,207 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_cluster_role_binding -short_description: Kubernetes ClusterRoleBinding -description: -- Manage the lifecycle of a cluster_role_binding object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_group: - description: - - APIGroup is the group for the resource being referenced - aliases: - - api_group - role_ref_kind: - description: - - Kind is the type of resource being referenced - aliases: - - kind - role_ref_name: - description: - - Name is the name of resource being referenced - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef - cannot be resolved, the Authorizer must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to "" - for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for - User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group are - "User", "Group", and "ServiceAccount". If the Authorizer does not recognized - the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_binding', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_cluster_role_binding_list.py b/library/k8s_v1_cluster_role_binding_list.py deleted file mode 100644 index 0e105a81..00000000 --- a/library/k8s_v1_cluster_role_binding_list.py +++ /dev/null @@ -1,189 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_cluster_role_binding_list -short_description: Kubernetes ClusterRoleBindingList -description: -- Retrieve a list of cluster_role_bindings. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference a ClusterRole in the global namespace. If the - RoleRef cannot be resolved, the Authorizer must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to - "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group - are "User", "Group", and "ServiceAccount". If the Authorizer does - not recognized the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_binding_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_cluster_role_list.py b/library/k8s_v1_cluster_role_list.py deleted file mode 100644 index 7e59be6b..00000000 --- a/library/k8s_v1_cluster_role_list.py +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_cluster_role_list -short_description: Kubernetes ClusterRoleList -description: -- Retrieve a list of cluster_roles. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If multiple API groups are specified, any action requested against - one of the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable - for ClusterRoles referenced from a ClusterRoleBinding. Rules can either - apply to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_component_status.py b/library/k8s_v1_component_status.py deleted file mode 100644 index 0e90b161..00000000 --- a/library/k8s_v1_component_status.py +++ /dev/null @@ -1,162 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_component_status -short_description: Kubernetes ComponentStatus -description: -- Manage the lifecycle of a component_status object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - conditions: - description: - - List of component conditions observed - type: list - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -component_status: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - conditions: - description: - - List of component conditions observed - type: list - contains: - error: - description: - - Condition error code for a component. For example, a health check error - code. - type: str - message: - description: - - Message about the condition for a component. For example, information - about a health check. - type: str - status: - description: - - 'Status of the condition for a component. Valid values for "Healthy": - "True", "False", or "Unknown".' - type: str - type: - description: - - 'Type of condition for a component. Valid value: "Healthy"' - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('component_status', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_component_status_list.py b/library/k8s_v1_component_status_list.py deleted file mode 100644 index 4c0809bf..00000000 --- a/library/k8s_v1_component_status_list.py +++ /dev/null @@ -1,157 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_component_status_list -short_description: Kubernetes ComponentStatusList -description: -- Retrieve a list of component_status. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -component_status_list: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ComponentStatus objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - conditions: - description: - - List of component conditions observed - type: list - contains: - error: - description: - - Condition error code for a component. For example, a health check - error code. - type: str - message: - description: - - Message about the condition for a component. For example, information - about a health check. - type: str - status: - description: - - 'Status of the condition for a component. Valid values for "Healthy": - "True", "False", or "Unknown".' - type: str - type: - description: - - 'Type of condition for a component. Valid value: "Healthy"' - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('component_status_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_config_map.py b/library/k8s_v1_config_map.py deleted file mode 100644 index e9a2d97b..00000000 --- a/library/k8s_v1_config_map.py +++ /dev/null @@ -1,169 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_config_map -short_description: Kubernetes ConfigMap -description: -- Manage the lifecycle of a config_map object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - data: - description: - - Data contains the configuration data. Each key must consist of alphanumeric - characters, '-', '_' or '.'. - type: dict - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -config_map: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - data: - description: - - Data contains the configuration data. Each key must consist of alphanumeric - characters, '-', '_' or '.'. - type: complex - contains: str, str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('config_map', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_config_map_list.py b/library/k8s_v1_config_map_list.py deleted file mode 100644 index a0a8b18b..00000000 --- a/library/k8s_v1_config_map_list.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_config_map_list -short_description: Kubernetes ConfigMapList -description: -- Retrieve a list of config_maps. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -config_map_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of ConfigMaps. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - data: - description: - - Data contains the configuration data. Each key must consist of alphanumeric - characters, '-', '_' or '.'. - type: complex - contains: str, str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - '' - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('config_map_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_endpoints.py b/library/k8s_v1_endpoints.py deleted file mode 100644 index ce296dc4..00000000 --- a/library/k8s_v1_endpoints.py +++ /dev/null @@ -1,250 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_endpoints -short_description: Kubernetes Endpoints -description: -- Manage the lifecycle of a endpoints object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subsets: - description: - - The set of all endpoints is the union of all subsets. Addresses are placed into - subsets according to the IPs they share. A single address with multiple ports, - some of which are ready and some of which are not (because they come from different - containers) will result in the address being displayed in different subsets - for the different ports. No address will appear in both Addresses and NotReadyAddresses - in the same subset. Sets of addresses and ports that comprise a service. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -endpoints: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - subsets: - description: - - The set of all endpoints is the union of all subsets. Addresses are placed - into subsets according to the IPs they share. A single address with multiple - ports, some of which are ready and some of which are not (because they come - from different containers) will result in the address being displayed in different - subsets for the different ports. No address will appear in both Addresses - and NotReadyAddresses in the same subset. Sets of addresses and ports that - comprise a service. - type: list - contains: - addresses: - description: - - IP addresses which offer the related ports that are marked as ready. These - endpoints should be considered safe for load balancers and clients to - utilize. - type: list - contains: - hostname: - description: - - The Hostname of this endpoint - type: str - ip: - description: - - The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local - (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is - also accepted but not fully supported on all platforms. Also, certain - kubernetes components, like kube-proxy, are not IPv6 ready. - type: str - node_name: - description: - - 'Optional: Node hosting this endpoint. This can be used to determine - endpoints local to a node.' - type: str - target_ref: - description: - - Reference to object providing the endpoint. - type: complex - not_ready_addresses: - description: - - IP addresses which offer the related ports but are not currently marked - as ready because they have not yet finished starting, have recently failed - a readiness check, or have recently failed a liveness check. - type: list - contains: - hostname: - description: - - The Hostname of this endpoint - type: str - ip: - description: - - The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local - (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is - also accepted but not fully supported on all platforms. Also, certain - kubernetes components, like kube-proxy, are not IPv6 ready. - type: str - node_name: - description: - - 'Optional: Node hosting this endpoint. This can be used to determine - endpoints local to a node.' - type: str - target_ref: - description: - - Reference to object providing the endpoint. - type: complex - ports: - description: - - Port numbers available on the related IP addresses. - type: list - contains: - name: - description: - - The name of this port (corresponds to ServicePort.Name). Must be a - DNS_LABEL. Optional only if one port is defined. - type: str - port: - description: - - The port number of the endpoint. - type: int - protocol: - description: - - The IP protocol for this port. Must be UDP or TCP. Default is TCP. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('endpoints', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_endpoints_list.py b/library/k8s_v1_endpoints_list.py deleted file mode 100644 index 1a032c3a..00000000 --- a/library/k8s_v1_endpoints_list.py +++ /dev/null @@ -1,241 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_endpoints_list -short_description: Kubernetes EndpointsList -description: -- Retrieve a list of endpoints. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -endpoints_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of endpoints. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - subsets: - description: - - The set of all endpoints is the union of all subsets. Addresses are placed - into subsets according to the IPs they share. A single address with multiple - ports, some of which are ready and some of which are not (because they - come from different containers) will result in the address being displayed - in different subsets for the different ports. No address will appear in - both Addresses and NotReadyAddresses in the same subset. Sets of addresses - and ports that comprise a service. - type: list - contains: - addresses: - description: - - IP addresses which offer the related ports that are marked as ready. - These endpoints should be considered safe for load balancers and clients - to utilize. - type: list - contains: - hostname: - description: - - The Hostname of this endpoint - type: str - ip: - description: - - The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local - (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 - is also accepted but not fully supported on all platforms. Also, - certain kubernetes components, like kube-proxy, are not IPv6 ready. - type: str - node_name: - description: - - 'Optional: Node hosting this endpoint. This can be used to determine - endpoints local to a node.' - type: str - target_ref: - description: - - Reference to object providing the endpoint. - type: complex - not_ready_addresses: - description: - - IP addresses which offer the related ports but are not currently marked - as ready because they have not yet finished starting, have recently - failed a readiness check, or have recently failed a liveness check. - type: list - contains: - hostname: - description: - - The Hostname of this endpoint - type: str - ip: - description: - - The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local - (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 - is also accepted but not fully supported on all platforms. Also, - certain kubernetes components, like kube-proxy, are not IPv6 ready. - type: str - node_name: - description: - - 'Optional: Node hosting this endpoint. This can be used to determine - endpoints local to a node.' - type: str - target_ref: - description: - - Reference to object providing the endpoint. - type: complex - ports: - description: - - Port numbers available on the related IP addresses. - type: list - contains: - name: - description: - - The name of this port (corresponds to ServicePort.Name). Must - be a DNS_LABEL. Optional only if one port is defined. - type: str - port: - description: - - The port number of the endpoint. - type: int - protocol: - description: - - The IP protocol for this port. Must be UDP or TCP. Default is - TCP. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('endpoints_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_event.py b/library/k8s_v1_event.py deleted file mode 100644 index 93e5296f..00000000 --- a/library/k8s_v1_event.py +++ /dev/null @@ -1,261 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_event -short_description: Kubernetes Event -description: -- Manage the lifecycle of a event object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - count: - description: - - The number of times this event has occurred. - type: int - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - first_timestamp: - description: - - The time at which the event was first recorded. (Time of server receipt is in - TypeMeta.) - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - involved_object_api_version: - description: - - API version of the referent. - aliases: - - api_version - involved_object_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - involved_object_kind: - description: - - Kind of the referent. - aliases: - - kind - involved_object_name: - description: - - Name of the referent. - involved_object_namespace: - description: - - Namespace of the referent. - involved_object_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - involved_object_uid: - description: - - UID of the referent. - aliases: - - uid - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - last_timestamp: - description: - - The time at which the most recent occurrence of this event was recorded. - message: - description: - - A human-readable description of the status of this operation. - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - reason: - description: - - This should be a short, machine understandable string that gives the reason - for the transition into the object's current status. - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - source_component: - description: - - Component from which the event is generated. - aliases: - - component - source_host: - description: - - Node name on which the event is generated. - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - type: - description: - - Type of this event (Normal, Warning), new types could be added in the future - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -event: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - count: - description: - - The number of times this event has occurred. - type: int - first_timestamp: - description: - - The time at which the event was first recorded. (Time of server receipt is - in TypeMeta.) - type: complex - contains: {} - involved_object: - description: - - The object that this event is about. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - last_timestamp: - description: - - The time at which the most recent occurrence of this event was recorded. - type: complex - contains: {} - message: - description: - - A human-readable description of the status of this operation. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - reason: - description: - - This should be a short, machine understandable string that gives the reason - for the transition into the object's current status. - type: str - source: - description: - - The component reporting this event. Should be a short machine understandable - string. - type: complex - type: - description: - - Type of this event (Normal, Warning), new types could be added in the future - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('event', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_event_list.py b/library/k8s_v1_event_list.py deleted file mode 100644 index 717b2033..00000000 --- a/library/k8s_v1_event_list.py +++ /dev/null @@ -1,195 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_event_list -short_description: Kubernetes EventList -description: -- Retrieve a list of events. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -event_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of events - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - count: - description: - - The number of times this event has occurred. - type: int - first_timestamp: - description: - - The time at which the event was first recorded. (Time of server receipt - is in TypeMeta.) - type: complex - contains: {} - involved_object: - description: - - The object that this event is about. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - last_timestamp: - description: - - The time at which the most recent occurrence of this event was recorded. - type: complex - contains: {} - message: - description: - - A human-readable description of the status of this operation. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - reason: - description: - - This should be a short, machine understandable string that gives the reason - for the transition into the object's current status. - type: str - source: - description: - - The component reporting this event. Should be a short machine understandable - string. - type: complex - type: - description: - - Type of this event (Normal, Warning), new types could be added in the - future - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('event_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_horizontal_pod_autoscaler.py b/library/k8s_v1_horizontal_pod_autoscaler.py deleted file mode 100644 index 32d78042..00000000 --- a/library/k8s_v1_horizontal_pod_autoscaler.py +++ /dev/null @@ -1,211 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_horizontal_pod_autoscaler -short_description: Kubernetes HorizontalPodAutoscaler -description: -- Manage the lifecycle of a horizontal_pod_autoscaler object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_max_replicas: - description: - - upper limit for the number of pods that can be set by the autoscaler; cannot - be smaller than MinReplicas. - aliases: - - max_replicas - type: int - spec_min_replicas: - description: - - lower limit for the number of pods that can be set by the autoscaler, default - 1. - aliases: - - min_replicas - type: int - spec_scale_target_ref_api_version: - description: - - API version of the referent - aliases: - - scale_target_ref_api_version - spec_scale_target_ref_kind: - description: - - Kind of the referent; - aliases: - - scale_target_ref_kind - spec_scale_target_ref_name: - description: - - Name of the referent; - aliases: - - scale_target_ref_name - spec_target_cpu_utilization_percentage: - description: - - target average CPU utilization (represented as a percentage of requested CPU) - over all the pods; if not specified the default autoscaling policy will be used. - aliases: - - target_cpu_utilization_percentage - type: int - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create replica set - k8s_v1_horizontal_pod_autoscaler.yml: - name: test-scaler - namespace: test - state: present - scale_target_ref_kind: ReplicaSet - scale_target_ref_name: test - min_replicas: 2 - max_replicas: 5 -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -horizontal_pod_autoscaler: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - behaviour of autoscaler. - type: complex - status: - description: - - current information about the autoscaler. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('horizontal_pod_autoscaler', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_horizontal_pod_autoscaler_list.py b/library/k8s_v1_horizontal_pod_autoscaler_list.py deleted file mode 100644 index e2264057..00000000 --- a/library/k8s_v1_horizontal_pod_autoscaler_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_horizontal_pod_autoscaler_list -short_description: Kubernetes HorizontalPodAutoscalerList -description: -- Retrieve a list of horizontal_pod_autoscalers. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -horizontal_pod_autoscaler_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - list of horizontal pod autoscaler objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - behaviour of autoscaler. - type: complex - status: - description: - - current information about the autoscaler. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('horizontal_pod_autoscaler_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_job.py b/library/k8s_v1_job.py deleted file mode 100644 index ff6dc77d..00000000 --- a/library/k8s_v1_job.py +++ /dev/null @@ -1,547 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_job -short_description: Kubernetes Job -description: -- Manage the lifecycle of a job object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_active_deadline_seconds: - description: - - Specifies the duration in seconds relative to the startTime that the job may - be active before the system tries to terminate it; value must be positive integer - aliases: - - active_deadline_seconds - type: int - spec_backoff_limit: - description: - - Specifies the number of retries before marking this job failed. Defaults to - 6 - aliases: - - backoff_limit - type: int - spec_completions: - description: - - Specifies the desired number of successfully finished pods the job should be - run with. Setting to nil means that the success of any pod signals the success - of all pods, and allows parallelism to have any positive value. Setting to 1 - means that parallelism is limited to 1 and the success of that pod signals the - success of the job. - aliases: - - completions - type: int - spec_manual_selector: - description: - - manualSelector controls generation of pod labels and pod selectors. Leave `manualSelector` - unset unless you are certain what you are doing. When false or unset, the system - pick labels unique to this job and appends those labels to the pod template. - When true, the user is responsible for picking unique labels and specifying - the selector. Failure to pick a unique label may cause this and other jobs to - not function correctly. However, You may see `manualSelector=true` in jobs that - were created with the old `extensions/v1beta1` API. - aliases: - - manual_selector - type: bool - spec_parallelism: - description: - - Specifies the maximum desired number of pods the job should run at any given - time. The actual number of pods running in steady state will be less than this - number when ((.spec.completions - .status.successful) < .spec.parallelism), - i.e. when the work left to do is less than max parallelism. - aliases: - - parallelism - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -job: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of a job. - type: complex - status: - description: - - Current status of a job. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('job', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_job_list.py b/library/k8s_v1_job_list.py deleted file mode 100644 index 7776e7d1..00000000 --- a/library/k8s_v1_job_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_job_list -short_description: Kubernetes JobList -description: -- Retrieve a list of jobs. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -job_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is the list of Jobs. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of a job. - type: complex - status: - description: - - Current status of a job. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('job_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_limit_range.py b/library/k8s_v1_limit_range.py deleted file mode 100644 index dbb4a749..00000000 --- a/library/k8s_v1_limit_range.py +++ /dev/null @@ -1,168 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_limit_range -short_description: Kubernetes LimitRange -description: -- Manage the lifecycle of a limit_range object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_limits: - description: - - Limits is the list of LimitRangeItem objects that are enforced. - aliases: - - limits - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -limit_range: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the limits enforced. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('limit_range', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_limit_range_list.py b/library/k8s_v1_limit_range_list.py deleted file mode 100644 index b00e29b5..00000000 --- a/library/k8s_v1_limit_range_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_limit_range_list -short_description: Kubernetes LimitRangeList -description: -- Retrieve a list of limit_ranges. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -limit_range_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of LimitRange objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the limits enforced. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('limit_range_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_local_subject_access_review.py b/library/k8s_v1_local_subject_access_review.py deleted file mode 100644 index c919e650..00000000 --- a/library/k8s_v1_local_subject_access_review.py +++ /dev/null @@ -1,218 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_local_subject_access_review -short_description: Kubernetes LocalSubjectAccessReview -description: -- Manage the lifecycle of a local_subject_access_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_extra: - description: - - Extra corresponds to the user.Info.GetExtra() method from the authenticator. - Since that is input to the authorizer it needs a reflection here. - aliases: - - extra - type: dict - spec_groups: - description: - - Groups is the groups you're testing for. - aliases: - - groups - type: list - spec_non_resource_attributes_path: - description: - - Path is the URL path of the request - aliases: - - non_resource_attributes_path - spec_non_resource_attributes_verb: - description: - - Verb is the standard HTTP verb - aliases: - - non_resource_attributes_verb - spec_resource_attributes_group: - description: - - Group is the API Group of the Resource. "*" means all. - aliases: - - resource_attributes_group - spec_resource_attributes_name: - description: - - Name is the name of the resource being requested for a "get" or deleted for - a "delete". "" (empty) means all. - aliases: - - resource_attributes_name - spec_resource_attributes_namespace: - description: - - Namespace is the namespace of the action being requested. Currently, there is - no distinction between no namespace and all namespaces "" (empty) is defaulted - for LocalSubjectAccessReviews "" (empty) is empty for cluster-scoped resources - "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview - or SelfSubjectAccessReview - aliases: - - resource_attributes_namespace - spec_resource_attributes_resource: - description: - - Resource is one of the existing resource types. "*" means all. - aliases: - - resource_attributes_resource - spec_resource_attributes_subresource: - description: - - Subresource is one of the existing resource types. "" means none. - aliases: - - resource_attributes_subresource - spec_resource_attributes_verb: - description: - - 'Verb is a kubernetes resource API verb, like: get, list, watch, create, update, - delete, proxy. "*" means all.' - aliases: - - resource_attributes_verb - spec_resource_attributes_version: - description: - - Version is the API Version of the Resource. "*" means all. - aliases: - - resource_attributes_version - spec_uid: - description: - - UID information about the requesting user. - aliases: - - uid - spec_user: - description: - - User is the user you're testing for. If you specify "User" but not "Groups", - then is it interpreted as "What if User were not a member of any groups - aliases: - - user - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -local_subject_access_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated. spec.namespace must - be equal to the namespace you made the request against. If empty, it is defaulted. - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request is allowed - or not - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('local_subject_access_review', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_namespace.py b/library/k8s_v1_namespace.py deleted file mode 100644 index 895760e8..00000000 --- a/library/k8s_v1_namespace.py +++ /dev/null @@ -1,224 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_namespace -short_description: Kubernetes Namespace -description: -- Manage the lifecycle of a namespace object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_finalizers: - description: - - Finalizers is an opaque list of values that must be empty to permanently remove - object from storage. - aliases: - - finalizers - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create a namespace - k8s_v1_namespace.yml: - name: k8s-namespace - state: present - -- name: Add labels and annotations - k8s_v1_namespace.yml: - name: k8s-namespace - state: present - labels: - app_env: production - app_class: '3' - annotations: - domain: namespace.com.acmecorp - -- name: Update labels and annotations - k8s_v1_namespace.yml: - name: k8s-namespace - state: present - labels: - app_env: production - app_class: '4' - app_group: '2' - annotations: - domain: namespace.app.com.acmecorp - monitoring_group: '1' - -- name: Create a namespace - k8s_v1_namespace.yml: - name: search-namespace - state: present - labels: - app: web - level: '1' - annotations: - company: acme.com - -- name: Replace namespace - k8s_v1_namespace.yml: - name: search-namespace - state: replaced - labels: - app: web_app - level: '3' - annotations: - company: acme.com - -- name: Remove namespace - k8s_v1_namespace.yml: - name: search-namespace - state: absent -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -namespace: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of the Namespace. - type: complex - status: - description: - - Status describes the current status of a Namespace. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('namespace', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_namespace_list.py b/library/k8s_v1_namespace_list.py deleted file mode 100644 index fb05ddb6..00000000 --- a/library/k8s_v1_namespace_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_namespace_list -short_description: Kubernetes NamespaceList -description: -- Retrieve a list of namespaces. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -namespace_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of Namespace objects in the list. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of the Namespace. - type: complex - status: - description: - - Status describes the current status of a Namespace. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('namespace_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_network_policy.py b/library/k8s_v1_network_policy.py deleted file mode 100644 index 9bd5f813..00000000 --- a/library/k8s_v1_network_policy.py +++ /dev/null @@ -1,217 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_network_policy -short_description: Kubernetes NetworkPolicy -description: -- Manage the lifecycle of a network_policy object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_egress: - description: - - List of egress rules to be applied to the selected pods. Outgoing traffic is - allowed if there are no NetworkPolicies selecting the pod (and cluster policy - otherwise allows the traffic), OR if the traffic matches at least one egress - rule across all of the NetworkPolicy objects whose podSelector matches the pod. - If this field is empty then this NetworkPolicy limits all outgoing traffic (and - serves solely to ensure that the pods it selects are isolated by default). This - field is beta-level in 1.8 - aliases: - - egress - type: list - spec_ingress: - description: - - List of ingress rules to be applied to the selected pods. Traffic is allowed - to a pod if there are no NetworkPolicies selecting the pod (and cluster policy - otherwise allows the traffic), OR if the traffic source is the pod's local node, - OR if the traffic matches at least one ingress rule across all of the NetworkPolicy - objects whose podSelector matches the pod. If this field is empty then this - NetworkPolicy does not allow any traffic (and serves solely to ensure that the - pods it selects are isolated by default) - aliases: - - ingress - type: list - spec_pod_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - pod_selector_match_expressions - type: list - spec_pod_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - pod_selector_match_labels - type: dict - spec_policy_types: - description: - - List of rule types that the NetworkPolicy relates to. Valid options are Ingress, - Egress, or Ingress,Egress. If this field is not specified, it will default based - on the existence of Ingress or Egress rules; policies that contain an Egress - section are assumed to affect Egress, and all policies (whether or not they - contain an Ingress section) are assumed to affect Ingress. If you want to write - an egress-only policy, you must explicitly specify policyTypes [ "Egress" ]. - Likewise, if you want to write a policy that specifies that no egress is allowed, - you must specify a policyTypes value that include "Egress" (since such a policy - would not include an Egress section and would otherwise default to just [ "Ingress" - ]). This field is beta-level in 1.8 - aliases: - - policy_types - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -network_policy: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior for this NetworkPolicy. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('network_policy', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_network_policy_list.py b/library/k8s_v1_network_policy_list.py deleted file mode 100644 index 70148432..00000000 --- a/library/k8s_v1_network_policy_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_network_policy_list -short_description: Kubernetes NetworkPolicyList -description: -- Retrieve a list of network_policys. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -network_policy_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of schema objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior for this NetworkPolicy. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('network_policy_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_node.py b/library/k8s_v1_node.py deleted file mode 100644 index d54cc265..00000000 --- a/library/k8s_v1_node.py +++ /dev/null @@ -1,250 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_node -short_description: Kubernetes Node -description: -- Manage the lifecycle of a node object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_config_source_api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - aliases: - - _source_api_version - spec_config_source_config_map_ref_api_version: - description: - - API version of the referent. - aliases: - - _source__map_ref_api_version - spec_config_source_config_map_ref_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - _source__map_ref_field_path - spec_config_source_config_map_ref_kind: - description: - - Kind of the referent. - aliases: - - _source__map_ref_kind - spec_config_source_config_map_ref_name: - description: - - Name of the referent. - aliases: - - _source__map_ref_name - spec_config_source_config_map_ref_namespace: - description: - - Namespace of the referent. - aliases: - - _source__map_ref_namespace - spec_config_source_config_map_ref_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - _source__map_ref_resource_version - spec_config_source_config_map_ref_uid: - description: - - UID of the referent. - aliases: - - _source__map_ref_uid - spec_config_source_kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - aliases: - - _source_kind - spec_external_id: - description: - - External ID of the node assigned by some machine database (e.g. a cloud provider). - Deprecated. - aliases: - - external_id - spec_pod_cidr: - description: - - PodCIDR represents the pod IP range assigned to the node. - aliases: - - pod_cidr - spec_provider_id: - description: - - 'ID of the node assigned by the cloud provider in the format: ://' - aliases: - - provider_id - spec_taints: - description: - - If specified, the node's taints. - aliases: - - taints - type: list - spec_unschedulable: - description: - - Unschedulable controls node schedulability of new pods. By default, node is - schedulable. - aliases: - - unschedulable - type: bool - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -node: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of a node. - type: complex - status: - description: - - Most recently observed status of the node. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('node', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_node_list.py b/library/k8s_v1_node_list.py deleted file mode 100644 index 97d419e0..00000000 --- a/library/k8s_v1_node_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_node_list -short_description: Kubernetes NodeList -description: -- Retrieve a list of nodes. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -node_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of nodes - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of a node. - type: complex - status: - description: - - Most recently observed status of the node. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('node_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_persistent_volume.py b/library/k8s_v1_persistent_volume.py deleted file mode 100644 index 44ad9b37..00000000 --- a/library/k8s_v1_persistent_volume.py +++ /dev/null @@ -1,867 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_persistent_volume -short_description: Kubernetes PersistentVolume -description: -- Manage the lifecycle of a persistent_volume object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_access_modes: - description: - - AccessModes contains all ways the volume can be mounted. - aliases: - - access_modes - type: list - spec_aws_elastic_block_store_fs_type: - description: - - 'Filesystem type of the volume that you want to mount. Tip: Ensure that the - filesystem type is supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.' - aliases: - - aws_elastic_block_store_fs_type - spec_aws_elastic_block_store_partition: - description: - - 'The partition in the volume that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume /dev/sda1, you specify the - partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you - can leave the property empty).' - aliases: - - aws_elastic_block_store_partition - type: int - spec_aws_elastic_block_store_read_only: - description: - - Specify "true" to force and set the ReadOnly property in VolumeMounts to "true". - If omitted, the default is "false". - aliases: - - aws_elastic_block_store_read_only - type: bool - spec_aws_elastic_block_store_volume_id: - description: - - Unique ID of the persistent disk resource in AWS (Amazon EBS volume). - aliases: - - aws_elastic_block_store_volume_id - spec_azure_disk_caching_mode: - description: - - 'Host Caching mode: None, Read Only, Read Write.' - aliases: - - azure_disk_caching_mode - spec_azure_disk_disk_name: - description: - - The Name of the data disk in the blob storage - aliases: - - azure_disk_disk_name - spec_azure_disk_disk_uri: - description: - - The URI the data disk in the blob storage - aliases: - - azure_disk_disk_uri - spec_azure_disk_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - aliases: - - azure_disk_fs_type - spec_azure_disk_kind: - description: - - 'Expected values Shared: mulitple blob disks per storage account Dedicated: - single blob disk per storage account Managed: azure managed data disk (only - in managed availability set). defaults to shared' - aliases: - - azure_disk_kind - spec_azure_disk_read_only: - description: - - Defaults to false (read/write). ReadOnly here will force the ReadOnly setting - in VolumeMounts. - aliases: - - azure_disk_read_only - type: bool - spec_azure_file_read_only: - description: - - Defaults to false (read/write). ReadOnly here will force the ReadOnly setting - in VolumeMounts. - aliases: - - azure_file_read_only - type: bool - spec_azure_file_secret_name: - description: - - the name of secret that contains Azure Storage Account Name and Key - aliases: - - azure_file_secret_name - spec_azure_file_secret_namespace: - description: - - the namespace of the secret that contains Azure Storage Account Name and Key - default is the same as the Pod - aliases: - - azure_file_secret_namespace - spec_azure_file_share_name: - description: - - Share Name - aliases: - - azure_file_share_name - spec_capacity: - description: - - A description of the persistent volume's resources and capacity. - aliases: - - capacity - type: dict - spec_cephfs_monitors: - description: - - 'Required: Monitors is a collection of Ceph monitors' - aliases: - - cephfs_monitors - type: list - spec_cephfs_path: - description: - - 'Optional: Used as the mounted root, rather than the full Ceph tree, default - is /' - aliases: - - cephfs_path - spec_cephfs_read_only: - description: - - 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' - aliases: - - cephfs_read_only - type: bool - spec_cephfs_secret_file: - description: - - 'Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret' - aliases: - - cephfs_secret_file - spec_cephfs_secret_ref_name: - description: - - Name is unique within a namespace to reference a secret resource. - aliases: - - cephfs_secret_ref_name - spec_cephfs_secret_ref_namespace: - description: - - Namespace defines the space within which the secret name must be unique. - aliases: - - cephfs_secret_ref_namespace - spec_cephfs_user: - description: - - 'Optional: User is the rados user name, default is admin' - aliases: - - cephfs_user - spec_cinder_fs_type: - description: - - 'Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if - unspecified.' - aliases: - - cinder_fs_type - spec_cinder_read_only: - description: - - 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' - aliases: - - cinder_read_only - type: bool - spec_cinder_volume_id: - description: - - volume id used to identify the volume in cinder - aliases: - - cinder_volume_id - spec_claim_ref_api_version: - description: - - API version of the referent. - aliases: - - claim_ref_api_version - spec_claim_ref_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - claim_ref_field_path - spec_claim_ref_kind: - description: - - Kind of the referent. - aliases: - - claim_ref_kind - spec_claim_ref_name: - description: - - Name of the referent. - aliases: - - claim_ref_name - spec_claim_ref_namespace: - description: - - Namespace of the referent. - aliases: - - claim_ref_namespace - spec_claim_ref_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - claim_ref_resource_version - spec_claim_ref_uid: - description: - - UID of the referent. - aliases: - - claim_ref_uid - spec_fc_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - aliases: - - fc_fs_type - spec_fc_lun: - description: - - 'Optional: FC target lun number' - aliases: - - fc_lun - type: int - spec_fc_read_only: - description: - - 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' - aliases: - - fc_read_only - type: bool - spec_fc_target_ww_ns: - description: - - 'Optional: FC target worldwide names (WWNs)' - aliases: - - fc_target_ww_ns - type: list - spec_fc_wwids: - description: - - 'Optional: FC volume world wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both simultaneously.' - aliases: - - fc_wwids - type: list - spec_flex_volume_driver: - description: - - Driver is the name of the driver to use for this volume. - aliases: - - flex_volume_driver - spec_flex_volume_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume - script. - aliases: - - flex_volume_fs_type - spec_flex_volume_options: - description: - - 'Optional: Extra command options if any.' - aliases: - - flex_volume_options - type: dict - spec_flex_volume_read_only: - description: - - 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' - aliases: - - flex_volume_read_only - type: bool - spec_flex_volume_secret_ref_name: - description: - - Name of the referent. - aliases: - - flex_volume_secret_ref_name - spec_flocker_dataset_name: - description: - - Name of the dataset stored as metadata -> name on the dataset for Flocker should - be considered as deprecated - aliases: - - flocker_dataset_name - spec_flocker_dataset_uuid: - description: - - UUID of the dataset. This is unique identifier of a Flocker dataset - aliases: - - flocker_dataset_uuid - spec_gce_persistent_disk_fs_type: - description: - - 'Filesystem type of the volume that you want to mount. Tip: Ensure that the - filesystem type is supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.' - aliases: - - gce_persistent_disk_fs_type - spec_gce_persistent_disk_partition: - description: - - 'The partition in the volume that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume /dev/sda1, you specify the - partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you - can leave the property empty).' - aliases: - - gce_persistent_disk_partition - type: int - spec_gce_persistent_disk_pd_name: - description: - - Unique name of the PD resource in GCE. Used to identify the disk in GCE. - aliases: - - gce_persistent_disk_pd_name - spec_gce_persistent_disk_read_only: - description: - - ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. - aliases: - - gce_persistent_disk_read_only - type: bool - spec_glusterfs_endpoints: - description: - - EndpointsName is the endpoint name that details Glusterfs topology. - aliases: - - glusterfs_endpoints - spec_glusterfs_path: - description: - - Path is the Glusterfs volume path. - aliases: - - glusterfs_path - spec_glusterfs_read_only: - description: - - ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. - Defaults to false. - aliases: - - glusterfs_read_only - type: bool - spec_host_path_path: - description: - - Path of the directory on the host. If the path is a symlink, it will follow - the link to the real path. - aliases: - - host_path_path - spec_host_path_type: - description: - - Type for HostPath Volume Defaults to "" - aliases: - - host_path_type - spec_iscsi_chap_auth_discovery: - description: - - whether support iSCSI Discovery CHAP authentication - aliases: - - iscsi_chap_auth_discovery - type: bool - spec_iscsi_chap_auth_session: - description: - - whether support iSCSI Session CHAP authentication - aliases: - - iscsi_chap_auth_session - type: bool - spec_iscsi_fs_type: - description: - - 'Filesystem type of the volume that you want to mount. Tip: Ensure that the - filesystem type is supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.' - aliases: - - iscsi_fs_type - spec_iscsi_initiator_name: - description: - - Custom iSCSI initiator name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created - for the connection. - aliases: - - iscsi_initiator_name - spec_iscsi_iqn: - description: - - Target iSCSI Qualified Name. - aliases: - - iscsi_iqn - spec_iscsi_iscsi_interface: - description: - - "Optional: Defaults to 'default' (tcp). iSCSI interface name that uses an iSCSI\ - \ transport." - aliases: - - iscsi_iscsi_interface - spec_iscsi_lun: - description: - - iSCSI target lun number. - aliases: - - iscsi_lun - type: int - spec_iscsi_portals: - description: - - iSCSI target portal List. The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports 860 and 3260). - aliases: - - iscsi_portals - type: list - spec_iscsi_read_only: - description: - - ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. - aliases: - - iscsi_read_only - type: bool - spec_iscsi_secret_ref_name: - description: - - Name of the referent. - aliases: - - iscsi_secret_ref_name - spec_iscsi_target_portal: - description: - - iSCSI target portal. The portal is either an IP or ip_addr:port if the port - is other than default (typically TCP ports 860 and 3260). - aliases: - - iscsi_target_portal - spec_local_path: - description: - - The full path to the volume on the node For alpha, this path must be a directory - Once block as a source is supported, then this path can point to a block device - aliases: - - local_path - spec_mount_options: - description: - - A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will simply - fail if one is invalid. - aliases: - - mount_options - type: list - spec_nfs_path: - description: - - Path that is exported by the NFS server. - aliases: - - nfs_path - spec_nfs_read_only: - description: - - ReadOnly here will force the NFS export to be mounted with read-only permissions. - Defaults to false. - aliases: - - nfs_read_only - type: bool - spec_nfs_server: - description: - - Server is the hostname or IP address of the NFS server. - aliases: - - nfs_server - spec_persistent_volume_reclaim_policy: - description: - - What happens to a persistent volume when released from its claim. Valid options - are Retain (default) and Recycle. Recycling must be supported by the volume - plugin underlying this persistent volume. - aliases: - - persistent_volume_reclaim_policy - spec_photon_persistent_disk_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - aliases: - - photon_persistent_disk_fs_type - spec_photon_persistent_disk_pd_id: - description: - - ID that identifies Photon Controller persistent disk - aliases: - - photon_persistent_disk_pd_id - spec_portworx_volume_fs_type: - description: - - FSType represents the filesystem type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" - if unspecified. - aliases: - - portworx_volume_fs_type - spec_portworx_volume_read_only: - description: - - Defaults to false (read/write). ReadOnly here will force the ReadOnly setting - in VolumeMounts. - aliases: - - portworx_volume_read_only - type: bool - spec_portworx_volume_volume_id: - description: - - VolumeID uniquely identifies a Portworx volume - aliases: - - portworx_volume_volume_id - spec_quobyte_group: - description: - - Group to map volume access to Default is no group - aliases: - - quobyte_group - spec_quobyte_read_only: - description: - - ReadOnly here will force the Quobyte volume to be mounted with read-only permissions. - Defaults to false. - aliases: - - quobyte_read_only - type: bool - spec_quobyte_registry: - description: - - Registry represents a single or multiple Quobyte Registry services specified - as a string as host:port pair (multiple entries are separated with commas) which - acts as the central registry for volumes - aliases: - - quobyte_registry - spec_quobyte_user: - description: - - User to map volume access to Defaults to serivceaccount user - aliases: - - quobyte_user - spec_quobyte_volume: - description: - - Volume is a string that references an already created Quobyte volume by name. - aliases: - - quobyte_volume - spec_rbd_fs_type: - description: - - 'Filesystem type of the volume that you want to mount. Tip: Ensure that the - filesystem type is supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.' - aliases: - - rbd_fs_type - spec_rbd_image: - description: - - The rados image name. - aliases: - - rbd_image - spec_rbd_keyring: - description: - - Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. - aliases: - - rbd_keyring - spec_rbd_monitors: - description: - - A collection of Ceph monitors. - aliases: - - rbd_monitors - type: list - spec_rbd_pool: - description: - - The rados pool name. Default is rbd. - aliases: - - rbd_pool - spec_rbd_read_only: - description: - - ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. - aliases: - - rbd_read_only - type: bool - spec_rbd_secret_ref_name: - description: - - Name of the referent. - aliases: - - rbd_secret_ref_name - spec_rbd_user: - description: - - The rados user name. Default is admin. - aliases: - - rbd_user - spec_scale_io_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - aliases: - - scale_io_fs_type - spec_scale_io_gateway: - description: - - The host address of the ScaleIO API Gateway. - aliases: - - scale_io_gateway - spec_scale_io_protection_domain: - description: - - The name of the ScaleIO Protection Domain for the configured storage. - aliases: - - scale_io_protection_domain - spec_scale_io_read_only: - description: - - Defaults to false (read/write). ReadOnly here will force the ReadOnly setting - in VolumeMounts. - aliases: - - scale_io_read_only - type: bool - spec_scale_io_secret_ref_name: - description: - - Name is unique within a namespace to reference a secret resource. - aliases: - - scale_io_secret_ref_name - spec_scale_io_secret_ref_namespace: - description: - - Namespace defines the space within which the secret name must be unique. - aliases: - - scale_io_secret_ref_namespace - spec_scale_io_ssl_enabled: - description: - - Flag to enable/disable SSL communication with Gateway, default false - aliases: - - scale_io_ssl_enabled - type: bool - spec_scale_io_storage_mode: - description: - - Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - aliases: - - scale_io_storage_mode - spec_scale_io_storage_pool: - description: - - The ScaleIO Storage Pool associated with the protection domain. - aliases: - - scale_io_storage_pool - spec_scale_io_system: - description: - - The name of the storage system as configured in ScaleIO. - aliases: - - scale_io_system - spec_scale_io_volume_name: - description: - - The name of a volume already created in the ScaleIO system that is associated - with this volume source. - aliases: - - scale_io_volume_name - spec_storage_class_name: - description: - - Name of StorageClass to which this persistent volume belongs. Empty value means - that this volume does not belong to any StorageClass. - aliases: - - storage_class_name - spec_storageos_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - aliases: - - storageos_fs_type - spec_storageos_read_only: - description: - - Defaults to false (read/write). ReadOnly here will force the ReadOnly setting - in VolumeMounts. - aliases: - - storageos_read_only - type: bool - spec_storageos_secret_ref_api_version: - description: - - API version of the referent. - aliases: - - storageos_secret_ref_api_version - spec_storageos_secret_ref_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - storageos_secret_ref_field_path - spec_storageos_secret_ref_kind: - description: - - Kind of the referent. - aliases: - - storageos_secret_ref_kind - spec_storageos_secret_ref_name: - description: - - Name of the referent. - aliases: - - storageos_secret_ref_name - spec_storageos_secret_ref_namespace: - description: - - Namespace of the referent. - aliases: - - storageos_secret_ref_namespace - spec_storageos_secret_ref_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - storageos_secret_ref_resource_version - spec_storageos_secret_ref_uid: - description: - - UID of the referent. - aliases: - - storageos_secret_ref_uid - spec_storageos_volume_name: - description: - - VolumeName is the human-readable name of the StorageOS volume. Volume names - are only unique within a namespace. - aliases: - - storageos_volume_name - spec_storageos_volume_namespace: - description: - - VolumeNamespace specifies the scope of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be used. This allows the Kubernetes - name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set to "default" if you are not - using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS - will be created. - aliases: - - storageos_volume_namespace - spec_vsphere_volume_fs_type: - description: - - Filesystem type to mount. Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - aliases: - - vsphere_volume_fs_type - spec_vsphere_volume_storage_policy_id: - description: - - Storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - aliases: - - vsphere_volume_storage_policy_id - spec_vsphere_volume_storage_policy_name: - description: - - Storage Policy Based Management (SPBM) profile name. - aliases: - - vsphere_volume_storage_policy_name - spec_vsphere_volume_volume_path: - description: - - Path that identifies vSphere volume vmdk - aliases: - - vsphere_volume_volume_path - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create persitent volume - k8s_v1_persistent_volume.yml: - name: mypv - state: present - capacity: - storage: 1Gi - access_modes: - - ReadWriteOnce - persistent_volume_reclaim_policy: Recycle - host_path_path: /tmp/test_volume -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -persistent_volume: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines a specification of a persistent volume owned by the cluster. - Provisioned by an administrator. - type: complex - status: - description: - - Status represents the current information/status for the persistent volume. - Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('persistent_volume', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_persistent_volume_claim.py b/library/k8s_v1_persistent_volume_claim.py deleted file mode 100644 index 8e415203..00000000 --- a/library/k8s_v1_persistent_volume_claim.py +++ /dev/null @@ -1,222 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_persistent_volume_claim -short_description: Kubernetes PersistentVolumeClaim -description: -- Manage the lifecycle of a persistent_volume_claim object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_access_modes: - description: - - AccessModes contains the desired access modes the volume should have. - aliases: - - access_modes - type: list - spec_resources_limits: - description: - - Limits describes the maximum amount of compute resources allowed. - aliases: - - resources_limits - type: dict - spec_resources_requests: - description: - - Requests describes the minimum amount of compute resources required. If Requests - is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. - aliases: - - resources_requests - type: dict - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_storage_class_name: - description: - - Name of the StorageClass required by the claim. - aliases: - - storage_class_name - spec_volume_name: - description: - - VolumeName is the binding reference to the PersistentVolume backing this claim. - aliases: - - volume_name - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create persitent volume claim - k8s_v1_persistent_volume_claim.yml: - name: mypvc - namespace: demo_project - state: present - access_modes: - - ReadWriteOnce - resources_requests: - storage: 1Gi -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -persistent_volume_claim: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired characteristics of a volume requested by a pod author. - type: complex - status: - description: - - Status represents the current information/status of a persistent volume claim. - Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('persistent_volume_claim', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_persistent_volume_claim_list.py b/library/k8s_v1_persistent_volume_claim_list.py deleted file mode 100644 index 84934639..00000000 --- a/library/k8s_v1_persistent_volume_claim_list.py +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_persistent_volume_claim_list -short_description: Kubernetes PersistentVolumeClaimList -description: -- Retrieve a list of persistent_volume_claims. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -persistent_volume_claim_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - A list of persistent volume claims. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired characteristics of a volume requested by a pod - author. - type: complex - status: - description: - - Status represents the current information/status of a persistent volume - claim. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('persistent_volume_claim_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_persistent_volume_list.py b/library/k8s_v1_persistent_volume_list.py deleted file mode 100644 index 457de3c5..00000000 --- a/library/k8s_v1_persistent_volume_list.py +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_persistent_volume_list -short_description: Kubernetes PersistentVolumeList -description: -- Retrieve a list of persistent_volumes. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -persistent_volume_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of persistent volumes. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines a specification of a persistent volume owned by the cluster. - Provisioned by an administrator. - type: complex - status: - description: - - Status represents the current information/status for the persistent volume. - Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('persistent_volume_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_pod.py b/library/k8s_v1_pod.py deleted file mode 100644 index e2b19d52..00000000 --- a/library/k8s_v1_pod.py +++ /dev/null @@ -1,466 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_pod -short_description: Kubernetes Pod -description: -- Manage the lifecycle of a pod object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the pod. - type: complex - status: - description: - - Most recently observed status of the pod. This data may not be up to date. - Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_pod_list.py b/library/k8s_v1_pod_list.py deleted file mode 100644 index 5236efc0..00000000 --- a/library/k8s_v1_pod_list.py +++ /dev/null @@ -1,166 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_pod_list -short_description: Kubernetes PodList -description: -- Retrieve a list of pods. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of pods. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the pod. - type: complex - status: - description: - - Most recently observed status of the pod. This data may not be up to date. - Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_pod_template.py b/library/k8s_v1_pod_template.py deleted file mode 100644 index 0e367390..00000000 --- a/library/k8s_v1_pod_template.py +++ /dev/null @@ -1,484 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_pod_template -short_description: Kubernetes PodTemplate -description: -- Manage the lifecycle of a pod_template object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_template: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - template: - description: - - Template defines the pods that will be created from this pod template. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_template', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_pod_template_list.py b/library/k8s_v1_pod_template_list.py deleted file mode 100644 index 38223dc4..00000000 --- a/library/k8s_v1_pod_template_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_pod_template_list -short_description: Kubernetes PodTemplateList -description: -- Retrieve a list of pod_templates. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_template_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of pod templates - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - template: - description: - - Template defines the pods that will be created from this pod template. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_template_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_replication_controller.py b/library/k8s_v1_replication_controller.py deleted file mode 100644 index 5e12b183..00000000 --- a/library/k8s_v1_replication_controller.py +++ /dev/null @@ -1,517 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_replication_controller -short_description: Kubernetes ReplicationController -description: -- Manage the lifecycle of a replication_controller object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_replicas: - description: - - Replicas is the number of desired replicas. This is a pointer to distinguish - between explicit zero and unspecified. Defaults to 1. - aliases: - - replicas - type: int - spec_selector: - description: - - Selector is a label query over pods that should match the Replicas count. If - Selector is empty, it is defaulted to the labels present on the Pod template. - Label keys and values that must match in order to be controlled by this replication - controller, if empty defaulted to labels on Pod template. - aliases: - - selector - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replication_controller: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicationController are empty, they are defaulted to - be the same as the Pod(s) that the replication controller manages. Standard - object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the replication - controller. - type: complex - status: - description: - - Status is the most recently observed status of the replication controller. - This data may be out of date by some window of time. Populated by the system. - Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('replication_controller', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_replication_controller_list.py b/library/k8s_v1_replication_controller_list.py deleted file mode 100644 index 33af9445..00000000 --- a/library/k8s_v1_replication_controller_list.py +++ /dev/null @@ -1,170 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_replication_controller_list -short_description: Kubernetes ReplicationControllerList -description: -- Retrieve a list of replication_controllers. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replication_controller_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of replication controllers. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicationController are empty, they are defaulted - to be the same as the Pod(s) that the replication controller manages. - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the replication - controller. - type: complex - status: - description: - - Status is the most recently observed status of the replication controller. - This data may be out of date by some window of time. Populated by the - system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('replication_controller_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_resource_quota.py b/library/k8s_v1_resource_quota.py deleted file mode 100644 index fcd7bd53..00000000 --- a/library/k8s_v1_resource_quota.py +++ /dev/null @@ -1,179 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_resource_quota -short_description: Kubernetes ResourceQuota -description: -- Manage the lifecycle of a resource_quota object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_hard: - description: - - Hard is the set of desired hard limits for each named resource. - aliases: - - hard - type: dict - spec_scopes: - description: - - A collection of filters that must match each object tracked by a quota. If not - specified, the quota matches all objects. - aliases: - - scopes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -resource_quota: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired quota. - type: complex - status: - description: - - Status defines the actual enforced quota and its current usage. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('resource_quota', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_resource_quota_list.py b/library/k8s_v1_resource_quota_list.py deleted file mode 100644 index 099ae40b..00000000 --- a/library/k8s_v1_resource_quota_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_resource_quota_list -short_description: Kubernetes ResourceQuotaList -description: -- Retrieve a list of resource_quotas. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -resource_quota_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ResourceQuota objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired quota. - type: complex - status: - description: - - Status defines the actual enforced quota and its current usage. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('resource_quota_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_role.py b/library/k8s_v1_role.py deleted file mode 100644 index 5d65dc65..00000000 --- a/library/k8s_v1_role.py +++ /dev/null @@ -1,202 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_role -short_description: Kubernetes Role -description: -- Manage the lifecycle of a role object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable for - ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply - to API resources (such as "pods" or "secrets") or non-resource URL paths - (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_role_binding.py b/library/k8s_v1_role_binding.py deleted file mode 100644 index cade4763..00000000 --- a/library/k8s_v1_role_binding.py +++ /dev/null @@ -1,208 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_role_binding -short_description: Kubernetes RoleBinding -description: -- Manage the lifecycle of a role_binding object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_group: - description: - - APIGroup is the group for the resource being referenced - aliases: - - api_group - role_ref_kind: - description: - - Kind is the type of resource being referenced - aliases: - - kind - role_ref_name: - description: - - Name is the name of resource being referenced - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can reference a Role in the current namespace or a ClusterRole in - the global namespace. If the RoleRef cannot be resolved, the Authorizer must - return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to "" - for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for - User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group are - "User", "Group", and "ServiceAccount". If the Authorizer does not recognized - the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_binding', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_role_binding_list.py b/library/k8s_v1_role_binding_list.py deleted file mode 100644 index d00d147a..00000000 --- a/library/k8s_v1_role_binding_list.py +++ /dev/null @@ -1,190 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_role_binding_list -short_description: Kubernetes RoleBindingList -description: -- Retrieve a list of role_bindings. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of RoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can reference a Role in the current namespace or a ClusterRole - in the global namespace. If the RoleRef cannot be resolved, the Authorizer - must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to - "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group - are "User", "Group", and "ServiceAccount". If the Authorizer does - not recognized the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_binding_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_role_list.py b/library/k8s_v1_role_list.py deleted file mode 100644 index 42bf32da..00000000 --- a/library/k8s_v1_role_list.py +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_role_list -short_description: Kubernetes RoleList -description: -- Retrieve a list of roles. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of Roles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If multiple API groups are specified, any action requested against - one of the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable - for ClusterRoles referenced from a ClusterRoleBinding. Rules can either - apply to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_scale.py b/library/k8s_v1_scale.py deleted file mode 100644 index f86e4566..00000000 --- a/library/k8s_v1_scale.py +++ /dev/null @@ -1,148 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_scale -short_description: Kubernetes Scale -description: -- Manage the lifecycle of a scale object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_replicas: - description: - - desired number of instances for the scaled object. - aliases: - - replicas - type: int - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -scale: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - spec: - description: - - defines the behavior of the scale. - type: complex - status: - description: - - current status of the scale. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('scale', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_secret.py b/library/k8s_v1_secret.py deleted file mode 100644 index 57c839e2..00000000 --- a/library/k8s_v1_secret.py +++ /dev/null @@ -1,195 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_secret -short_description: Kubernetes Secret -description: -- Manage the lifecycle of a secret object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - data: - description: - - Data contains the secret data. Each key must consist of alphanumeric characters, - '-', '_' or '.'. The serialized form of the secret data is a base64 encoded - string, representing the arbitrary (possibly non-string) data value here. Described - in - type: dict - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - string_data: - description: - - stringData allows specifying non-binary secret data in string form. It is provided - as a write-only convenience method. All keys and values are merged into the - data field on write, overwriting any existing values. It is never output when - reading from the API. - type: dict - type: - description: - - Used to facilitate programmatic handling of secret data. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -secret: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - data: - description: - - Data contains the secret data. Each key must consist of alphanumeric characters, - '-', '_' or '.'. The serialized form of the secret data is a base64 encoded - string, representing the arbitrary (possibly non-string) data value here. - Described in - type: complex - contains: str, str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - string_data: - description: - - stringData allows specifying non-binary secret data in string form. It is - provided as a write-only convenience method. All keys and values are merged - into the data field on write, overwriting any existing values. It is never - output when reading from the API. - type: complex - contains: str, str - type: - description: - - Used to facilitate programmatic handling of secret data. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('secret', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_secret_list.py b/library/k8s_v1_secret_list.py deleted file mode 100644 index 38b12479..00000000 --- a/library/k8s_v1_secret_list.py +++ /dev/null @@ -1,177 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_secret_list -short_description: Kubernetes SecretList -description: -- Retrieve a list of secrets. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -secret_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of secret objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - data: - description: - - Data contains the secret data. Each key must consist of alphanumeric characters, - '-', '_' or '.'. The serialized form of the secret data is a base64 encoded - string, representing the arbitrary (possibly non-string) data value here. - Described in - type: complex - contains: str, str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - string_data: - description: - - stringData allows specifying non-binary secret data in string form. It - is provided as a write-only convenience method. All keys and values are - merged into the data field on write, overwriting any existing values. - It is never output when reading from the API. - type: complex - contains: str, str - type: - description: - - Used to facilitate programmatic handling of secret data. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('secret_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_self_subject_access_review.py b/library/k8s_v1_self_subject_access_review.py deleted file mode 100644 index 5f3a0a39..00000000 --- a/library/k8s_v1_self_subject_access_review.py +++ /dev/null @@ -1,194 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_self_subject_access_review -short_description: Kubernetes SelfSubjectAccessReview -description: -- Manage the lifecycle of a self_subject_access_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_non_resource_attributes_path: - description: - - Path is the URL path of the request - aliases: - - non_resource_attributes_path - spec_non_resource_attributes_verb: - description: - - Verb is the standard HTTP verb - aliases: - - non_resource_attributes_verb - spec_resource_attributes_group: - description: - - Group is the API Group of the Resource. "*" means all. - aliases: - - resource_attributes_group - spec_resource_attributes_name: - description: - - Name is the name of the resource being requested for a "get" or deleted for - a "delete". "" (empty) means all. - aliases: - - resource_attributes_name - spec_resource_attributes_namespace: - description: - - Namespace is the namespace of the action being requested. Currently, there is - no distinction between no namespace and all namespaces "" (empty) is defaulted - for LocalSubjectAccessReviews "" (empty) is empty for cluster-scoped resources - "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview - or SelfSubjectAccessReview - aliases: - - resource_attributes_namespace - spec_resource_attributes_resource: - description: - - Resource is one of the existing resource types. "*" means all. - aliases: - - resource_attributes_resource - spec_resource_attributes_subresource: - description: - - Subresource is one of the existing resource types. "" means none. - aliases: - - resource_attributes_subresource - spec_resource_attributes_verb: - description: - - 'Verb is a kubernetes resource API verb, like: get, list, watch, create, update, - delete, proxy. "*" means all.' - aliases: - - resource_attributes_verb - spec_resource_attributes_version: - description: - - Version is the API Version of the Resource. "*" means all. - aliases: - - resource_attributes_version - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -self_subject_access_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated. user and groups - must be empty - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request is allowed - or not - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('self_subject_access_review', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_self_subject_rules_review.py b/library/k8s_v1_self_subject_rules_review.py deleted file mode 100644 index db641f62..00000000 --- a/library/k8s_v1_self_subject_rules_review.py +++ /dev/null @@ -1,145 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_self_subject_rules_review -short_description: Kubernetes SelfSubjectRulesReview -description: -- Manage the lifecycle of a self_subject_rules_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_namespace: - description: - - Namespace to evaluate rules for. Required. - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -self_subject_rules_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated. - type: complex - status: - description: - - Status is filled in by the server and indicates the set of actions a user - can perform. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('self_subject_rules_review', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_service.py b/library/k8s_v1_service.py deleted file mode 100644 index 50fe5662..00000000 --- a/library/k8s_v1_service.py +++ /dev/null @@ -1,360 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_service -short_description: Kubernetes Service -description: -- Manage the lifecycle of a service object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_cluster_ip: - description: - - clusterIP is the IP address of the service and is usually assigned randomly - by the master. If an address is specified manually and is not in use by others, - it will be allocated to the service; otherwise, creation of the service will - fail. This field can not be changed through updates. Valid values are "None", - empty string (""), or a valid IP address. "None" can be specified for headless - services when proxying is not required. Only applies to types ClusterIP, NodePort, - and LoadBalancer. Ignored if type is ExternalName. - aliases: - - cluster_ip - spec_external_i_ps: - description: - - externalIPs is a list of IP addresses for which nodes in the cluster will also - accept traffic for this service. These IPs are not managed by Kubernetes. The - user is responsible for ensuring that traffic arrives at a node with this IP. - A common example is external load-balancers that are not part of the Kubernetes - system. - aliases: - - external_i_ps - type: list - spec_external_name: - description: - - externalName is the external reference that kubedns or equivalent will return - as a CNAME record for this service. No proxying will be involved. Must be a - valid DNS name and requires Type to be ExternalName. - aliases: - - external_name - spec_external_traffic_policy: - description: - - externalTrafficPolicy denotes if this Service desires to route external traffic - to node-local or cluster-wide endpoints. "Local" preserves the client source - IP and avoids a second hop for LoadBalancer and Nodeport type services, but - risks potentially imbalanced traffic spreading. "Cluster" obscures the client - source IP and may cause a second hop to another node, but should have good overall - load-spreading. - aliases: - - external_traffic_policy - spec_health_check_node_port: - description: - - healthCheckNodePort specifies the healthcheck nodePort for the service. If not - specified, HealthCheckNodePort is created by the service api backend with the - allocated nodePort. Will use user-specified nodePort value if specified by the - client. Only effects when Type is set to LoadBalancer and ExternalTrafficPolicy - is set to Local. - aliases: - - health_check_node_port - type: int - spec_load_balancer_ip: - description: - - 'Only applies to Service Type: LoadBalancer LoadBalancer will get created with - the IP specified in this field. This feature depends on whether the underlying - cloud-provider supports specifying the loadBalancerIP when a load balancer is - created. This field will be ignored if the cloud-provider does not support the - feature.' - aliases: - - load_balancer_ip - spec_load_balancer_source_ranges: - description: - - If specified and supported by the platform, this will restrict traffic through - the cloud-provider load-balancer will be restricted to the specified client - IPs. This field will be ignored if the cloud-provider does not support the feature." - aliases: - - load_balancer_source_ranges - type: list - spec_ports: - description: - - The list of ports that are exposed by this service. - aliases: - - ports - type: list - spec_publish_not_ready_addresses: - description: - - publishNotReadyAddresses, when set to true, indicates that DNS implementations - must publish the notReadyAddresses of subsets for the Endpoints associated with - the Service. The default value is false. The primary use case for setting this - field is to use a StatefulSet's Headless Service to propagate SRV records for - its Pods without respect to their readiness for purpose of peer discovery. This - field will replace the service.alpha.kubernetes.io/tolerate-unready-endpoints - when that annotation is deprecated and all clients have been converted to use - this field. - aliases: - - publish_not_ready_addresses - type: bool - spec_selector: - description: - - Route service traffic to pods with label keys and values matching this selector. - If empty or not present, the service is assumed to have an external process - managing its endpoints, which Kubernetes will not modify. Only applies to types - ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. - aliases: - - selector - type: dict - spec_session_affinity: - description: - - Supports "ClientIP" and "None". Used to maintain session affinity. Enable client - IP based session affinity. Must be ClientIP or None. Defaults to None. - aliases: - - session_affinity - spec_session_affinity_config_client_ip_timeout_seconds: - description: - - timeoutSeconds specifies the seconds of ClientIP type session sticky time. The - value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". Default - value is 10800(for 3 hours). - aliases: - - session_affinity__clientip_timeout_seconds - type: int - spec_type: - description: - - type determines how the Service is exposed. Defaults to ClusterIP. Valid options - are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ExternalName" maps - to the specified externalName. "ClusterIP" allocates a cluster-internal IP address - for load-balancing to endpoints. Endpoints are determined by the selector or - if that is not specified, by manual construction of an Endpoints object. If - clusterIP is "None", no virtual IP is allocated and the endpoints are published - as a set of endpoints rather than a stable IP. "NodePort" builds on ClusterIP - and allocates a port on every node which routes to the clusterIP. "LoadBalancer" - builds on NodePort and creates an external load-balancer (if supported in the - current cloud) which routes to the clusterIP. - aliases: - - type - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create service - k8s_v1_service.yml: - name: myservice - namespace: k8s-project - state: present - selector: - app: django - ports: - - port: 8765 - target_port: 8000 - name: http-port - type: ClusterIP - -- name: Patch service - k8s_v1_service.yml: - name: myservice - namespace: k8s-project - state: present - selector: - app: django - env: production - ports: - - port: 8765 - target_port: 8010 - name: http-port - - port: 8788 - target_port: 8080 - name: socket-port - type: ClusterIP - -- name: Create service - k8s_v1_service.yml: - name: myservice01 - namespace: k8s-project - state: present - selector: - app_name: service_testing - app_env: production - ports: - - port: 8888 - target_port: 8010 - name: http - type: ClusterIP - -- name: Patch service - k8s_v1_service.yml: - name: myservice01 - namespace: k8s-project - state: present - ports: - - port: 9443 - target_port: 9443 - name: https - - port: 8888 - target_port: 8015 - name: http - -- name: Repace service - k8s_v1_service.yml: - name: myservice01 - namespace: k8s-project - state: replaced - selector: - app_name: web_site - app_env: testing - ports: - - port: 9999 - target_port: 9999 - name: https - - port: 8080 - target_port: 8080 - name: http - type: NodePort -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -service: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of a service. - type: complex - status: - description: - - Most recently observed status of the service. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('service', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_service_account.py b/library/k8s_v1_service_account.py deleted file mode 100644 index 6c397c4e..00000000 --- a/library/k8s_v1_service_account.py +++ /dev/null @@ -1,235 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_service_account -short_description: Kubernetes ServiceAccount -description: -- Manage the lifecycle of a service_account object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether pods running as this service - account should have an API token automatically mounted. Can be overridden at - the pod level. - type: bool - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - image_pull_secrets: - description: - - ImagePullSecrets is a list of references to secrets in the same namespace to - use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets - are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets - are only accessed by the kubelet. - type: list - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - secrets: - description: - - Secrets is the list of secrets allowed to be used by pods running using this - ServiceAccount. - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -service_account: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether pods running as this service - account should have an API token automatically mounted. Can be overridden - at the pod level. - type: bool - image_pull_secrets: - description: - - ImagePullSecrets is a list of references to secrets in the same namespace - to use for pulling any images in pods that reference this ServiceAccount. - ImagePullSecrets are distinct from Secrets because Secrets can be mounted - in the pod, but ImagePullSecrets are only accessed by the kubelet. - type: list - contains: - name: - description: - - Name of the referent. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - secrets: - description: - - Secrets is the list of secrets allowed to be used by pods running using this - ServiceAccount. - type: list - contains: - api_version: - description: - - API version of the referent. - type: str - field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this - string should contain a valid JSON/Go field access statement, such as - desiredState.manifest.containers[2]. For example, if the object reference - is to a container within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered the event) - or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object.' - type: str - kind: - description: - - Kind of the referent. - type: str - name: - description: - - Name of the referent. - type: str - namespace: - description: - - Namespace of the referent. - type: str - resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - type: str - uid: - description: - - UID of the referent. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('service_account', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_service_account_list.py b/library/k8s_v1_service_account_list.py deleted file mode 100644 index ee94c7bc..00000000 --- a/library/k8s_v1_service_account_list.py +++ /dev/null @@ -1,217 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_service_account_list -short_description: Kubernetes ServiceAccountList -description: -- Retrieve a list of service_accounts. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -service_account_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ServiceAccounts. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether pods running as this service - account should have an API token automatically mounted. Can be overridden - at the pod level. - type: bool - image_pull_secrets: - description: - - ImagePullSecrets is a list of references to secrets in the same namespace - to use for pulling any images in pods that reference this ServiceAccount. - ImagePullSecrets are distinct from Secrets because Secrets can be mounted - in the pod, but ImagePullSecrets are only accessed by the kubelet. - type: list - contains: - name: - description: - - Name of the referent. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - secrets: - description: - - Secrets is the list of secrets allowed to be used by pods running using - this ServiceAccount. - type: list - contains: - api_version: - description: - - API version of the referent. - type: str - field_path: - description: - - 'If referring to a piece of an object instead of an entire object, - this string should contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For example, if the object - reference is to a container within a pod, this would take on a value - like: "spec.containers{name}" (where "name" refers to the name of - the container that triggered the event) or if no container name is - specified "spec.containers[2]" (container with index 2 in this pod). - This syntax is chosen only to have some well-defined way of referencing - a part of an object.' - type: str - kind: - description: - - Kind of the referent. - type: str - name: - description: - - Name of the referent. - type: str - namespace: - description: - - Namespace of the referent. - type: str - resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - type: str - uid: - description: - - UID of the referent. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('service_account_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_service_list.py b/library/k8s_v1_service_list.py deleted file mode 100644 index 4f09cef2..00000000 --- a/library/k8s_v1_service_list.py +++ /dev/null @@ -1,166 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_service_list -short_description: Kubernetes ServiceList -description: -- Retrieve a list of services. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -service_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of services - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of a service. - type: complex - status: - description: - - Most recently observed status of the service. Populated by the system. - Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('service_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_status.py b/library/k8s_v1_status.py deleted file mode 100644 index 23e07b74..00000000 --- a/library/k8s_v1_status.py +++ /dev/null @@ -1,184 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_status -short_description: Kubernetes Status -description: -- Manage the lifecycle of a status object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - code: - description: - - Suggested HTTP return code for this status, 0 if not set. - type: int - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - details_causes: - description: - - The Causes array includes more details associated with the StatusReason failure. - Not all StatusReasons may provide detailed causes. - aliases: - - causes - type: list - details_group: - description: - - The group attribute of the resource associated with the status StatusReason. - aliases: - - group - details_kind: - description: - - The kind attribute of the resource associated with the status StatusReason. - On some operations may differ from the requested resource Kind. - aliases: - - kind - details_name: - description: - - The name attribute of the resource associated with the status StatusReason (when - there is a single name which can be described). - aliases: - - name - details_retry_after_seconds: - description: - - If specified, the time in seconds before the operation should be retried. Some - errors may indicate the client must take an alternate action - for those errors - this field may indicate how long to wait before taking the alternate action. - aliases: - - retry_after_seconds - type: int - details_uid: - description: - - UID of the resource. (when there is a single resource which can be described). - aliases: - - uid - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - message: - description: - - A human-readable description of the status of this operation. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - reason: - description: - - A machine-readable description of why this operation is in the "Failure" status. - If this value is empty there is no information available. A Reason clarifies - an HTTP status code but does not override it. - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -status: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - code: - description: - - Suggested HTTP return code for this status, 0 if not set. - type: int - details: - description: - - Extended data associated with the reason. Each reason may define its own extended - details. This field is optional and the data returned is not guaranteed to - conform to any schema except that defined by the reason type. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - message: - description: - - A human-readable description of the status of this operation. - type: str - metadata: - description: - - Standard list metadata. - type: complex - reason: - description: - - A machine-readable description of why this operation is in the "Failure" status. - If this value is empty there is no information available. A Reason clarifies - an HTTP status code but does not override it. - type: str - status: - description: - - 'Status of the operation. One of: "Success" or "Failure".' - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('status', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_storage_class.py b/library/k8s_v1_storage_class.py deleted file mode 100644 index 53bd2356..00000000 --- a/library/k8s_v1_storage_class.py +++ /dev/null @@ -1,206 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_storage_class -short_description: Kubernetes StorageClass -description: -- Manage the lifecycle of a storage_class object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - allow_volume_expansion: - description: - - AllowVolumeExpansion shows whether the storage class allow volume expand - type: bool - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - mount_options: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with these mountOptions, e.g. ["ro", "soft"]. Not validated - mount of the PVs - will simply fail if one is invalid. - type: list - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - parameters: - description: - - Parameters holds the parameters for the provisioner that should create volumes - of this storage class. - type: dict - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - provisioner: - description: - - Provisioner indicates the type of the provisioner. - reclaim_policy: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with this reclaimPolicy. Defaults to Delete. - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -storage_class: - type: complex - returned: when I(state) = C(present) - contains: - allow_volume_expansion: - description: - - AllowVolumeExpansion shows whether the storage class allow volume expand - type: bool - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - mount_options: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with these mountOptions, e.g. ["ro", "soft"]. Not validated - mount of the - PVs will simply fail if one is invalid. - type: list - contains: str - parameters: - description: - - Parameters holds the parameters for the provisioner that should create volumes - of this storage class. - type: complex - contains: str, str - provisioner: - description: - - Provisioner indicates the type of the provisioner. - type: str - reclaim_policy: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with this reclaimPolicy. Defaults to Delete. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('storage_class', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_storage_class_list.py b/library/k8s_v1_storage_class_list.py deleted file mode 100644 index fe04f2cb..00000000 --- a/library/k8s_v1_storage_class_list.py +++ /dev/null @@ -1,183 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_storage_class_list -short_description: Kubernetes StorageClassList -description: -- Retrieve a list of storage_class. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -storage_class_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of StorageClasses - type: list - contains: - allow_volume_expansion: - description: - - AllowVolumeExpansion shows whether the storage class allow volume expand - type: bool - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - mount_options: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with these mountOptions, e.g. ["ro", "soft"]. Not validated - mount of - the PVs will simply fail if one is invalid. - type: list - contains: str - parameters: - description: - - Parameters holds the parameters for the provisioner that should create - volumes of this storage class. - type: complex - contains: str, str - provisioner: - description: - - Provisioner indicates the type of the provisioner. - type: str - reclaim_policy: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with this reclaimPolicy. Defaults to Delete. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('storage_class_list', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_subject_access_review.py b/library/k8s_v1_subject_access_review.py deleted file mode 100644 index fbd98eb4..00000000 --- a/library/k8s_v1_subject_access_review.py +++ /dev/null @@ -1,217 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_subject_access_review -short_description: Kubernetes SubjectAccessReview -description: -- Manage the lifecycle of a subject_access_review object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_extra: - description: - - Extra corresponds to the user.Info.GetExtra() method from the authenticator. - Since that is input to the authorizer it needs a reflection here. - aliases: - - extra - type: dict - spec_groups: - description: - - Groups is the groups you're testing for. - aliases: - - groups - type: list - spec_non_resource_attributes_path: - description: - - Path is the URL path of the request - aliases: - - non_resource_attributes_path - spec_non_resource_attributes_verb: - description: - - Verb is the standard HTTP verb - aliases: - - non_resource_attributes_verb - spec_resource_attributes_group: - description: - - Group is the API Group of the Resource. "*" means all. - aliases: - - resource_attributes_group - spec_resource_attributes_name: - description: - - Name is the name of the resource being requested for a "get" or deleted for - a "delete". "" (empty) means all. - aliases: - - resource_attributes_name - spec_resource_attributes_namespace: - description: - - Namespace is the namespace of the action being requested. Currently, there is - no distinction between no namespace and all namespaces "" (empty) is defaulted - for LocalSubjectAccessReviews "" (empty) is empty for cluster-scoped resources - "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview - or SelfSubjectAccessReview - aliases: - - resource_attributes_namespace - spec_resource_attributes_resource: - description: - - Resource is one of the existing resource types. "*" means all. - aliases: - - resource_attributes_resource - spec_resource_attributes_subresource: - description: - - Subresource is one of the existing resource types. "" means none. - aliases: - - resource_attributes_subresource - spec_resource_attributes_verb: - description: - - 'Verb is a kubernetes resource API verb, like: get, list, watch, create, update, - delete, proxy. "*" means all.' - aliases: - - resource_attributes_verb - spec_resource_attributes_version: - description: - - Version is the API Version of the Resource. "*" means all. - aliases: - - resource_attributes_version - spec_uid: - description: - - UID information about the requesting user. - aliases: - - uid - spec_user: - description: - - User is the user you're testing for. If you specify "User" but not "Groups", - then is it interpreted as "What if User were not a member of any groups - aliases: - - user - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -subject_access_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request is allowed - or not - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('subject_access_review', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1_token_review.py b/library/k8s_v1_token_review.py deleted file mode 100644 index 50eec535..00000000 --- a/library/k8s_v1_token_review.py +++ /dev/null @@ -1,147 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1_token_review -short_description: Kubernetes TokenReview -description: -- Manage the lifecycle of a token_review object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_token: - description: - - Token is the opaque bearer token. - aliases: - - token - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -token_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request can be - authenticated. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('token_review', 'v1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_cluster_role.py b/library/k8s_v1alpha1_cluster_role.py deleted file mode 100644 index 13d15be4..00000000 --- a/library/k8s_v1alpha1_cluster_role.py +++ /dev/null @@ -1,204 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_cluster_role -short_description: Kubernetes ClusterRole -description: -- Manage the lifecycle of a cluster_role object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path This - name is intentionally different than the internal type so that the DefaultConvert - works nicely and because the ordering may be different. Since non-resource - URLs are not namespaced, this field is only applicable for ClusterRoles - referenced from a ClusterRoleBinding. Rules can either apply to API resources - (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), - but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_cluster_role_binding.py b/library/k8s_v1alpha1_cluster_role_binding.py deleted file mode 100644 index bba2faba..00000000 --- a/library/k8s_v1alpha1_cluster_role_binding.py +++ /dev/null @@ -1,207 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_cluster_role_binding -short_description: Kubernetes ClusterRoleBinding -description: -- Manage the lifecycle of a cluster_role_binding object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_group: - description: - - APIGroup is the group for the resource being referenced - aliases: - - api_group - role_ref_kind: - description: - - Kind is the type of resource being referenced - aliases: - - kind - role_ref_name: - description: - - Name is the name of resource being referenced - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef - cannot be resolved, the Authorizer must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_version: - description: - - APIVersion holds the API group and version of the referenced subject. - Defaults to "v1" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io/v1alpha1" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group are - "User", "Group", and "ServiceAccount". If the Authorizer does not recognized - the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_binding', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_cluster_role_binding_list.py b/library/k8s_v1alpha1_cluster_role_binding_list.py deleted file mode 100644 index 173e8a4b..00000000 --- a/library/k8s_v1alpha1_cluster_role_binding_list.py +++ /dev/null @@ -1,189 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_cluster_role_binding_list -short_description: Kubernetes ClusterRoleBindingList -description: -- Retrieve a list of cluster_role_bindings. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference a ClusterRole in the global namespace. If the - RoleRef cannot be resolved, the Authorizer must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_version: - description: - - APIVersion holds the API group and version of the referenced subject. - Defaults to "v1" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io/v1alpha1" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group - are "User", "Group", and "ServiceAccount". If the Authorizer does - not recognized the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_binding_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_cluster_role_list.py b/library/k8s_v1alpha1_cluster_role_list.py deleted file mode 100644 index 3226a42a..00000000 --- a/library/k8s_v1alpha1_cluster_role_list.py +++ /dev/null @@ -1,199 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_cluster_role_list -short_description: Kubernetes ClusterRoleList -description: -- Retrieve a list of cluster_roles. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If multiple API groups are specified, any action requested against - one of the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path This - name is intentionally different than the internal type so that the - DefaultConvert works nicely and because the ordering may be different. - Since non-resource URLs are not namespaced, this field is only applicable - for ClusterRoles referenced from a ClusterRoleBinding. Rules can either - apply to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_external_admission_hook_configuration.py b/library/k8s_v1alpha1_external_admission_hook_configuration.py deleted file mode 100644 index 92f218ef..00000000 --- a/library/k8s_v1alpha1_external_admission_hook_configuration.py +++ /dev/null @@ -1,223 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_external_admission_hook_configuration -short_description: Kubernetes ExternalAdmissionHookConfiguration -description: -- Manage the lifecycle of a external_admission_hook_configuration object. Supports - check mode, and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - external_admission_hooks: - description: - - ExternalAdmissionHooks is a list of external admission webhooks and the affected - resources and operations. - type: list - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -external_admission_hook_configuration: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - external_admission_hooks: - description: - - ExternalAdmissionHooks is a list of external admission webhooks and the affected - resources and operations. - type: list - contains: - client_config: - description: - - ClientConfig defines how to communicate with the hook. Required - type: complex - failure_policy: - description: - - FailurePolicy defines how unrecognized errors from the admission endpoint - are handled - allowed values are Ignore or Fail. Defaults to Ignore. - type: str - name: - description: - - The name of the external admission webhook. Name should be fully qualified, - e.g., imagepolicy.kubernetes.io, where "imagepolicy" is the name of the - webhook, and kubernetes.io is the name of the organization. Required. - type: str - rules: - description: - - Rules describes what operations on what resources/subresources the webhook - cares about. The webhook cares about an operation if it matches _any_ - Rule. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all groups. - If '*' is present, the length of the slice must be one. Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is all - versions. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - operations: - description: - - Operations is the operations the admission hook cares about - CREATE, - UPDATE, or * for all operations. If '*' is present, the length of - the slice must be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means all\ - \ subresources of pods. '*/scale' means all scale subresources. '*/*'\ - \ means all resources and their subresources. If wildcard is present,\ - \ the validation rule will ensure resources do not overlap with each\ - \ other. Depending on the enclosing object, subresources might not\ - \ be allowed. Required." - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('external_admission_hook_configuration', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_external_admission_hook_configuration_list.py b/library/k8s_v1alpha1_external_admission_hook_configuration_list.py deleted file mode 100644 index dc9291f5..00000000 --- a/library/k8s_v1alpha1_external_admission_hook_configuration_list.py +++ /dev/null @@ -1,218 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_external_admission_hook_configuration_list -short_description: Kubernetes ExternalAdmissionHookConfigurationList -description: -- Retrieve a list of external_admission_hook_configurations. List operations provide - a snapshot read of the underlying objects, returning a resource_version representing - a consistent version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -external_admission_hook_configuration_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ExternalAdmissionHookConfiguration. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - external_admission_hooks: - description: - - ExternalAdmissionHooks is a list of external admission webhooks and the - affected resources and operations. - type: list - contains: - client_config: - description: - - ClientConfig defines how to communicate with the hook. Required - type: complex - failure_policy: - description: - - FailurePolicy defines how unrecognized errors from the admission endpoint - are handled - allowed values are Ignore or Fail. Defaults to Ignore. - type: str - name: - description: - - The name of the external admission webhook. Name should be fully qualified, - e.g., imagepolicy.kubernetes.io, where "imagepolicy" is the name of - the webhook, and kubernetes.io is the name of the organization. Required. - type: str - rules: - description: - - Rules describes what operations on what resources/subresources the - webhook cares about. The webhook cares about an operation if it matches - _any_ Rule. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all - groups. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is - all versions. If '*' is present, the length of the slice must - be one. Required. - type: list - contains: str - operations: - description: - - Operations is the operations the admission hook cares about - - CREATE, UPDATE, or * for all operations. If '*' is present, the - length of the slice must be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means\ - \ all subresources of pods. '*/scale' means all scale subresources.\ - \ '*/*' means all resources and their subresources. If wildcard\ - \ is present, the validation rule will ensure resources do not\ - \ overlap with each other. Depending on the enclosing object,\ - \ subresources might not be allowed. Required." - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('external_admission_hook_configuration_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_initializer_configuration.py b/library/k8s_v1alpha1_initializer_configuration.py deleted file mode 100644 index 85e89f47..00000000 --- a/library/k8s_v1alpha1_initializer_configuration.py +++ /dev/null @@ -1,212 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_initializer_configuration -short_description: Kubernetes InitializerConfiguration -description: -- Manage the lifecycle of a initializer_configuration object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - initializers: - description: - - Initializers is a list of resources and their default initializers Order-sensitive. - When merging multiple InitializerConfigurations, we sort the initializers from - different InitializerConfigurations by the name of the InitializerConfigurations; - the order of the initializers from the same InitializerConfiguration is preserved. - type: list - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -initializer_configuration: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - initializers: - description: - - Initializers is a list of resources and their default initializers Order-sensitive. - When merging multiple InitializerConfigurations, we sort the initializers - from different InitializerConfigurations by the name of the InitializerConfigurations; - the order of the initializers from the same InitializerConfiguration is preserved. - type: list - contains: - name: - description: - - Name is the identifier of the initializer. It will be added to the object - that needs to be initialized. Name should be fully qualified, e.g., alwayspullimages.kubernetes.io, - where "alwayspullimages" is the name of the webhook, and kubernetes.io - is the name of the organization. Required - type: str - rules: - description: - - Rules describes what resources/subresources the initializer cares about. - The initializer cares about an operation if it matches _any_ Rule. Rule.Resources - must not include subresources. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all groups. - If '*' is present, the length of the slice must be one. Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is all - versions. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means all\ - \ subresources of pods. '*/scale' means all scale subresources. '*/*'\ - \ means all resources and their subresources. If wildcard is present,\ - \ the validation rule will ensure resources do not overlap with each\ - \ other. Depending on the enclosing object, subresources might not\ - \ be allowed. Required." - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('initializer_configuration', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_initializer_configuration_list.py b/library/k8s_v1alpha1_initializer_configuration_list.py deleted file mode 100644 index 1e3b1d1d..00000000 --- a/library/k8s_v1alpha1_initializer_configuration_list.py +++ /dev/null @@ -1,207 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_initializer_configuration_list -short_description: Kubernetes InitializerConfigurationList -description: -- Retrieve a list of initializer_configurations. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -initializer_configuration_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of InitializerConfiguration. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - initializers: - description: - - Initializers is a list of resources and their default initializers Order-sensitive. - When merging multiple InitializerConfigurations, we sort the initializers - from different InitializerConfigurations by the name of the InitializerConfigurations; - the order of the initializers from the same InitializerConfiguration is - preserved. - type: list - contains: - name: - description: - - Name is the identifier of the initializer. It will be added to the - object that needs to be initialized. Name should be fully qualified, - e.g., alwayspullimages.kubernetes.io, where "alwayspullimages" is - the name of the webhook, and kubernetes.io is the name of the organization. - Required - type: str - rules: - description: - - Rules describes what resources/subresources the initializer cares - about. The initializer cares about an operation if it matches _any_ - Rule. Rule.Resources must not include subresources. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all - groups. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is - all versions. If '*' is present, the length of the slice must - be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means\ - \ all subresources of pods. '*/scale' means all scale subresources.\ - \ '*/*' means all resources and their subresources. If wildcard\ - \ is present, the validation rule will ensure resources do not\ - \ overlap with each other. Depending on the enclosing object,\ - \ subresources might not be allowed. Required." - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('initializer_configuration_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_pod_preset.py b/library/k8s_v1alpha1_pod_preset.py deleted file mode 100644 index 26524fa7..00000000 --- a/library/k8s_v1alpha1_pod_preset.py +++ /dev/null @@ -1,200 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_pod_preset -short_description: Kubernetes PodPreset -description: -- Manage the lifecycle of a pod_preset object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_env: - description: - - Env defines the collection of EnvVar to inject into containers. - aliases: - - env - type: list - spec_env_from: - description: - - EnvFrom defines the collection of EnvFromSource to inject into containers. - aliases: - - env_from - type: list - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_volume_mounts: - description: - - VolumeMounts defines the collection of VolumeMount to inject into containers. - aliases: - - volume_mounts - type: list - spec_volumes: - description: - - Volumes defines the collection of Volume to inject into the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_preset: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_preset', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_pod_preset_list.py b/library/k8s_v1alpha1_pod_preset_list.py deleted file mode 100644 index 871ac61a..00000000 --- a/library/k8s_v1alpha1_pod_preset_list.py +++ /dev/null @@ -1,159 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_pod_preset_list -short_description: Kubernetes PodPresetList -description: -- Retrieve a list of pod_presets. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_preset_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of schema objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: [] - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_preset_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_priority_class.py b/library/k8s_v1alpha1_priority_class.py deleted file mode 100644 index d0ba5d01..00000000 --- a/library/k8s_v1alpha1_priority_class.py +++ /dev/null @@ -1,187 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_priority_class -short_description: Kubernetes PriorityClass -description: -- Manage the lifecycle of a priority_class object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - description: - description: - - description is an arbitrary string that usually provides guidelines on when - this priority class should be used. - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - global_default: - description: - - globalDefault specifies whether this PriorityClass should be considered as the - default priority for pods that do not have any priority class. - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - value: - description: - - The value of this priority class. This is the actual priority that pods receive - when they have the name of this class in their pod spec. - type: int - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -priority_class: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - description: - description: - - description is an arbitrary string that usually provides guidelines on when - this priority class should be used. - type: str - global_default: - description: - - globalDefault specifies whether this PriorityClass should be considered as - the default priority for pods that do not have any priority class. - type: bool - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - value: - description: - - The value of this priority class. This is the actual priority that pods receive - when they have the name of this class in their pod spec. - type: int -''' - - -def main(): - try: - module = KubernetesAnsibleModule('priority_class', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_priority_class_list.py b/library/k8s_v1alpha1_priority_class_list.py deleted file mode 100644 index d46baa5a..00000000 --- a/library/k8s_v1alpha1_priority_class_list.py +++ /dev/null @@ -1,172 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_priority_class_list -short_description: Kubernetes PriorityClassList -description: -- Retrieve a list of priority_class. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -priority_class_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is the list of PriorityClasses - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - description: - description: - - description is an arbitrary string that usually provides guidelines on - when this priority class should be used. - type: str - global_default: - description: - - globalDefault specifies whether this PriorityClass should be considered - as the default priority for pods that do not have any priority class. - type: bool - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - value: - description: - - The value of this priority class. This is the actual priority that pods - receive when they have the name of this class in their pod spec. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('priority_class_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_role.py b/library/k8s_v1alpha1_role.py deleted file mode 100644 index 51b8f7f0..00000000 --- a/library/k8s_v1alpha1_role.py +++ /dev/null @@ -1,204 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_role -short_description: Kubernetes Role -description: -- Manage the lifecycle of a role object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path This - name is intentionally different than the internal type so that the DefaultConvert - works nicely and because the ordering may be different. Since non-resource - URLs are not namespaced, this field is only applicable for ClusterRoles - referenced from a ClusterRoleBinding. Rules can either apply to API resources - (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), - but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_role_binding.py b/library/k8s_v1alpha1_role_binding.py deleted file mode 100644 index 0bdd8e34..00000000 --- a/library/k8s_v1alpha1_role_binding.py +++ /dev/null @@ -1,208 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_role_binding -short_description: Kubernetes RoleBinding -description: -- Manage the lifecycle of a role_binding object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_group: - description: - - APIGroup is the group for the resource being referenced - aliases: - - api_group - role_ref_kind: - description: - - Kind is the type of resource being referenced - aliases: - - kind - role_ref_name: - description: - - Name is the name of resource being referenced - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can reference a Role in the current namespace or a ClusterRole in - the global namespace. If the RoleRef cannot be resolved, the Authorizer must - return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_version: - description: - - APIVersion holds the API group and version of the referenced subject. - Defaults to "v1" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io/v1alpha1" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group are - "User", "Group", and "ServiceAccount". If the Authorizer does not recognized - the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_binding', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_role_binding_list.py b/library/k8s_v1alpha1_role_binding_list.py deleted file mode 100644 index f15c87b2..00000000 --- a/library/k8s_v1alpha1_role_binding_list.py +++ /dev/null @@ -1,190 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_role_binding_list -short_description: Kubernetes RoleBindingList -description: -- Retrieve a list of role_bindings. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of RoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can reference a Role in the current namespace or a ClusterRole - in the global namespace. If the RoleRef cannot be resolved, the Authorizer - must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_version: - description: - - APIVersion holds the API group and version of the referenced subject. - Defaults to "v1" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io/v1alpha1" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group - are "User", "Group", and "ServiceAccount". If the Authorizer does - not recognized the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_binding_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1alpha1_role_list.py b/library/k8s_v1alpha1_role_list.py deleted file mode 100644 index f2f1f1a5..00000000 --- a/library/k8s_v1alpha1_role_list.py +++ /dev/null @@ -1,199 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1alpha1_role_list -short_description: Kubernetes RoleList -description: -- Retrieve a list of roles. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of Roles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If multiple API groups are specified, any action requested against - one of the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path This - name is intentionally different than the internal type so that the - DefaultConvert works nicely and because the ordering may be different. - Since non-resource URLs are not namespaced, this field is only applicable - for ClusterRoles referenced from a ClusterRoleBinding. Rules can either - apply to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_list', 'v1alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_api_service.py b/library/k8s_v1beta1_api_service.py deleted file mode 100644 index 3e302bf8..00000000 --- a/library/k8s_v1beta1_api_service.py +++ /dev/null @@ -1,223 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_api_service -short_description: Kubernetes APIService -description: -- Manage the lifecycle of a api_service object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_ca_bundle: - description: - - CABundle is a PEM encoded CA bundle which will be used to validate an API server's - serving certificate. - aliases: - - ca_bundle - spec_group: - description: - - Group is the API group name this server hosts - aliases: - - group - spec_group_priority_minimum: - description: - - "GroupPriorityMininum is the priority this group should have at least. Higher\ - \ priority means that the group is prefered by clients over lower priority ones.\ - \ Note that other versions of this group might specify even higher GroupPriorityMininum\ - \ values such that the whole group gets a higher priority. The primary sort\ - \ is based on GroupPriorityMinimum, ordered highest number to lowest (20 before\ - \ 10). The secondary sort is based on the alphabetical comparison of the name\ - \ of the object. (v1.bar before v1.foo) We'd recommend something like: *.k8s.io\ - \ (except extensions) at 18000 and PaaSes (OpenShift, Deis) are recommended\ - \ to be in the 2000s" - aliases: - - group_priority_minimum - type: int - spec_insecure_skip_tls_verify: - description: - - InsecureSkipTLSVerify disables TLS certificate verification when communicating - with this server. This is strongly discouraged. You should use the CABundle - instead. - aliases: - - insecure_skip_tls_verify - type: bool - spec_service_name: - description: - - Name is the name of the service - aliases: - - service_name - spec_service_namespace: - description: - - Namespace is the namespace of the service - aliases: - - service_namespace - spec_version: - description: - - Version is the API version this server hosts. For example, "v1" - aliases: - - version - spec_version_priority: - description: - - VersionPriority controls the ordering of this API version inside of its group. - Must be greater than zero. The primary sort is based on VersionPriority, ordered - highest to lowest (20 before 10). The secondary sort is based on the alphabetical - comparison of the name of the object. (v1.bar before v1.foo) Since it's inside - of a group, the number can be small, probably in the 10s. - aliases: - - version_priority - type: int - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -api_service: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec contains information for locating and communicating with a server - type: complex - status: - description: - - Status contains derived information about an API server - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('api_service', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_api_service_list.py b/library/k8s_v1beta1_api_service_list.py deleted file mode 100644 index 2b426717..00000000 --- a/library/k8s_v1beta1_api_service_list.py +++ /dev/null @@ -1,162 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_api_service_list -short_description: Kubernetes APIServiceList -description: -- Retrieve a list of api_services. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -api_service_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: [] - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec contains information for locating and communicating with a server - type: complex - status: - description: - - Status contains derived information about an API server - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('api_service_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_certificate_signing_request.py b/library/k8s_v1beta1_certificate_signing_request.py deleted file mode 100644 index 15a62c89..00000000 --- a/library/k8s_v1beta1_certificate_signing_request.py +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_certificate_signing_request -short_description: Kubernetes CertificateSigningRequest -description: -- Manage the lifecycle of a certificate_signing_request object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_extra: - description: - - Extra information about the requesting user. See user.Info interface for details. - aliases: - - extra - type: dict - spec_groups: - description: - - Group information about the requesting user. See user.Info interface for details. - aliases: - - groups - type: list - spec_request: - description: - - Base64-encoded PKCS - aliases: - - request - spec_uid: - description: - - UID information about the requesting user. See user.Info interface for details. - aliases: - - uid - spec_usages: - description: - - 'allowedUsages specifies a set of usage contexts the key will be valid for. - See:' - aliases: - - usages - type: list - spec_username: - description: - - Information about the requesting user. See user.Info interface for details. - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -certificate_signing_request: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - The certificate request itself and any additional information. - type: complex - status: - description: - - Derived information about the request. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('certificate_signing_request', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_certificate_signing_request_list.py b/library/k8s_v1beta1_certificate_signing_request_list.py deleted file mode 100644 index 4f93ac9d..00000000 --- a/library/k8s_v1beta1_certificate_signing_request_list.py +++ /dev/null @@ -1,162 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_certificate_signing_request_list -short_description: Kubernetes CertificateSigningRequestList -description: -- Retrieve a list of certificate_signing_requests. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -certificate_signing_request_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: [] - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - The certificate request itself and any additional information. - type: complex - status: - description: - - Derived information about the request. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('certificate_signing_request_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_cluster_role.py b/library/k8s_v1beta1_cluster_role.py deleted file mode 100644 index 8957ee63..00000000 --- a/library/k8s_v1beta1_cluster_role.py +++ /dev/null @@ -1,202 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_cluster_role -short_description: Kubernetes ClusterRole -description: -- Manage the lifecycle of a cluster_role object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable for - ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply - to API resources (such as "pods" or "secrets") or non-resource URL paths - (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_cluster_role_binding.py b/library/k8s_v1beta1_cluster_role_binding.py deleted file mode 100644 index d2e14a41..00000000 --- a/library/k8s_v1beta1_cluster_role_binding.py +++ /dev/null @@ -1,207 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_cluster_role_binding -short_description: Kubernetes ClusterRoleBinding -description: -- Manage the lifecycle of a cluster_role_binding object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_group: - description: - - APIGroup is the group for the resource being referenced - aliases: - - api_group - role_ref_kind: - description: - - Kind is the type of resource being referenced - aliases: - - kind - role_ref_name: - description: - - Name is the name of resource being referenced - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef - cannot be resolved, the Authorizer must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to "" - for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for - User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group are - "User", "Group", and "ServiceAccount". If the Authorizer does not recognized - the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_binding', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_cluster_role_binding_list.py b/library/k8s_v1beta1_cluster_role_binding_list.py deleted file mode 100644 index 685c771d..00000000 --- a/library/k8s_v1beta1_cluster_role_binding_list.py +++ /dev/null @@ -1,189 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_cluster_role_binding_list -short_description: Kubernetes ClusterRoleBindingList -description: -- Retrieve a list of cluster_role_bindings. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference a ClusterRole in the global namespace. If the - RoleRef cannot be resolved, the Authorizer must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to - "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group - are "User", "Group", and "ServiceAccount". If the Authorizer does - not recognized the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_binding_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_cluster_role_list.py b/library/k8s_v1beta1_cluster_role_list.py deleted file mode 100644 index 04b88d28..00000000 --- a/library/k8s_v1beta1_cluster_role_list.py +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_cluster_role_list -short_description: Kubernetes ClusterRoleList -description: -- Retrieve a list of cluster_roles. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If multiple API groups are specified, any action requested against - one of the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable - for ClusterRoles referenced from a ClusterRoleBinding. Rules can either - apply to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cluster_role_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_controller_revision.py b/library/k8s_v1beta1_controller_revision.py deleted file mode 100644 index e90cb2df..00000000 --- a/library/k8s_v1beta1_controller_revision.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_controller_revision -short_description: Kubernetes ControllerRevision -description: -- Manage the lifecycle of a controller_revision object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - data_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - raw - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -controller_revision: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - data: - description: - - Data is the serialized representation of the state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int -''' - - -def main(): - try: - module = KubernetesAnsibleModule('controller_revision', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_controller_revision_list.py b/library/k8s_v1beta1_controller_revision_list.py deleted file mode 100644 index 89534754..00000000 --- a/library/k8s_v1beta1_controller_revision_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_controller_revision_list -short_description: Kubernetes ControllerRevisionList -description: -- Retrieve a list of controller_revisions. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -controller_revision_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of ControllerRevisions - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - data: - description: - - Data is the serialized representation of the state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - '' - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('controller_revision_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_cron_job.py b/library/k8s_v1beta1_cron_job.py deleted file mode 100644 index be509e01..00000000 --- a/library/k8s_v1beta1_cron_job.py +++ /dev/null @@ -1,616 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_cron_job -short_description: Kubernetes CronJob -description: -- Manage the lifecycle of a cron_job object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_concurrency_policy: - description: - - Specifies how to treat concurrent executions of a Job. Defaults to Allow. - aliases: - - concurrency_policy - spec_failed_jobs_history_limit: - description: - - The number of failed finished jobs to retain. This is a pointer to distinguish - between explicit zero and not specified. Defaults to 1. - aliases: - - failed_jobs_history_limit - type: int - spec_job_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - aliases: - - job__metadata_annotations - type: dict - spec_job_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - aliases: - - job__metadata_labels - type: dict - spec_job_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - aliases: - - job__metadata_name - spec_job_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - aliases: - - job__metadata_namespace - spec_job_template_spec_active_deadline_seconds: - description: - - Specifies the duration in seconds relative to the startTime that the job may - be active before the system tries to terminate it; value must be positive integer - aliases: - - job__active_deadline_seconds - type: int - spec_job_template_spec_backoff_limit: - description: - - Specifies the number of retries before marking this job failed. Defaults to - 6 - aliases: - - job__backoff_limit - type: int - spec_job_template_spec_completions: - description: - - Specifies the desired number of successfully finished pods the job should be - run with. Setting to nil means that the success of any pod signals the success - of all pods, and allows parallelism to have any positive value. Setting to 1 - means that parallelism is limited to 1 and the success of that pod signals the - success of the job. - aliases: - - job__completions - type: int - spec_job_template_spec_manual_selector: - description: - - manualSelector controls generation of pod labels and pod selectors. Leave `manualSelector` - unset unless you are certain what you are doing. When false or unset, the system - pick labels unique to this job and appends those labels to the pod template. - When true, the user is responsible for picking unique labels and specifying - the selector. Failure to pick a unique label may cause this and other jobs to - not function correctly. However, You may see `manualSelector=true` in jobs that - were created with the old `extensions/v1beta1` API. - aliases: - - job__manual_selector - type: bool - spec_job_template_spec_parallelism: - description: - - Specifies the maximum desired number of pods the job should run at any given - time. The actual number of pods running in steady state will be less than this - number when ((.spec.completions - .status.successful) < .spec.parallelism), - i.e. when the work left to do is less than max parallelism. - aliases: - - job__parallelism - type: int - spec_job_template_spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - job__selector_match_expressions - type: list - spec_job_template_spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - job__selector_match_labels - type: dict - spec_job_template_spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_job_template_spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_job_template_spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_job_template_spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_job_template_spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - type: int - spec_job_template_spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - job__affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - ? spec_job_template_spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - : description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - job__affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_job_template_spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - job__affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - job__affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - job__affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - job__affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - job__automount_service_account_token - type: bool - spec_job_template_spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - job__containers - type: list - spec_job_template_spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - job__dns_policy - spec_job_template_spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - job__host_aliases - type: list - spec_job_template_spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - job__host_ipc - type: bool - spec_job_template_spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - job__host_network - type: bool - spec_job_template_spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - job__host_pid - type: bool - spec_job_template_spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - job__hostname - spec_job_template_spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - job__image_pull_secrets - type: list - spec_job_template_spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - job__init_containers - type: list - spec_job_template_spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - job__node_name - spec_job_template_spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - job__node_selector - type: dict - spec_job_template_spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - job__priority - type: int - spec_job_template_spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - job__priority_class_name - spec_job_template_spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - job__restart_policy - spec_job_template_spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - job__scheduler_name - spec_job_template_spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - job__securitycontext_fs_group - type: int - spec_job_template_spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - job__securitycontext_run_as_non_root - type: bool - spec_job_template_spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - job__securitycontext_run_as_user - type: int - spec_job_template_spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_level - spec_job_template_spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_role - spec_job_template_spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_type - spec_job_template_spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_user - spec_job_template_spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - job__securitycontext_supplemental_groups - type: list - spec_job_template_spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - job__service_account - spec_job_template_spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - job__service_account_name - spec_job_template_spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - job__subdomain - spec_job_template_spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - job__termination_grace_period_seconds - type: int - spec_job_template_spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - job__tolerations - type: list - spec_job_template_spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - job__volumes - type: list - spec_schedule: - description: - - The schedule in Cron format, see - aliases: - - schedule - spec_starting_deadline_seconds: - description: - - Optional deadline in seconds for starting the job if it misses scheduled time - for any reason. Missed jobs executions will be counted as failed ones. - aliases: - - starting_deadline_seconds - type: int - spec_successful_jobs_history_limit: - description: - - The number of successful finished jobs to retain. This is a pointer to distinguish - between explicit zero and not specified. Defaults to 3. - aliases: - - successful_jobs_history_limit - type: int - spec_suspend: - description: - - This flag tells the controller to suspend subsequent executions, it does not - apply to already started executions. Defaults to false. - aliases: - - suspend - type: bool - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cron_job: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of a cron job, including the schedule. - type: complex - status: - description: - - Current status of a cron job. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cron_job', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_cron_job_list.py b/library/k8s_v1beta1_cron_job_list.py deleted file mode 100644 index bf33d8fc..00000000 --- a/library/k8s_v1beta1_cron_job_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_cron_job_list -short_description: Kubernetes CronJobList -description: -- Retrieve a list of cron_jobs. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cron_job_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is the list of CronJobs. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of a cron job, including the schedule. - type: complex - status: - description: - - Current status of a cron job. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cron_job_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_custom_resource_definition.py b/library/k8s_v1beta1_custom_resource_definition.py deleted file mode 100644 index 04e49eca..00000000 --- a/library/k8s_v1beta1_custom_resource_definition.py +++ /dev/null @@ -1,283 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_custom_resource_definition -short_description: Kubernetes CustomResourceDefinition -description: -- Manage the lifecycle of a custom_resource_definition object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_group: - description: - - Group is the group this resource belongs in - aliases: - - group - spec_names_kind: - description: - - Kind is the serialized kind of the resource. It is normally CamelCase and singular. - aliases: - - names_kind - spec_names_list_kind: - description: - - ListKind is the serialized kind of the list for this resource. Defaults to List. - aliases: - - names_list_kind - spec_names_plural: - description: - - 'Plural is the plural name of the resource to serve. It must match the name - of the CustomResourceDefinition-registration too: plural.group and it must be - all lowercase.' - aliases: - - names_plural - spec_names_short_names: - description: - - ShortNames are short names for the resource. It must be all lowercase. - aliases: - - names_short_names - type: list - spec_names_singular: - description: - - Singular is the singular name of the resource. It must be all lowercase Defaults - to lowercased - aliases: - - names_singular - spec_scope: - description: - - Scope indicates whether this resource is cluster or namespace scoped. Default - is namespaced - aliases: - - scope - spec_validation_open_apiv3_schema_additional_items_allows: - aliases: - - validation_open_apiv3_schema_additional_items_allows - type: bool - spec_validation_open_apiv3_schema_additional_properties_allows: - aliases: - - validation_open_apiv3_schema_additional_properties_allows - type: bool - spec_validation_open_apiv3_schema_all_of: - aliases: - - validation_open_apiv3_schema_all_of - type: list - spec_validation_open_apiv3_schema_any_of: - aliases: - - validation_open_apiv3_schema_any_of - type: list - spec_validation_open_apiv3_schema_description: - aliases: - - validation_open_apiv3_schema_description - spec_validation_open_apiv3_schema_enum: - aliases: - - validation_open_apiv3_schema_enum - type: list - spec_validation_open_apiv3_schema_format: - aliases: - - validation_open_apiv3_schema_format - spec_validation_open_apiv3_schema_id: - aliases: - - validation_open_apiv3_schema_id - spec_validation_open_apiv3_schema_max_length: - aliases: - - validation_open_apiv3_schema_max_length - type: int - spec_validation_open_apiv3_schema_max_properties: - aliases: - - validation_open_apiv3_schema_max_properties - type: int - spec_validation_open_apiv3_schema_min_items: - aliases: - - validation_open_apiv3_schema_min_items - type: int - spec_validation_open_apiv3_schema_min_properties: - aliases: - - validation_open_apiv3_schema_min_properties - type: int - spec_validation_open_apiv3_schema_minimum: - aliases: - - validation_open_apiv3_schema_minimum - type: float - spec_validation_open_apiv3_schema_multiple_of: - aliases: - - validation_open_apiv3_schema_multiple_of - type: float - spec_validation_open_apiv3_schema_pattern: - aliases: - - validation_open_apiv3_schema_pattern - spec_validation_open_apiv3_schema_pattern_properties: - aliases: - - validation_open_apiv3_schema_pattern_properties - type: dict - spec_validation_open_apiv3_schema_schema: - aliases: - - validation_open_apiv3_schema_schema - spec_validation_open_apiv3_schema_title: - aliases: - - validation_open_apiv3_schema_title - spec_validation_open_apiv3_schema_type: - aliases: - - validation_open_apiv3_schema_type - spec_validation_open_apiv3_schema_unique_items: - aliases: - - validation_open_apiv3_schema_unique_items - type: bool - spec_version: - description: - - Version is the version this resource belongs in - aliases: - - version - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -custom_resource_definition: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec describes how the user wants the resources to appear - type: complex - status: - description: - - Status indicates the actual state of the CustomResourceDefinition - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('custom_resource_definition', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_custom_resource_definition_list.py b/library/k8s_v1beta1_custom_resource_definition_list.py deleted file mode 100644 index 05ea978d..00000000 --- a/library/k8s_v1beta1_custom_resource_definition_list.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_custom_resource_definition_list -short_description: Kubernetes CustomResourceDefinitionList -description: -- Retrieve a list of custom_resource_definitions. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -custom_resource_definition_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items individual CustomResourceDefinitions - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec describes how the user wants the resources to appear - type: complex - status: - description: - - Status indicates the actual state of the CustomResourceDefinition - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('custom_resource_definition_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_daemon_set.py b/library/k8s_v1beta1_daemon_set.py deleted file mode 100644 index 00dda966..00000000 --- a/library/k8s_v1beta1_daemon_set.py +++ /dev/null @@ -1,549 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_daemon_set -short_description: Kubernetes DaemonSet -description: -- Manage the lifecycle of a daemon_set object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - The minimum number of seconds for which a newly created DaemonSet pod should - be ready without any of its container crashing, for it to be considered available. - Defaults to 0 (pod will be considered available as soon as it is ready). - aliases: - - min_ready_seconds - type: int - spec_revision_history_limit: - description: - - The number of old history to retain to allow rollback. This is a pointer to - distinguish between explicit zero and not specified. Defaults to 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_generation: - description: - - DEPRECATED. A sequence number representing a specific generation of the template. - Populated by the system. It can be set only during the creation. - aliases: - - template_generation - type: int - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_update_strategy_rolling_update_max_unavailable: - description: - - 'The maximum number of DaemonSet pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet - pods at the start of the update (ex: 10%). Absolute number is calculated from - percentage by rounding up. This cannot be 0. Default value is 1. Example: when - this is set to 30%, at most 30% of the total number of nodes that should be - running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods - stopped for an update at any given time. The update starts by stopping at most - 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. - Once the new pods are available, it then proceeds onto other DaemonSet pods, - thus ensuring that at least 70% of original number of DaemonSet pods are available - at all times during the update.' - aliases: - - update_strategy_rolling_update_max_unavailable - type: object - spec_update_strategy_type: - description: - - Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is - OnDelete. - aliases: - - update_strategy_type - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -daemon_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - The desired behavior of this daemon set. - type: complex - status: - description: - - The current status of this daemon set. This data may be out of date by some - window of time. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('daemon_set', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_daemon_set_list.py b/library/k8s_v1beta1_daemon_set_list.py deleted file mode 100644 index c10a1b44..00000000 --- a/library/k8s_v1beta1_daemon_set_list.py +++ /dev/null @@ -1,166 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_daemon_set_list -short_description: Kubernetes DaemonSetList -description: -- Retrieve a list of daemon_sets. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -daemon_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - A list of daemon sets. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - The desired behavior of this daemon set. - type: complex - status: - description: - - The current status of this daemon set. This data may be out of date by - some window of time. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('daemon_set_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_eviction.py b/library/k8s_v1beta1_eviction.py deleted file mode 100644 index 173f181e..00000000 --- a/library/k8s_v1beta1_eviction.py +++ /dev/null @@ -1,182 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_eviction -short_description: Kubernetes Eviction -description: -- Manage the lifecycle of a eviction object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - delete_options_api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - aliases: - - api_version - delete_options_grace_period_seconds: - description: - - The duration in seconds before the object should be deleted. Value must be non-negative - integer. The value zero indicates delete immediately. If this value is nil, - the default grace period for the specified type will be used. Defaults to a - per object value if not specified. zero means delete immediately. - aliases: - - grace_period_seconds - type: int - delete_options_kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - aliases: - - kind - delete_options_orphan_dependents: - description: - - "Deprecated: please use the PropagationPolicy, this field will be deprecated\ - \ in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\"\ - \ finalizer will be added to/removed from the object's finalizers list. Either\ - \ this field or PropagationPolicy may be set, but not both." - aliases: - - orphan_dependents - type: bool - delete_options_preconditions_uid: - description: - - Specifies the target UID. - aliases: - - uid - delete_options_propagation_policy: - description: - - Whether and how garbage collection will be performed. Either this field or OrphanDependents - may be set, but not both. The default policy is decided by the existing finalizer - set in the metadata.finalizers and the resource-specific default policy. - aliases: - - propagation_policy - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -eviction: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - delete_options: - description: - - DeleteOptions may be provided - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - ObjectMeta describes the pod that is being evicted. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('eviction', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_ingress.py b/library/k8s_v1beta1_ingress.py deleted file mode 100644 index 5692f319..00000000 --- a/library/k8s_v1beta1_ingress.py +++ /dev/null @@ -1,193 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_ingress -short_description: Kubernetes Ingress -description: -- Manage the lifecycle of a ingress object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_backend_service_name: - description: - - Specifies the name of the referenced service. - aliases: - - backend_service_name - spec_backend_service_port: - description: - - Specifies the port of the referenced service. - aliases: - - backend_service_port - type: object - spec_rules: - description: - - A list of host rules used to configure the Ingress. If unspecified, or no rule - matches, all traffic is sent to the default backend. - aliases: - - rules - type: list - spec_tls: - description: - - TLS configuration. Currently the Ingress only supports a single TLS port, 443. - If multiple members of this list specify different hosts, they will be multiplexed - on the same port according to the hostname specified through the SNI TLS extension, - if the ingress controller fulfilling the ingress supports SNI. - aliases: - - tls - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -ingress: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec is the desired state of the Ingress. - type: complex - status: - description: - - Status is the current state of the Ingress. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('ingress', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_ingress_list.py b/library/k8s_v1beta1_ingress_list.py deleted file mode 100644 index e2a420c6..00000000 --- a/library/k8s_v1beta1_ingress_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_ingress_list -short_description: Kubernetes IngressList -description: -- Retrieve a list of ingress. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -ingress_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of Ingress. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec is the desired state of the Ingress. - type: complex - status: - description: - - Status is the current state of the Ingress. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('ingress_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_local_subject_access_review.py b/library/k8s_v1beta1_local_subject_access_review.py deleted file mode 100644 index 28a3079f..00000000 --- a/library/k8s_v1beta1_local_subject_access_review.py +++ /dev/null @@ -1,218 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_local_subject_access_review -short_description: Kubernetes LocalSubjectAccessReview -description: -- Manage the lifecycle of a local_subject_access_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_extra: - description: - - Extra corresponds to the user.Info.GetExtra() method from the authenticator. - Since that is input to the authorizer it needs a reflection here. - aliases: - - extra - type: dict - spec_group: - description: - - Groups is the groups you're testing for. - aliases: - - group - type: list - spec_non_resource_attributes_path: - description: - - Path is the URL path of the request - aliases: - - non_resource_attributes_path - spec_non_resource_attributes_verb: - description: - - Verb is the standard HTTP verb - aliases: - - non_resource_attributes_verb - spec_resource_attributes_group: - description: - - Group is the API Group of the Resource. "*" means all. - aliases: - - resource_attributes_group - spec_resource_attributes_name: - description: - - Name is the name of the resource being requested for a "get" or deleted for - a "delete". "" (empty) means all. - aliases: - - resource_attributes_name - spec_resource_attributes_namespace: - description: - - Namespace is the namespace of the action being requested. Currently, there is - no distinction between no namespace and all namespaces "" (empty) is defaulted - for LocalSubjectAccessReviews "" (empty) is empty for cluster-scoped resources - "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview - or SelfSubjectAccessReview - aliases: - - resource_attributes_namespace - spec_resource_attributes_resource: - description: - - Resource is one of the existing resource types. "*" means all. - aliases: - - resource_attributes_resource - spec_resource_attributes_subresource: - description: - - Subresource is one of the existing resource types. "" means none. - aliases: - - resource_attributes_subresource - spec_resource_attributes_verb: - description: - - 'Verb is a kubernetes resource API verb, like: get, list, watch, create, update, - delete, proxy. "*" means all.' - aliases: - - resource_attributes_verb - spec_resource_attributes_version: - description: - - Version is the API Version of the Resource. "*" means all. - aliases: - - resource_attributes_version - spec_uid: - description: - - UID information about the requesting user. - aliases: - - uid - spec_user: - description: - - User is the user you're testing for. If you specify "User" but not "Group", - then is it interpreted as "What if User were not a member of any groups - aliases: - - user - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -local_subject_access_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated. spec.namespace must - be equal to the namespace you made the request against. If empty, it is defaulted. - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request is allowed - or not - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('local_subject_access_review', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_network_policy.py b/library/k8s_v1beta1_network_policy.py deleted file mode 100644 index 6ed55a1a..00000000 --- a/library/k8s_v1beta1_network_policy.py +++ /dev/null @@ -1,216 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_network_policy -short_description: Kubernetes NetworkPolicy -description: -- Manage the lifecycle of a network_policy object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_egress: - description: - - List of egress rules to be applied to the selected pods. Outgoing traffic is - allowed if there are no NetworkPolicies selecting the pod (and cluster policy - otherwise allows the traffic), OR if the traffic matches at least one egress - rule across all of the NetworkPolicy objects whose podSelector matches the pod. - If this field is empty then this NetworkPolicy limits all outgoing traffic (and - serves solely to ensure that the pods it selects are isolated by default). This - field is beta-level in 1.8 - aliases: - - egress - type: list - spec_ingress: - description: - - List of ingress rules to be applied to the selected pods. Traffic is allowed - to a pod if there are no NetworkPolicies selecting the pod OR if the traffic - source is the pod's local node, OR if the traffic matches at least one ingress - rule across all of the NetworkPolicy objects whose podSelector matches the pod. - If this field is empty then this NetworkPolicy does not allow any traffic (and - serves solely to ensure that the pods it selects are isolated by default). - aliases: - - ingress - type: list - spec_pod_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - pod_selector_match_expressions - type: list - spec_pod_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - pod_selector_match_labels - type: dict - spec_policy_types: - description: - - List of rule types that the NetworkPolicy relates to. Valid options are Ingress, - Egress, or Ingress,Egress. If this field is not specified, it will default based - on the existence of Ingress or Egress rules; policies that contain an Egress - section are assumed to affect Egress, and all policies (whether or not they - contain an Ingress section) are assumed to affect Ingress. If you want to write - an egress-only policy, you must explicitly specify policyTypes [ "Egress" ]. - Likewise, if you want to write a policy that specifies that no egress is allowed, - you must specify a policyTypes value that include "Egress" (since such a policy - would not include an Egress section and would otherwise default to just [ "Ingress" - ]). This field is beta-level in 1.8 - aliases: - - policy_types - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -network_policy: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior for this NetworkPolicy. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('network_policy', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_network_policy_list.py b/library/k8s_v1beta1_network_policy_list.py deleted file mode 100644 index a9d7cc21..00000000 --- a/library/k8s_v1beta1_network_policy_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_network_policy_list -short_description: Kubernetes NetworkPolicyList -description: -- Retrieve a list of network_policys. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -network_policy_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of schema objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior for this NetworkPolicy. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('network_policy_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_pod_disruption_budget.py b/library/k8s_v1beta1_pod_disruption_budget.py deleted file mode 100644 index 692b3fa4..00000000 --- a/library/k8s_v1beta1_pod_disruption_budget.py +++ /dev/null @@ -1,199 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_pod_disruption_budget -short_description: Kubernetes PodDisruptionBudget -description: -- Manage the lifecycle of a pod_disruption_budget object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_max_unavailable: - description: - - An eviction is allowed if at most "maxUnavailable" pods selected by "selector" - are unavailable after the eviction, i.e. even in absence of the evicted pod. - For example, one can prevent all voluntary evictions by specifying 0. This is - a mutually exclusive setting with "minAvailable". - aliases: - - max_unavailable - type: object - spec_min_available: - description: - - An eviction is allowed if at least "minAvailable" pods selected by "selector" - will still be available after the eviction, i.e. even in the absence of the - evicted pod. So for example you can prevent all voluntary evictions by specifying - "100%". - aliases: - - min_available - type: object - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_disruption_budget: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Specification of the desired behavior of the PodDisruptionBudget. - type: complex - status: - description: - - Most recently observed status of the PodDisruptionBudget. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_disruption_budget', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_pod_disruption_budget_list.py b/library/k8s_v1beta1_pod_disruption_budget_list.py deleted file mode 100644 index 3bf838e1..00000000 --- a/library/k8s_v1beta1_pod_disruption_budget_list.py +++ /dev/null @@ -1,162 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_pod_disruption_budget_list -short_description: Kubernetes PodDisruptionBudgetList -description: -- Retrieve a list of pod_disruption_budgets. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_disruption_budget_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: [] - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Specification of the desired behavior of the PodDisruptionBudget. - type: complex - status: - description: - - Most recently observed status of the PodDisruptionBudget. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_disruption_budget_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_pod_security_policy.py b/library/k8s_v1beta1_pod_security_policy.py deleted file mode 100644 index 74a396b9..00000000 --- a/library/k8s_v1beta1_pod_security_policy.py +++ /dev/null @@ -1,317 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_pod_security_policy -short_description: Kubernetes PodSecurityPolicy -description: -- Manage the lifecycle of a pod_security_policy object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_allow_privilege_escalation: - description: - - AllowPrivilegeEscalation determines if a pod can request to allow privilege - escalation. If unspecified, defaults to true. - aliases: - - allow_privilege_escalation - type: bool - spec_allowed_capabilities: - description: - - AllowedCapabilities is a list of capabilities that can be requested to add to - the container. Capabilities in this field may be added at the pod author's discretion. - You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities. - aliases: - - allowed_capabilities - type: list - spec_allowed_host_paths: - description: - - is a white list of allowed host paths. Empty indicates that all host paths may - be used. - aliases: - - allowed_host_paths - type: list - spec_default_add_capabilities: - description: - - DefaultAddCapabilities is the default set of capabilities that will be added - to the container unless the pod spec specifically drops the capability. You - may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities. - aliases: - - default_add_capabilities - type: list - spec_default_allow_privilege_escalation: - description: - - DefaultAllowPrivilegeEscalation controls the default setting for whether a process - can gain more privileges than its parent process. - aliases: - - default_allow_privilege_escalation - type: bool - spec_fs_group_ranges: - description: - - Ranges are the allowed ranges of fs groups. If you would like to force a single - fs group then supply a single range with the same start and end. - aliases: - - fs_group_ranges - type: list - spec_fs_group_rule: - description: - - Rule is the strategy that will dictate what FSGroup is used in the SecurityContext. - aliases: - - fs_group_rule - spec_host_ipc: - description: - - hostIPC determines if the policy allows the use of HostIPC in the pod spec. - aliases: - - host_ipc - type: bool - spec_host_network: - description: - - hostNetwork determines if the policy allows the use of HostNetwork in the pod - spec. - aliases: - - host_network - type: bool - spec_host_pid: - description: - - hostPID determines if the policy allows the use of HostPID in the pod spec. - aliases: - - host_pid - type: bool - spec_host_ports: - description: - - hostPorts determines which host port ranges are allowed to be exposed. - aliases: - - host_ports - type: list - spec_privileged: - description: - - privileged determines if a pod can request to be run as privileged. - aliases: - - privileged - type: bool - spec_read_only_root_filesystem: - description: - - ReadOnlyRootFilesystem when set to true will force containers to run with a - read only root file system. If the container specifically requests to run with - a non-read only root file system the PSP should deny the pod. If set to false - the container may run with a read only root file system if it wishes but it - will not be forced to. - aliases: - - read_only_root_filesystem - type: bool - spec_required_drop_capabilities: - description: - - RequiredDropCapabilities are the capabilities that will be dropped from the - container. These are required to be dropped and cannot be added. - aliases: - - required_drop_capabilities - type: list - spec_run_as_user_ranges: - description: - - Ranges are the allowed ranges of uids that may be used. - aliases: - - run_as_user_ranges - type: list - spec_run_as_user_rule: - description: - - Rule is the strategy that will dictate the allowable RunAsUser values that may - be set. - aliases: - - run_as_user_rule - spec_se_linux_rule: - description: - - type is the strategy that will dictate the allowable labels that may be set. - aliases: - - se_linux_rule - spec_se_linux_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - se_linux_se_options_level - spec_se_linux_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - se_linux_se_options_role - spec_se_linux_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - se_linux_se_options_type - spec_se_linux_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - se_linux_se_options_user - spec_supplemental_groups_ranges: - description: - - Ranges are the allowed ranges of supplemental groups. If you would like to force - a single supplemental group then supply a single range with the same start and - end. - aliases: - - supplemental_groups_ranges - type: list - spec_supplemental_groups_rule: - description: - - Rule is the strategy that will dictate what supplemental groups is used in the - SecurityContext. - aliases: - - supplemental_groups_rule - spec_volumes: - description: - - volumes is a white list of allowed volume plugins. Empty indicates that all - plugins may be used. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_security_policy: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - spec defines the policy enforced. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_security_policy', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_pod_security_policy_list.py b/library/k8s_v1beta1_pod_security_policy_list.py deleted file mode 100644 index 206e7c26..00000000 --- a/library/k8s_v1beta1_pod_security_policy_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_pod_security_policy_list -short_description: Kubernetes PodSecurityPolicyList -description: -- Retrieve a list of pod_security_policys. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_security_policy_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of schema objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - spec defines the policy enforced. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('pod_security_policy_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_replica_set.py b/library/k8s_v1beta1_replica_set.py deleted file mode 100644 index d8bac220..00000000 --- a/library/k8s_v1beta1_replica_set.py +++ /dev/null @@ -1,532 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_replica_set -short_description: Kubernetes ReplicaSet -description: -- Manage the lifecycle of a replica_set object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_replicas: - description: - - Replicas is the number of desired replicas. This is a pointer to distinguish - between explicit zero and unspecified. Defaults to 1. - aliases: - - replicas - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create replica set - k8s_v1beta1_replica_set.yml: - name: myreplicaset - namespace: test - state: present - replicas: 3 - spec_template_metadata_labels: - name: myreplicaset - containers: - - name: myreplicaset - image: openshift/origin-ruby-sample:v1.0 -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replica_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicaSet are empty, they are defaulted to be the same - as the Pod(s) that the ReplicaSet manages. Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the ReplicaSet. - type: complex - status: - description: - - Status is the most recently observed status of the ReplicaSet. This data may - be out of date by some window of time. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('replica_set', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_replica_set_list.py b/library/k8s_v1beta1_replica_set_list.py deleted file mode 100644 index 959d0fda..00000000 --- a/library/k8s_v1beta1_replica_set_list.py +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_replica_set_list -short_description: Kubernetes ReplicaSetList -description: -- Retrieve a list of replica_sets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replica_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ReplicaSets. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicaSet are empty, they are defaulted to be the - same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the ReplicaSet. - type: complex - status: - description: - - Status is the most recently observed status of the ReplicaSet. This data - may be out of date by some window of time. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('replica_set_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_role.py b/library/k8s_v1beta1_role.py deleted file mode 100644 index 816ba514..00000000 --- a/library/k8s_v1beta1_role.py +++ /dev/null @@ -1,202 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_role -short_description: Kubernetes Role -description: -- Manage the lifecycle of a role object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable for - ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply - to API resources (such as "pods" or "secrets") or non-resource URL paths - (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_role_binding.py b/library/k8s_v1beta1_role_binding.py deleted file mode 100644 index f2d67b67..00000000 --- a/library/k8s_v1beta1_role_binding.py +++ /dev/null @@ -1,219 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_role_binding -short_description: Kubernetes RoleBinding -description: -- Manage the lifecycle of a role_binding object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_group: - description: - - APIGroup is the group for the resource being referenced - aliases: - - api_group - role_ref_kind: - description: - - Kind is the type of resource being referenced - aliases: - - kind - role_ref_name: - description: - - Name is the name of resource being referenced - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create role binding - k8s_v1beta1_role_binding.yml: - name: edit - namespace: test - state: present - role_ref_kind: Role - role_ref_name: edit - subjects: - - kind: ServiceAccount - name: magico - namespace: test -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can reference a Role in the current namespace or a ClusterRole in - the global namespace. If the RoleRef cannot be resolved, the Authorizer must - return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to "" - for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for - User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group are - "User", "Group", and "ServiceAccount". If the Authorizer does not recognized - the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_binding', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_role_binding_list.py b/library/k8s_v1beta1_role_binding_list.py deleted file mode 100644 index 7407edf5..00000000 --- a/library/k8s_v1beta1_role_binding_list.py +++ /dev/null @@ -1,190 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_role_binding_list -short_description: Kubernetes RoleBindingList -description: -- Retrieve a list of role_bindings. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of RoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can reference a Role in the current namespace or a ClusterRole - in the global namespace. If the RoleRef cannot be resolved, the Authorizer - must return an error. - type: complex - subjects: - description: - - Subjects holds references to the objects the role applies to. - type: list - contains: - api_group: - description: - - APIGroup holds the API group of the referenced subject. Defaults to - "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" - for User and Group subjects. - type: str - kind: - description: - - Kind of object being referenced. Values defined by this API group - are "User", "Group", and "ServiceAccount". If the Authorizer does - not recognized the kind value, the Authorizer should report an error. - type: str - name: - description: - - Name of the object being referenced. - type: str - namespace: - description: - - Namespace of the referenced object. If the object kind is non-namespace, - such as "User" or "Group", and this value is not empty the Authorizer - should report an error. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_binding_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_role_list.py b/library/k8s_v1beta1_role_list.py deleted file mode 100644 index fefd69f4..00000000 --- a/library/k8s_v1beta1_role_list.py +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_role_list -short_description: Kubernetes RoleList -description: -- Retrieve a list of roles. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of Roles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If multiple API groups are specified, any action requested against - one of the enumerated resources in any API group will be allowed. - type: list - contains: str - non_resource_ur_ls: - description: - - NonResourceURLs is a set of partial urls that a user should have access - to. *s are allowed, but only as the full, final step in the path Since - non-resource URLs are not namespaced, this field is only applicable - for ClusterRoles referenced from a ClusterRoleBinding. Rules can either - apply to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('role_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_self_subject_access_review.py b/library/k8s_v1beta1_self_subject_access_review.py deleted file mode 100644 index 2d818f45..00000000 --- a/library/k8s_v1beta1_self_subject_access_review.py +++ /dev/null @@ -1,194 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_self_subject_access_review -short_description: Kubernetes SelfSubjectAccessReview -description: -- Manage the lifecycle of a self_subject_access_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_non_resource_attributes_path: - description: - - Path is the URL path of the request - aliases: - - non_resource_attributes_path - spec_non_resource_attributes_verb: - description: - - Verb is the standard HTTP verb - aliases: - - non_resource_attributes_verb - spec_resource_attributes_group: - description: - - Group is the API Group of the Resource. "*" means all. - aliases: - - resource_attributes_group - spec_resource_attributes_name: - description: - - Name is the name of the resource being requested for a "get" or deleted for - a "delete". "" (empty) means all. - aliases: - - resource_attributes_name - spec_resource_attributes_namespace: - description: - - Namespace is the namespace of the action being requested. Currently, there is - no distinction between no namespace and all namespaces "" (empty) is defaulted - for LocalSubjectAccessReviews "" (empty) is empty for cluster-scoped resources - "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview - or SelfSubjectAccessReview - aliases: - - resource_attributes_namespace - spec_resource_attributes_resource: - description: - - Resource is one of the existing resource types. "*" means all. - aliases: - - resource_attributes_resource - spec_resource_attributes_subresource: - description: - - Subresource is one of the existing resource types. "" means none. - aliases: - - resource_attributes_subresource - spec_resource_attributes_verb: - description: - - 'Verb is a kubernetes resource API verb, like: get, list, watch, create, update, - delete, proxy. "*" means all.' - aliases: - - resource_attributes_verb - spec_resource_attributes_version: - description: - - Version is the API Version of the Resource. "*" means all. - aliases: - - resource_attributes_version - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -self_subject_access_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated. user and groups - must be empty - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request is allowed - or not - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('self_subject_access_review', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_self_subject_rules_review.py b/library/k8s_v1beta1_self_subject_rules_review.py deleted file mode 100644 index 01f92105..00000000 --- a/library/k8s_v1beta1_self_subject_rules_review.py +++ /dev/null @@ -1,145 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_self_subject_rules_review -short_description: Kubernetes SelfSubjectRulesReview -description: -- Manage the lifecycle of a self_subject_rules_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_namespace: - description: - - Namespace to evaluate rules for. Required. - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -self_subject_rules_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated. - type: complex - status: - description: - - Status is filled in by the server and indicates the set of actions a user - can perform. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('self_subject_rules_review', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_stateful_set.py b/library/k8s_v1beta1_stateful_set.py deleted file mode 100644 index 0785c5a1..00000000 --- a/library/k8s_v1beta1_stateful_set.py +++ /dev/null @@ -1,579 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_stateful_set -short_description: Kubernetes StatefulSet -description: -- Manage the lifecycle of a stateful_set object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_pod_management_policy: - description: - - podManagementPolicy controls how pods are created during initial scale up, when - replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, - where pods are created in increasing order (pod-0, then pod-1, etc) and the - controller will wait until each pod is ready before continuing. When scaling - down, the pods are removed in the opposite order. The alternative policy is - `Parallel` which will create pods in parallel to match the desired scale without - waiting, and on scale down will delete all pods at once. - aliases: - - pod_management_policy - spec_replicas: - description: - - replicas is the desired number of replicas of the given Template. These are - replicas in the sense that they are instantiations of the same Template, but - individual replicas also have a consistent identity. If unspecified, defaults - to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - revisionHistoryLimit is the maximum number of revisions that will be maintained - in the StatefulSet's revision history. The revision history consists of all - revisions not represented by a currently applied StatefulSetSpec version. The - default value is 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_service_name: - description: - - 'serviceName is the name of the service that governs this StatefulSet. This - service must exist before the StatefulSet, and is responsible for the network - identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local - where "pod-specific-string" is managed by the StatefulSet controller.' - aliases: - - service_name - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_update_strategy_rolling_update_partition: - description: - - Partition indicates the ordinal at which the StatefulSet should be partitioned. - aliases: - - update_strategy_rolling_update_partition - type: int - spec_update_strategy_type: - description: - - Type indicates the type of the StatefulSetUpdateStrategy. - aliases: - - update_strategy_type - spec_volume_claim_templates: - description: - - volumeClaimTemplates is a list of claims that pods are allowed to reference. - The StatefulSet controller is responsible for mapping network identities to - claims in a way that maintains the identity of a pod. Every claim in this list - must have at least one matching (by name) volumeMount in one container in the - template. A claim in this list takes precedence over any volumes in the template, - with the same name. - aliases: - - volume_claim_templates - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -- name: Create stateful set - k8s_v1beta1_stateful_set.yml: - name: test - labels: - name: test - namespace: test - state: present - service_name: test - replicas: 3 - spec_template_metadata_labels: - name: test - spec_template_metadata_name: test - termination_grace_period_seconds: 10 - containers: - - name: test - image: openshift/origin-ruby-sample:v1.0 -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -stateful_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec defines the desired identities of pods in this set. - type: complex - status: - description: - - Status is the current status of Pods in this StatefulSet. This data may be - out of date by some window of time. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('stateful_set', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_stateful_set_list.py b/library/k8s_v1beta1_stateful_set_list.py deleted file mode 100644 index f0aa3af3..00000000 --- a/library/k8s_v1beta1_stateful_set_list.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_stateful_set_list -short_description: Kubernetes StatefulSetList -description: -- Retrieve a list of stateful_sets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -stateful_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: [] - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec defines the desired identities of pods in this set. - type: complex - status: - description: - - Status is the current status of Pods in this StatefulSet. This data may - be out of date by some window of time. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('stateful_set_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_storage_class.py b/library/k8s_v1beta1_storage_class.py deleted file mode 100644 index 01c093f2..00000000 --- a/library/k8s_v1beta1_storage_class.py +++ /dev/null @@ -1,206 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_storage_class -short_description: Kubernetes StorageClass -description: -- Manage the lifecycle of a storage_class object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - allow_volume_expansion: - description: - - AllowVolumeExpansion shows whether the storage class allow volume expand - type: bool - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - mount_options: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with these mountOptions, e.g. ["ro", "soft"]. Not validated - mount of the PVs - will simply fail if one is invalid. - type: list - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - parameters: - description: - - Parameters holds the parameters for the provisioner that should create volumes - of this storage class. - type: dict - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - provisioner: - description: - - Provisioner indicates the type of the provisioner. - reclaim_policy: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with this reclaimPolicy. Defaults to Delete. - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -storage_class: - type: complex - returned: when I(state) = C(present) - contains: - allow_volume_expansion: - description: - - AllowVolumeExpansion shows whether the storage class allow volume expand - type: bool - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - mount_options: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with these mountOptions, e.g. ["ro", "soft"]. Not validated - mount of the - PVs will simply fail if one is invalid. - type: list - contains: str - parameters: - description: - - Parameters holds the parameters for the provisioner that should create volumes - of this storage class. - type: complex - contains: str, str - provisioner: - description: - - Provisioner indicates the type of the provisioner. - type: str - reclaim_policy: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with this reclaimPolicy. Defaults to Delete. - type: str -''' - - -def main(): - try: - module = KubernetesAnsibleModule('storage_class', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_storage_class_list.py b/library/k8s_v1beta1_storage_class_list.py deleted file mode 100644 index 259b495c..00000000 --- a/library/k8s_v1beta1_storage_class_list.py +++ /dev/null @@ -1,183 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_storage_class_list -short_description: Kubernetes StorageClassList -description: -- Retrieve a list of storage_class. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -storage_class_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of StorageClasses - type: list - contains: - allow_volume_expansion: - description: - - AllowVolumeExpansion shows whether the storage class allow volume expand - type: bool - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - mount_options: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with these mountOptions, e.g. ["ro", "soft"]. Not validated - mount of - the PVs will simply fail if one is invalid. - type: list - contains: str - parameters: - description: - - Parameters holds the parameters for the provisioner that should create - volumes of this storage class. - type: complex - contains: str, str - provisioner: - description: - - Provisioner indicates the type of the provisioner. - type: str - reclaim_policy: - description: - - Dynamically provisioned PersistentVolumes of this storage class are created - with this reclaimPolicy. Defaults to Delete. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('storage_class_list', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_subject_access_review.py b/library/k8s_v1beta1_subject_access_review.py deleted file mode 100644 index e26889ad..00000000 --- a/library/k8s_v1beta1_subject_access_review.py +++ /dev/null @@ -1,217 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_subject_access_review -short_description: Kubernetes SubjectAccessReview -description: -- Manage the lifecycle of a subject_access_review object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_extra: - description: - - Extra corresponds to the user.Info.GetExtra() method from the authenticator. - Since that is input to the authorizer it needs a reflection here. - aliases: - - extra - type: dict - spec_group: - description: - - Groups is the groups you're testing for. - aliases: - - group - type: list - spec_non_resource_attributes_path: - description: - - Path is the URL path of the request - aliases: - - non_resource_attributes_path - spec_non_resource_attributes_verb: - description: - - Verb is the standard HTTP verb - aliases: - - non_resource_attributes_verb - spec_resource_attributes_group: - description: - - Group is the API Group of the Resource. "*" means all. - aliases: - - resource_attributes_group - spec_resource_attributes_name: - description: - - Name is the name of the resource being requested for a "get" or deleted for - a "delete". "" (empty) means all. - aliases: - - resource_attributes_name - spec_resource_attributes_namespace: - description: - - Namespace is the namespace of the action being requested. Currently, there is - no distinction between no namespace and all namespaces "" (empty) is defaulted - for LocalSubjectAccessReviews "" (empty) is empty for cluster-scoped resources - "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview - or SelfSubjectAccessReview - aliases: - - resource_attributes_namespace - spec_resource_attributes_resource: - description: - - Resource is one of the existing resource types. "*" means all. - aliases: - - resource_attributes_resource - spec_resource_attributes_subresource: - description: - - Subresource is one of the existing resource types. "" means none. - aliases: - - resource_attributes_subresource - spec_resource_attributes_verb: - description: - - 'Verb is a kubernetes resource API verb, like: get, list, watch, create, update, - delete, proxy. "*" means all.' - aliases: - - resource_attributes_verb - spec_resource_attributes_version: - description: - - Version is the API Version of the Resource. "*" means all. - aliases: - - resource_attributes_version - spec_uid: - description: - - UID information about the requesting user. - aliases: - - uid - spec_user: - description: - - User is the user you're testing for. If you specify "User" but not "Group", - then is it interpreted as "What if User were not a member of any groups - aliases: - - user - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -subject_access_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request is allowed - or not - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('subject_access_review', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta1_token_review.py b/library/k8s_v1beta1_token_review.py deleted file mode 100644 index 794dcba2..00000000 --- a/library/k8s_v1beta1_token_review.py +++ /dev/null @@ -1,147 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta1_token_review -short_description: Kubernetes TokenReview -description: -- Manage the lifecycle of a token_review object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_token: - description: - - Token is the opaque bearer token. - aliases: - - token - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -token_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec holds information about the request being evaluated - type: complex - status: - description: - - Status is filled in by the server and indicates whether the request can be - authenticated. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('token_review', 'v1beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_controller_revision.py b/library/k8s_v1beta2_controller_revision.py deleted file mode 100644 index 5f9a3560..00000000 --- a/library/k8s_v1beta2_controller_revision.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_controller_revision -short_description: Kubernetes ControllerRevision -description: -- Manage the lifecycle of a controller_revision object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - data_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - raw - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -controller_revision: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - data: - description: - - Data is the serialized representation of the state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int -''' - - -def main(): - try: - module = KubernetesAnsibleModule('controller_revision', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_controller_revision_list.py b/library/k8s_v1beta2_controller_revision_list.py deleted file mode 100644 index 19f8c941..00000000 --- a/library/k8s_v1beta2_controller_revision_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_controller_revision_list -short_description: Kubernetes ControllerRevisionList -description: -- Retrieve a list of controller_revisions. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -controller_revision_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of ControllerRevisions - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - data: - description: - - Data is the serialized representation of the state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - '' - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('controller_revision_list', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_daemon_set.py b/library/k8s_v1beta2_daemon_set.py deleted file mode 100644 index 91b547ee..00000000 --- a/library/k8s_v1beta2_daemon_set.py +++ /dev/null @@ -1,542 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_daemon_set -short_description: Kubernetes DaemonSet -description: -- Manage the lifecycle of a daemon_set object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - The minimum number of seconds for which a newly created DaemonSet pod should - be ready without any of its container crashing, for it to be considered available. - Defaults to 0 (pod will be considered available as soon as it is ready). - aliases: - - min_ready_seconds - type: int - spec_revision_history_limit: - description: - - The number of old history to retain to allow rollback. This is a pointer to - distinguish between explicit zero and not specified. Defaults to 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_update_strategy_rolling_update_max_unavailable: - description: - - 'The maximum number of DaemonSet pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet - pods at the start of the update (ex: 10%). Absolute number is calculated from - percentage by rounding up. This cannot be 0. Default value is 1. Example: when - this is set to 30%, at most 30% of the total number of nodes that should be - running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods - stopped for an update at any given time. The update starts by stopping at most - 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. - Once the new pods are available, it then proceeds onto other DaemonSet pods, - thus ensuring that at least 70% of original number of DaemonSet pods are available - at all times during the update.' - aliases: - - update_strategy_rolling_update_max_unavailable - type: object - spec_update_strategy_type: - description: - - Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is - RollingUpdate. - aliases: - - update_strategy_type - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -daemon_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - The desired behavior of this daemon set. - type: complex - status: - description: - - The current status of this daemon set. This data may be out of date by some - window of time. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('daemon_set', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_daemon_set_list.py b/library/k8s_v1beta2_daemon_set_list.py deleted file mode 100644 index 335b89b5..00000000 --- a/library/k8s_v1beta2_daemon_set_list.py +++ /dev/null @@ -1,166 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_daemon_set_list -short_description: Kubernetes DaemonSetList -description: -- Retrieve a list of daemon_sets. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -daemon_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - A list of daemon sets. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - The desired behavior of this daemon set. - type: complex - status: - description: - - The current status of this daemon set. This data may be out of date by - some window of time. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('daemon_set_list', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_deployment.py b/library/k8s_v1beta2_deployment.py deleted file mode 100644 index 23377d37..00000000 --- a/library/k8s_v1beta2_deployment.py +++ /dev/null @@ -1,574 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_deployment -short_description: Kubernetes Deployment -description: -- Manage the lifecycle of a deployment object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_paused: - description: - - Indicates that the deployment is paused. - aliases: - - paused - type: bool - spec_progress_deadline_seconds: - description: - - The maximum time in seconds for a deployment to make progress before it is considered - to be failed. The deployment controller will continue to process failed deployments - and a condition with a ProgressDeadlineExceeded reason will be surfaced in the - deployment status. Note that progress will not be estimated during the time - a deployment is paused. Defaults to 600s. - aliases: - - progress_deadline_seconds - type: int - spec_replicas: - description: - - Number of desired pods. This is a pointer to distinguish between explicit zero - and not specified. Defaults to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - The number of old ReplicaSets to retain to allow rollback. This is a pointer - to distinguish between explicit zero and not specified. Defaults to 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_strategy_rolling_update_max_surge: - description: - - 'The maximum number of pods that can be scheduled above the desired number of - pods. Value can be an absolute number (ex: 5) or a percentage of desired pods - (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated - from percentage by rounding up. Defaults to 25%. Example: when this is set to - 30%, the new RC can be scaled up immediately when the rolling update starts, - such that the total number of old and new pods do not exceed 130% of desired - pods. Once old pods have been killed, new RC can be scaled up further, ensuring - that total number of pods running at any time during the update is atmost 130% - of desired pods.' - aliases: - - strategy_rolling_update_max_surge - type: object - spec_strategy_rolling_update_max_unavailable: - description: - - 'The maximum number of pods that can be unavailable during the update. Value - can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. This can not - be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the - old RC can be scaled down to 70% of desired pods immediately when the rolling - update starts. Once new pods are ready, old RC can be scaled down further, followed - by scaling up the new RC, ensuring that the total number of pods available at - all times during the update is at least 70% of desired pods.' - aliases: - - strategy_rolling_update_max_unavailable - type: object - spec_strategy_type: - description: - - Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. - aliases: - - strategy_type - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('deployment', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_deployment_list.py b/library/k8s_v1beta2_deployment_list.py deleted file mode 100644 index ca0ba133..00000000 --- a/library/k8s_v1beta2_deployment_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_deployment_list -short_description: Kubernetes DeploymentList -description: -- Retrieve a list of deployments. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of Deployments. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('deployment_list', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_replica_set.py b/library/k8s_v1beta2_replica_set.py deleted file mode 100644 index 218b0259..00000000 --- a/library/k8s_v1beta2_replica_set.py +++ /dev/null @@ -1,521 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_replica_set -short_description: Kubernetes ReplicaSet -description: -- Manage the lifecycle of a replica_set object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_replicas: - description: - - Replicas is the number of desired replicas. This is a pointer to distinguish - between explicit zero and unspecified. Defaults to 1. - aliases: - - replicas - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replica_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicaSet are empty, they are defaulted to be the same - as the Pod(s) that the ReplicaSet manages. Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the ReplicaSet. - type: complex - status: - description: - - Status is the most recently observed status of the ReplicaSet. This data may - be out of date by some window of time. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('replica_set', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_replica_set_list.py b/library/k8s_v1beta2_replica_set_list.py deleted file mode 100644 index b1a4b9b1..00000000 --- a/library/k8s_v1beta2_replica_set_list.py +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_replica_set_list -short_description: Kubernetes ReplicaSetList -description: -- Retrieve a list of replica_sets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replica_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ReplicaSets. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicaSet are empty, they are defaulted to be the - same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the ReplicaSet. - type: complex - status: - description: - - Status is the most recently observed status of the ReplicaSet. This data - may be out of date by some window of time. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('replica_set_list', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_scale.py b/library/k8s_v1beta2_scale.py deleted file mode 100644 index 60cee6d1..00000000 --- a/library/k8s_v1beta2_scale.py +++ /dev/null @@ -1,148 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_scale -short_description: Kubernetes Scale -description: -- Manage the lifecycle of a scale object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_replicas: - description: - - desired number of instances for the scaled object. - aliases: - - replicas - type: int - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -scale: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - spec: - description: - - defines the behavior of the scale. - type: complex - status: - description: - - current status of the scale. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('scale', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_stateful_set.py b/library/k8s_v1beta2_stateful_set.py deleted file mode 100644 index d912a1bd..00000000 --- a/library/k8s_v1beta2_stateful_set.py +++ /dev/null @@ -1,564 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_stateful_set -short_description: Kubernetes StatefulSet -description: -- Manage the lifecycle of a stateful_set object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_pod_management_policy: - description: - - podManagementPolicy controls how pods are created during initial scale up, when - replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, - where pods are created in increasing order (pod-0, then pod-1, etc) and the - controller will wait until each pod is ready before continuing. When scaling - down, the pods are removed in the opposite order. The alternative policy is - `Parallel` which will create pods in parallel to match the desired scale without - waiting, and on scale down will delete all pods at once. - aliases: - - pod_management_policy - spec_replicas: - description: - - replicas is the desired number of replicas of the given Template. These are - replicas in the sense that they are instantiations of the same Template, but - individual replicas also have a consistent identity. If unspecified, defaults - to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - revisionHistoryLimit is the maximum number of revisions that will be maintained - in the StatefulSet's revision history. The revision history consists of all - revisions not represented by a currently applied StatefulSetSpec version. The - default value is 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_service_name: - description: - - 'serviceName is the name of the service that governs this StatefulSet. This - service must exist before the StatefulSet, and is responsible for the network - identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local - where "pod-specific-string" is managed by the StatefulSet controller.' - aliases: - - service_name - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_update_strategy_rolling_update_partition: - description: - - Partition indicates the ordinal at which the StatefulSet should be partitioned. - Default value is 0. - aliases: - - update_strategy_rolling_update_partition - type: int - spec_update_strategy_type: - description: - - Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. - aliases: - - update_strategy_type - spec_volume_claim_templates: - description: - - volumeClaimTemplates is a list of claims that pods are allowed to reference. - The StatefulSet controller is responsible for mapping network identities to - claims in a way that maintains the identity of a pod. Every claim in this list - must have at least one matching (by name) volumeMount in one container in the - template. A claim in this list takes precedence over any volumes in the template, - with the same name. - aliases: - - volume_claim_templates - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -stateful_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec defines the desired identities of pods in this set. - type: complex - status: - description: - - Status is the current status of Pods in this StatefulSet. This data may be - out of date by some window of time. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('stateful_set', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v1beta2_stateful_set_list.py b/library/k8s_v1beta2_stateful_set_list.py deleted file mode 100644 index 41fde551..00000000 --- a/library/k8s_v1beta2_stateful_set_list.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v1beta2_stateful_set_list -short_description: Kubernetes StatefulSetList -description: -- Retrieve a list of stateful_sets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -stateful_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: [] - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec defines the desired identities of pods in this set. - type: complex - status: - description: - - Status is the current status of Pods in this StatefulSet. This data may - be out of date by some window of time. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('stateful_set_list', 'v1beta2') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v2alpha1_cron_job.py b/library/k8s_v2alpha1_cron_job.py deleted file mode 100644 index d0aa8819..00000000 --- a/library/k8s_v2alpha1_cron_job.py +++ /dev/null @@ -1,616 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v2alpha1_cron_job -short_description: Kubernetes CronJob -description: -- Manage the lifecycle of a cron_job object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_concurrency_policy: - description: - - Specifies how to treat concurrent executions of a Job. Defaults to Allow. - aliases: - - concurrency_policy - spec_failed_jobs_history_limit: - description: - - The number of failed finished jobs to retain. This is a pointer to distinguish - between explicit zero and not specified. - aliases: - - failed_jobs_history_limit - type: int - spec_job_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - aliases: - - job__metadata_annotations - type: dict - spec_job_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - aliases: - - job__metadata_labels - type: dict - spec_job_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - aliases: - - job__metadata_name - spec_job_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - aliases: - - job__metadata_namespace - spec_job_template_spec_active_deadline_seconds: - description: - - Specifies the duration in seconds relative to the startTime that the job may - be active before the system tries to terminate it; value must be positive integer - aliases: - - job__active_deadline_seconds - type: int - spec_job_template_spec_backoff_limit: - description: - - Specifies the number of retries before marking this job failed. Defaults to - 6 - aliases: - - job__backoff_limit - type: int - spec_job_template_spec_completions: - description: - - Specifies the desired number of successfully finished pods the job should be - run with. Setting to nil means that the success of any pod signals the success - of all pods, and allows parallelism to have any positive value. Setting to 1 - means that parallelism is limited to 1 and the success of that pod signals the - success of the job. - aliases: - - job__completions - type: int - spec_job_template_spec_manual_selector: - description: - - manualSelector controls generation of pod labels and pod selectors. Leave `manualSelector` - unset unless you are certain what you are doing. When false or unset, the system - pick labels unique to this job and appends those labels to the pod template. - When true, the user is responsible for picking unique labels and specifying - the selector. Failure to pick a unique label may cause this and other jobs to - not function correctly. However, You may see `manualSelector=true` in jobs that - were created with the old `extensions/v1beta1` API. - aliases: - - job__manual_selector - type: bool - spec_job_template_spec_parallelism: - description: - - Specifies the maximum desired number of pods the job should run at any given - time. The actual number of pods running in steady state will be less than this - number when ((.spec.completions - .status.successful) < .spec.parallelism), - i.e. when the work left to do is less than max parallelism. - aliases: - - job__parallelism - type: int - spec_job_template_spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - job__selector_match_expressions - type: list - spec_job_template_spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - job__selector_match_labels - type: dict - spec_job_template_spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_job_template_spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_job_template_spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_job_template_spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_job_template_spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - type: int - spec_job_template_spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - job__affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - ? spec_job_template_spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - : description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - job__affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_job_template_spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - job__affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - job__affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - job__affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - job__affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_job_template_spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - job__automount_service_account_token - type: bool - spec_job_template_spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - job__containers - type: list - spec_job_template_spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - job__dns_policy - spec_job_template_spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - job__host_aliases - type: list - spec_job_template_spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - job__host_ipc - type: bool - spec_job_template_spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - job__host_network - type: bool - spec_job_template_spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - job__host_pid - type: bool - spec_job_template_spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - job__hostname - spec_job_template_spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - job__image_pull_secrets - type: list - spec_job_template_spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - job__init_containers - type: list - spec_job_template_spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - job__node_name - spec_job_template_spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - job__node_selector - type: dict - spec_job_template_spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - job__priority - type: int - spec_job_template_spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - job__priority_class_name - spec_job_template_spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - job__restart_policy - spec_job_template_spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - job__scheduler_name - spec_job_template_spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - job__securitycontext_fs_group - type: int - spec_job_template_spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - job__securitycontext_run_as_non_root - type: bool - spec_job_template_spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - job__securitycontext_run_as_user - type: int - spec_job_template_spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_level - spec_job_template_spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_role - spec_job_template_spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_type - spec_job_template_spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - job__securitycontext_se_linux_options_user - spec_job_template_spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - job__securitycontext_supplemental_groups - type: list - spec_job_template_spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - job__service_account - spec_job_template_spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - job__service_account_name - spec_job_template_spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - job__subdomain - spec_job_template_spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - job__termination_grace_period_seconds - type: int - spec_job_template_spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - job__tolerations - type: list - spec_job_template_spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - job__volumes - type: list - spec_schedule: - description: - - The schedule in Cron format, see - aliases: - - schedule - spec_starting_deadline_seconds: - description: - - Optional deadline in seconds for starting the job if it misses scheduled time - for any reason. Missed jobs executions will be counted as failed ones. - aliases: - - starting_deadline_seconds - type: int - spec_successful_jobs_history_limit: - description: - - The number of successful finished jobs to retain. This is a pointer to distinguish - between explicit zero and not specified. - aliases: - - successful_jobs_history_limit - type: int - spec_suspend: - description: - - This flag tells the controller to suspend subsequent executions, it does not - apply to already started executions. Defaults to false. - aliases: - - suspend - type: bool - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cron_job: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of a cron job, including the schedule. - type: complex - status: - description: - - Current status of a cron job. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cron_job', 'v2alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v2alpha1_cron_job_list.py b/library/k8s_v2alpha1_cron_job_list.py deleted file mode 100644 index d6e96c49..00000000 --- a/library/k8s_v2alpha1_cron_job_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v2alpha1_cron_job_list -short_description: Kubernetes CronJobList -description: -- Retrieve a list of cron_jobs. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cron_job_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is the list of CronJobs. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Specification of the desired behavior of a cron job, including the schedule. - type: complex - status: - description: - - Current status of a cron job. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('cron_job_list', 'v2alpha1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v2beta1_horizontal_pod_autoscaler.py b/library/k8s_v2beta1_horizontal_pod_autoscaler.py deleted file mode 100644 index 76eb1b7f..00000000 --- a/library/k8s_v2beta1_horizontal_pod_autoscaler.py +++ /dev/null @@ -1,207 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v2beta1_horizontal_pod_autoscaler -short_description: Kubernetes HorizontalPodAutoscaler -description: -- Manage the lifecycle of a horizontal_pod_autoscaler object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_max_replicas: - description: - - maxReplicas is the upper limit for the number of replicas to which the autoscaler - can scale up. It cannot be less that minReplicas. - aliases: - - max_replicas - type: int - spec_metrics: - description: - - metrics contains the specifications for which to use to calculate the desired - replica count (the maximum replica count across all metrics will be used). The - desired replica count is calculated multiplying the ratio between the target - value and the current value by the current number of pods. Ergo, metrics used - must decrease as the pod count is increased, and vice-versa. See the individual - metric source types for more information about how each type of metric must - respond. - aliases: - - metrics - type: list - spec_min_replicas: - description: - - minReplicas is the lower limit for the number of replicas to which the autoscaler - can scale down. It defaults to 1 pod. - aliases: - - min_replicas - type: int - spec_scale_target_ref_api_version: - description: - - API version of the referent - aliases: - - scale_target_ref_api_version - spec_scale_target_ref_kind: - description: - - Kind of the referent; - aliases: - - scale_target_ref_kind - spec_scale_target_ref_name: - description: - - Name of the referent; - aliases: - - scale_target_ref_name - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -horizontal_pod_autoscaler: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata is the standard object metadata. - type: complex - spec: - description: - - spec is the specification for the behaviour of the autoscaler. - type: complex - status: - description: - - status is the current information about the autoscaler. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('horizontal_pod_autoscaler', 'v2beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/k8s_v2beta1_horizontal_pod_autoscaler_list.py b/library/k8s_v2beta1_horizontal_pod_autoscaler_list.py deleted file mode 100644 index 2e881512..00000000 --- a/library/k8s_v2beta1_horizontal_pod_autoscaler_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.k8s_common import KubernetesAnsibleModule, KubernetesAnsibleException - -DOCUMENTATION = ''' -module: k8s_v2beta1_horizontal_pod_autoscaler_list -short_description: Kubernetes HorizontalPodAutoscalerList -description: -- Retrieve a list of horizontal_pod_autoscalers. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- kubernetes == 4.0.0 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -horizontal_pod_autoscaler_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is the list of horizontal pod autoscaler objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - metadata is the standard object metadata. - type: complex - spec: - description: - - spec is the specification for the behaviour of the autoscaler. - type: complex - status: - description: - - status is the current information about the autoscaler. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata is the standard list metadata. - type: complex -''' - - -def main(): - try: - module = KubernetesAnsibleModule('horizontal_pod_autoscaler_list', 'v2beta1') - except KubernetesAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except KubernetesAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_applied_cluster_resource_quota.py b/library/openshift_v1_applied_cluster_resource_quota.py deleted file mode 100644 index b2c792fc..00000000 --- a/library/openshift_v1_applied_cluster_resource_quota.py +++ /dev/null @@ -1,177 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_applied_cluster_resource_quota -short_description: OpenShift AppliedClusterResourceQuota -description: -- Manage the lifecycle of a applied_cluster_resource_quota object. Supports check - mode, and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_quota_hard: - description: - - Hard is the set of desired hard limits for each named resource. - aliases: - - quota_hard - type: dict - spec_quota_scopes: - description: - - A collection of filters that must match each object tracked by a quota. If not - specified, the quota matches all objects. - aliases: - - quota_scopes - type: list - spec_selector_annotations: - description: - - AnnotationSelector is used to select projects by annotation. - aliases: - - selector_annotations - type: dict - spec_selector_labels_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_labels_match_expressions - type: list - spec_selector_labels_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_labels_match_labels - type: dict - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -applied_cluster_resource_quota: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired quota - type: complex - status: - description: - - Status defines the actual enforced quota and its current usage - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('applied_cluster_resource_quota', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_applied_cluster_resource_quota_list.py b/library/openshift_v1_applied_cluster_resource_quota_list.py deleted file mode 100644 index 83f325e9..00000000 --- a/library/openshift_v1_applied_cluster_resource_quota_list.py +++ /dev/null @@ -1,141 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_applied_cluster_resource_quota_list -short_description: OpenShift AppliedClusterResourceQuotaList -description: -- Retrieve a list of applied_cluster_resource_quotas. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -applied_cluster_resource_quota_list: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of AppliedClusterResourceQuota - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired quota - type: complex - status: - description: - - Status defines the actual enforced quota and its current usage - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('applied_cluster_resource_quota_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_broker_template_instance.py b/library/openshift_v1_broker_template_instance.py deleted file mode 100644 index 202d1e1f..00000000 --- a/library/openshift_v1_broker_template_instance.py +++ /dev/null @@ -1,251 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_broker_template_instance -short_description: OpenShift BrokerTemplateInstance -description: -- Manage the lifecycle of a broker_template_instance object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_binding_i_ds: - description: - - bindingids is a list of 'binding_id's provided during successive bind calls - to the template service broker. - aliases: - - binding_i_ds - type: list - spec_secret_api_version: - description: - - API version of the referent. - aliases: - - secret_api_version - spec_secret_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - secret_field_path - spec_secret_kind: - description: - - Kind of the referent. - aliases: - - secret_kind - spec_secret_name: - description: - - Name of the referent. - aliases: - - secret_name - spec_secret_namespace: - description: - - Namespace of the referent. - aliases: - - secret_namespace - spec_secret_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - secret_resource_version - spec_secret_uid: - description: - - UID of the referent. - aliases: - - secret_uid - spec_template_instance_api_version: - description: - - API version of the referent. - aliases: - - _instance_api_version - spec_template_instance_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - _instance_field_path - spec_template_instance_kind: - description: - - Kind of the referent. - aliases: - - _instance_kind - spec_template_instance_name: - description: - - Name of the referent. - aliases: - - _instance_name - spec_template_instance_namespace: - description: - - Namespace of the referent. - aliases: - - _instance_namespace - spec_template_instance_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - _instance_resource_version - spec_template_instance_uid: - description: - - UID of the referent. - aliases: - - _instance_uid - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -broker_template_instance: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - spec describes the state of this BrokerTemplateInstance. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('broker_template_instance', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_broker_template_instance_list.py b/library/openshift_v1_broker_template_instance_list.py deleted file mode 100644 index df296714..00000000 --- a/library/openshift_v1_broker_template_instance_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_broker_template_instance_list -short_description: OpenShift BrokerTemplateInstanceList -description: -- Retrieve a list of broker_template_instances. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -broker_template_instance_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is a list of BrokerTemplateInstances - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - spec describes the state of this BrokerTemplateInstance. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('broker_template_instance_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_build.py b/library/openshift_v1_build.py deleted file mode 100644 index d77dbcdf..00000000 --- a/library/openshift_v1_build.py +++ /dev/null @@ -1,673 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_build -short_description: OpenShift Build -description: -- Manage the lifecycle of a build object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_completion_deadline_seconds: - description: - - completionDeadlineSeconds is an optional duration in seconds, counted from the - time when a build pod gets scheduled in the system, that the build may be active - on a node before the system actively tries to terminate the build; value must - be positive integer - aliases: - - completion_deadline_seconds - type: int - spec_node_selector: - description: - - nodeSelector is a selector which must be true for the build pod to fit on a - node If nil, it can be overridden by default build nodeselector values for the - cluster. If set to an empty map or a map with any values, default build nodeselector - values are ignored. - aliases: - - node_selector - type: dict - spec_output_image_labels: - description: - - imageLabels define a list of labels that are applied to the resulting image. - If there are multiple labels with the same name then the last one in the list - is used. - aliases: - - output_image_labels - type: list - spec_output_push_secret_name: - description: - - Name of the referent. - aliases: - - output_push_secret_name - spec_output_to_api_version: - description: - - API version of the referent. - aliases: - - output_to_api_version - spec_output_to_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - output_to_field_path - spec_output_to_kind: - description: - - Kind of the referent. - aliases: - - output_to_kind - spec_output_to_name: - description: - - Name of the referent. - aliases: - - output_to_name - spec_output_to_namespace: - description: - - Namespace of the referent. - aliases: - - output_to_namespace - spec_output_to_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - output_to_resource_version - spec_output_to_uid: - description: - - UID of the referent. - aliases: - - output_to_uid - spec_post_commit_args: - description: - - args is a list of arguments that are provided to either Command, Script or the - Docker image's default entrypoint. The arguments are placed immediately after - the command to be run. - aliases: - - post_commit_args - type: list - spec_post_commit_command: - description: - - command is the command to run. It may not be specified with Script. This might - be needed if the image doesn't have `/bin/sh`, or if you do not want to use - a shell. In all other cases, using Script might be more convenient. - aliases: - - post_commit_command - type: list - spec_post_commit_script: - description: - - script is a shell script to be run with `/bin/sh -ic`. It may not be specified - with Command. Use Script when a shell script is appropriate to execute the post - build hook, for example for running unit tests with `rake test`. If you need - control over the image entrypoint, or if the image does not have `/bin/sh`, - use Command and/or Args. The `-i` flag is needed to support CentOS and RHEL - images that use Software Collections (SCL), in order to have the appropriate - collections enabled in the shell. E.g., in the Ruby image, this is necessary - to make `ruby`, `bundle` and other binaries available in the PATH. - aliases: - - post_commit_script - spec_resources_limits: - description: - - Limits describes the maximum amount of compute resources allowed. - aliases: - - resources_limits - type: dict - spec_resources_requests: - description: - - Requests describes the minimum amount of compute resources required. If Requests - is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. - aliases: - - resources_requests - type: dict - spec_revision_git_author_email: - description: - - email of the source control user - aliases: - - revision_git_author_email - spec_revision_git_author_name: - description: - - name of the source control user - aliases: - - revision_git_author_name - spec_revision_git_commit: - description: - - commit is the commit hash identifying a specific commit - aliases: - - revision_git_commit - spec_revision_git_committer_email: - description: - - email of the source control user - aliases: - - revision_git_committer_email - spec_revision_git_committer_name: - description: - - name of the source control user - aliases: - - revision_git_committer_name - spec_revision_git_message: - description: - - message is the description of a specific commit - aliases: - - revision_git_message - spec_revision_type: - description: - - type of the build source, may be one of 'Source', 'Dockerfile', 'Binary', or - 'Images' - aliases: - - revision_type - spec_service_account: - description: - - serviceAccount is the name of the ServiceAccount to use to run the pod created - by this build. The pod will be allowed to use secrets referenced by the ServiceAccount - aliases: - - service_account - spec_source_binary_as_file: - description: - - asFile indicates that the provided binary input should be considered a single - file within the build input. For example, specifying "webapp.war" would place - the provided binary as `/webapp.war` for the builder. If left empty, the Docker - and Source build strategies assume this file is a zip, tar, or tar.gz file and - extract it as the source. The custom strategy receives this binary as standard - input. This filename may not contain slashes or be '..' or '.'. - aliases: - - source_binary_as_file - spec_source_context_dir: - description: - - contextDir specifies the sub-directory where the source code for the application - exists. This allows to have buildable sources in directory other than root of - repository. - aliases: - - source_context_dir - spec_source_dockerfile: - description: - - dockerfile is the raw contents of a Dockerfile which should be built. When this - option is specified, the FROM may be modified based on your strategy base image - and additional ENV stanzas from your strategy environment will be added after - the FROM, but before the rest of your Dockerfile stanzas. The Dockerfile source - type may be used with other options like git - in those cases the Git repo will - have any innate Dockerfile replaced in the context dir. - aliases: - - source_dockerfile - spec_source_git_http_proxy: - description: - - httpProxy is a proxy used to reach the git repository over http - aliases: - - source_git_http_proxy - spec_source_git_https_proxy: - description: - - httpsProxy is a proxy used to reach the git repository over https - aliases: - - source_git_https_proxy - spec_source_git_no_proxy: - description: - - noProxy is the list of domains for which the proxy should not be used - aliases: - - source_git_no_proxy - spec_source_git_ref: - description: - - ref is the branch/tag/ref to build. - aliases: - - source_git_ref - spec_source_git_uri: - description: - - uri points to the source that will be built. The structure of the source will - depend on the type of build to run - aliases: - - source_git_uri - spec_source_images: - description: - - images describes a set of images to be used to provide source for the build - aliases: - - source_images - type: list - spec_source_secrets: - description: - - secrets represents a list of secrets and their destinations that will be used - only for the build. - aliases: - - source_secrets - type: list - spec_source_source_secret_name: - description: - - Name of the referent. - aliases: - - source_secret_name - spec_source_type: - description: - - type of build input to accept - aliases: - - source_type - spec_strategy_custom_strategy_build_api_version: - description: - - buildAPIVersion is the requested API version for the Build object serialized - and passed to the custom builder - aliases: - - strategy_custom_strategy_build_api_version - spec_strategy_custom_strategy_env: - description: - - env contains additional environment variables you want to pass into a builder - container. - aliases: - - strategy_custom_strategy_env - type: list - spec_strategy_custom_strategy_expose_docker_socket: - description: - - exposeDockerSocket will allow running Docker commands (and build Docker images) - from inside the Docker container. - aliases: - - strategy_custom_strategy_expose_docker_socket - type: bool - spec_strategy_custom_strategy_force_pull: - description: - - forcePull describes if the controller should configure the build pod to always - pull the images for the builder or only pull if it is not present locally - aliases: - - strategy_custom_strategy_force_pull - type: bool - spec_strategy_custom_strategy_from_api_version: - description: - - API version of the referent. - aliases: - - strategy_custom_strategy_from_api_version - spec_strategy_custom_strategy_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - strategy_custom_strategy_from_field_path - spec_strategy_custom_strategy_from_kind: - description: - - Kind of the referent. - aliases: - - strategy_custom_strategy_from_kind - spec_strategy_custom_strategy_from_name: - description: - - Name of the referent. - aliases: - - strategy_custom_strategy_from_name - spec_strategy_custom_strategy_from_namespace: - description: - - Namespace of the referent. - aliases: - - strategy_custom_strategy_from_namespace - spec_strategy_custom_strategy_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - strategy_custom_strategy_from_resource_version - spec_strategy_custom_strategy_from_uid: - description: - - UID of the referent. - aliases: - - strategy_custom_strategy_from_uid - spec_strategy_custom_strategy_pull_secret_name: - description: - - Name of the referent. - aliases: - - strategy_custom_strategy_pull_secret_name - spec_strategy_custom_strategy_secrets: - description: - - secrets is a list of additional secrets that will be included in the build pod - aliases: - - strategy_custom_strategy_secrets - type: list - spec_strategy_docker_strategy_build_args: - description: - - buildArgs contains build arguments that will be resolved in the Dockerfile. - See - aliases: - - strategy_docker_strategy_build_args - type: list - spec_strategy_docker_strategy_dockerfile_path: - description: - - dockerfilePath is the path of the Dockerfile that will be used to build the - Docker image, relative to the root of the context (contextDir). - aliases: - - strategy_docker_strategy_dockerfile_path - spec_strategy_docker_strategy_env: - description: - - env contains additional environment variables you want to pass into a builder - container. - aliases: - - strategy_docker_strategy_env - type: list - spec_strategy_docker_strategy_force_pull: - description: - - forcePull describes if the builder should pull the images from registry prior - to building. - aliases: - - strategy_docker_strategy_force_pull - type: bool - spec_strategy_docker_strategy_from_api_version: - description: - - API version of the referent. - aliases: - - strategy_docker_strategy_from_api_version - spec_strategy_docker_strategy_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - strategy_docker_strategy_from_field_path - spec_strategy_docker_strategy_from_kind: - description: - - Kind of the referent. - aliases: - - strategy_docker_strategy_from_kind - spec_strategy_docker_strategy_from_name: - description: - - Name of the referent. - aliases: - - strategy_docker_strategy_from_name - spec_strategy_docker_strategy_from_namespace: - description: - - Namespace of the referent. - aliases: - - strategy_docker_strategy_from_namespace - spec_strategy_docker_strategy_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - strategy_docker_strategy_from_resource_version - spec_strategy_docker_strategy_from_uid: - description: - - UID of the referent. - aliases: - - strategy_docker_strategy_from_uid - spec_strategy_docker_strategy_image_optimization_policy: - description: - - imageOptimizationPolicy describes what optimizations the system can use when - building images to reduce the final size or time spent building the image. The - default policy is 'None' which means the final build image will be equivalent - to an image created by the Docker build API. The experimental policy 'SkipLayers' - will avoid commiting new layers in between each image step, and will fail if - the Dockerfile cannot provide compatibility with the 'None' policy. An additional - experimental policy 'SkipLayersAndWarn' is the same as 'SkipLayers' but simply - warns if compatibility cannot be preserved. - aliases: - - strategy_docker_strategy_image_optimization_policy - spec_strategy_docker_strategy_no_cache: - description: - - noCache if set to true indicates that the docker build must be executed with - the --no-cache=true flag - aliases: - - strategy_docker_strategy_no_cache - type: bool - spec_strategy_docker_strategy_pull_secret_name: - description: - - Name of the referent. - aliases: - - strategy_docker_strategy_pull_secret_name - spec_strategy_jenkins_pipeline_strategy_env: - description: - - env contains additional environment variables you want to pass into a build - pipeline. - aliases: - - strategy_jenkins_pipeline_strategy_env - type: list - spec_strategy_jenkins_pipeline_strategy_jenkinsfile: - description: - - Jenkinsfile defines the optional raw contents of a Jenkinsfile which defines - a Jenkins pipeline build. - aliases: - - strategy_jenkins_pipeline_strategy_jenkinsfile - spec_strategy_jenkins_pipeline_strategy_jenkinsfile_path: - description: - - JenkinsfilePath is the optional path of the Jenkinsfile that will be used to - configure the pipeline relative to the root of the context (contextDir). If - both JenkinsfilePath & Jenkinsfile are both not specified, this defaults to - Jenkinsfile in the root of the specified contextDir. - aliases: - - strategy_jenkins_pipeline_strategy_jenkinsfile_path - spec_strategy_source_strategy_env: - description: - - env contains additional environment variables you want to pass into a builder - container. - aliases: - - strategy_source_strategy_env - type: list - spec_strategy_source_strategy_force_pull: - description: - - forcePull describes if the builder should pull the images from registry prior - to building. - aliases: - - strategy_source_strategy_force_pull - type: bool - spec_strategy_source_strategy_from_api_version: - description: - - API version of the referent. - aliases: - - strategy_source_strategy_from_api_version - spec_strategy_source_strategy_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - strategy_source_strategy_from_field_path - spec_strategy_source_strategy_from_kind: - description: - - Kind of the referent. - aliases: - - strategy_source_strategy_from_kind - spec_strategy_source_strategy_from_name: - description: - - Name of the referent. - aliases: - - strategy_source_strategy_from_name - spec_strategy_source_strategy_from_namespace: - description: - - Namespace of the referent. - aliases: - - strategy_source_strategy_from_namespace - spec_strategy_source_strategy_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - strategy_source_strategy_from_resource_version - spec_strategy_source_strategy_from_uid: - description: - - UID of the referent. - aliases: - - strategy_source_strategy_from_uid - spec_strategy_source_strategy_incremental: - description: - - incremental flag forces the Source build to do incremental builds if true. - aliases: - - strategy_source_strategy_incremental - type: bool - spec_strategy_source_strategy_pull_secret_name: - description: - - Name of the referent. - aliases: - - strategy_source_strategy_pull_secret_name - spec_strategy_source_strategy_scripts: - description: - - scripts is the location of Source scripts - aliases: - - strategy_source_strategy_scripts - spec_strategy_type: - description: - - type is the kind of build strategy. - aliases: - - strategy_type - spec_triggered_by: - description: - - triggeredBy describes which triggers started the most recent update to the build - configuration and contains information about those triggers. - aliases: - - triggered_by - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -build: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - spec is all the inputs used to execute the build. - type: complex - status: - description: - - status is the current status of the build. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('build', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_build_config.py b/library/openshift_v1_build_config.py deleted file mode 100644 index 8696ec21..00000000 --- a/library/openshift_v1_build_config.py +++ /dev/null @@ -1,696 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_build_config -short_description: OpenShift BuildConfig -description: -- Manage the lifecycle of a build_config object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_completion_deadline_seconds: - description: - - completionDeadlineSeconds is an optional duration in seconds, counted from the - time when a build pod gets scheduled in the system, that the build may be active - on a node before the system actively tries to terminate the build; value must - be positive integer - aliases: - - completion_deadline_seconds - type: int - spec_failed_builds_history_limit: - description: - - failedBuildsHistoryLimit is the number of old failed builds to retain. If not - specified, all failed builds are retained. - aliases: - - failed_builds_history_limit - type: int - spec_node_selector: - description: - - nodeSelector is a selector which must be true for the build pod to fit on a - node If nil, it can be overridden by default build nodeselector values for the - cluster. If set to an empty map or a map with any values, default build nodeselector - values are ignored. - aliases: - - node_selector - type: dict - spec_output_image_labels: - description: - - imageLabels define a list of labels that are applied to the resulting image. - If there are multiple labels with the same name then the last one in the list - is used. - aliases: - - output_image_labels - type: list - spec_output_push_secret_name: - description: - - Name of the referent. - aliases: - - output_push_secret_name - spec_output_to_api_version: - description: - - API version of the referent. - aliases: - - output_to_api_version - spec_output_to_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - output_to_field_path - spec_output_to_kind: - description: - - Kind of the referent. - aliases: - - output_to_kind - spec_output_to_name: - description: - - Name of the referent. - aliases: - - output_to_name - spec_output_to_namespace: - description: - - Namespace of the referent. - aliases: - - output_to_namespace - spec_output_to_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - output_to_resource_version - spec_output_to_uid: - description: - - UID of the referent. - aliases: - - output_to_uid - spec_post_commit_args: - description: - - args is a list of arguments that are provided to either Command, Script or the - Docker image's default entrypoint. The arguments are placed immediately after - the command to be run. - aliases: - - post_commit_args - type: list - spec_post_commit_command: - description: - - command is the command to run. It may not be specified with Script. This might - be needed if the image doesn't have `/bin/sh`, or if you do not want to use - a shell. In all other cases, using Script might be more convenient. - aliases: - - post_commit_command - type: list - spec_post_commit_script: - description: - - script is a shell script to be run with `/bin/sh -ic`. It may not be specified - with Command. Use Script when a shell script is appropriate to execute the post - build hook, for example for running unit tests with `rake test`. If you need - control over the image entrypoint, or if the image does not have `/bin/sh`, - use Command and/or Args. The `-i` flag is needed to support CentOS and RHEL - images that use Software Collections (SCL), in order to have the appropriate - collections enabled in the shell. E.g., in the Ruby image, this is necessary - to make `ruby`, `bundle` and other binaries available in the PATH. - aliases: - - post_commit_script - spec_resources_limits: - description: - - Limits describes the maximum amount of compute resources allowed. - aliases: - - resources_limits - type: dict - spec_resources_requests: - description: - - Requests describes the minimum amount of compute resources required. If Requests - is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. - aliases: - - resources_requests - type: dict - spec_revision_git_author_email: - description: - - email of the source control user - aliases: - - revision_git_author_email - spec_revision_git_author_name: - description: - - name of the source control user - aliases: - - revision_git_author_name - spec_revision_git_commit: - description: - - commit is the commit hash identifying a specific commit - aliases: - - revision_git_commit - spec_revision_git_committer_email: - description: - - email of the source control user - aliases: - - revision_git_committer_email - spec_revision_git_committer_name: - description: - - name of the source control user - aliases: - - revision_git_committer_name - spec_revision_git_message: - description: - - message is the description of a specific commit - aliases: - - revision_git_message - spec_revision_type: - description: - - type of the build source, may be one of 'Source', 'Dockerfile', 'Binary', or - 'Images' - aliases: - - revision_type - spec_run_policy: - description: - - RunPolicy describes how the new build created from this build configuration - will be scheduled for execution. This is optional, if not specified we default - to "Serial". - aliases: - - run_policy - spec_service_account: - description: - - serviceAccount is the name of the ServiceAccount to use to run the pod created - by this build. The pod will be allowed to use secrets referenced by the ServiceAccount - aliases: - - service_account - spec_source_binary_as_file: - description: - - asFile indicates that the provided binary input should be considered a single - file within the build input. For example, specifying "webapp.war" would place - the provided binary as `/webapp.war` for the builder. If left empty, the Docker - and Source build strategies assume this file is a zip, tar, or tar.gz file and - extract it as the source. The custom strategy receives this binary as standard - input. This filename may not contain slashes or be '..' or '.'. - aliases: - - source_binary_as_file - spec_source_context_dir: - description: - - contextDir specifies the sub-directory where the source code for the application - exists. This allows to have buildable sources in directory other than root of - repository. - aliases: - - source_context_dir - spec_source_dockerfile: - description: - - dockerfile is the raw contents of a Dockerfile which should be built. When this - option is specified, the FROM may be modified based on your strategy base image - and additional ENV stanzas from your strategy environment will be added after - the FROM, but before the rest of your Dockerfile stanzas. The Dockerfile source - type may be used with other options like git - in those cases the Git repo will - have any innate Dockerfile replaced in the context dir. - aliases: - - source_dockerfile - spec_source_git_http_proxy: - description: - - httpProxy is a proxy used to reach the git repository over http - aliases: - - source_git_http_proxy - spec_source_git_https_proxy: - description: - - httpsProxy is a proxy used to reach the git repository over https - aliases: - - source_git_https_proxy - spec_source_git_no_proxy: - description: - - noProxy is the list of domains for which the proxy should not be used - aliases: - - source_git_no_proxy - spec_source_git_ref: - description: - - ref is the branch/tag/ref to build. - aliases: - - source_git_ref - spec_source_git_uri: - description: - - uri points to the source that will be built. The structure of the source will - depend on the type of build to run - aliases: - - source_git_uri - spec_source_images: - description: - - images describes a set of images to be used to provide source for the build - aliases: - - source_images - type: list - spec_source_secrets: - description: - - secrets represents a list of secrets and their destinations that will be used - only for the build. - aliases: - - source_secrets - type: list - spec_source_source_secret_name: - description: - - Name of the referent. - aliases: - - source_secret_name - spec_source_type: - description: - - type of build input to accept - aliases: - - source_type - spec_strategy_custom_strategy_build_api_version: - description: - - buildAPIVersion is the requested API version for the Build object serialized - and passed to the custom builder - aliases: - - strategy_custom_strategy_build_api_version - spec_strategy_custom_strategy_env: - description: - - env contains additional environment variables you want to pass into a builder - container. - aliases: - - strategy_custom_strategy_env - type: list - spec_strategy_custom_strategy_expose_docker_socket: - description: - - exposeDockerSocket will allow running Docker commands (and build Docker images) - from inside the Docker container. - aliases: - - strategy_custom_strategy_expose_docker_socket - type: bool - spec_strategy_custom_strategy_force_pull: - description: - - forcePull describes if the controller should configure the build pod to always - pull the images for the builder or only pull if it is not present locally - aliases: - - strategy_custom_strategy_force_pull - type: bool - spec_strategy_custom_strategy_from_api_version: - description: - - API version of the referent. - aliases: - - strategy_custom_strategy_from_api_version - spec_strategy_custom_strategy_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - strategy_custom_strategy_from_field_path - spec_strategy_custom_strategy_from_kind: - description: - - Kind of the referent. - aliases: - - strategy_custom_strategy_from_kind - spec_strategy_custom_strategy_from_name: - description: - - Name of the referent. - aliases: - - strategy_custom_strategy_from_name - spec_strategy_custom_strategy_from_namespace: - description: - - Namespace of the referent. - aliases: - - strategy_custom_strategy_from_namespace - spec_strategy_custom_strategy_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - strategy_custom_strategy_from_resource_version - spec_strategy_custom_strategy_from_uid: - description: - - UID of the referent. - aliases: - - strategy_custom_strategy_from_uid - spec_strategy_custom_strategy_pull_secret_name: - description: - - Name of the referent. - aliases: - - strategy_custom_strategy_pull_secret_name - spec_strategy_custom_strategy_secrets: - description: - - secrets is a list of additional secrets that will be included in the build pod - aliases: - - strategy_custom_strategy_secrets - type: list - spec_strategy_docker_strategy_build_args: - description: - - buildArgs contains build arguments that will be resolved in the Dockerfile. - See - aliases: - - strategy_docker_strategy_build_args - type: list - spec_strategy_docker_strategy_dockerfile_path: - description: - - dockerfilePath is the path of the Dockerfile that will be used to build the - Docker image, relative to the root of the context (contextDir). - aliases: - - strategy_docker_strategy_dockerfile_path - spec_strategy_docker_strategy_env: - description: - - env contains additional environment variables you want to pass into a builder - container. - aliases: - - strategy_docker_strategy_env - type: list - spec_strategy_docker_strategy_force_pull: - description: - - forcePull describes if the builder should pull the images from registry prior - to building. - aliases: - - strategy_docker_strategy_force_pull - type: bool - spec_strategy_docker_strategy_from_api_version: - description: - - API version of the referent. - aliases: - - strategy_docker_strategy_from_api_version - spec_strategy_docker_strategy_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - strategy_docker_strategy_from_field_path - spec_strategy_docker_strategy_from_kind: - description: - - Kind of the referent. - aliases: - - strategy_docker_strategy_from_kind - spec_strategy_docker_strategy_from_name: - description: - - Name of the referent. - aliases: - - strategy_docker_strategy_from_name - spec_strategy_docker_strategy_from_namespace: - description: - - Namespace of the referent. - aliases: - - strategy_docker_strategy_from_namespace - spec_strategy_docker_strategy_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - strategy_docker_strategy_from_resource_version - spec_strategy_docker_strategy_from_uid: - description: - - UID of the referent. - aliases: - - strategy_docker_strategy_from_uid - spec_strategy_docker_strategy_image_optimization_policy: - description: - - imageOptimizationPolicy describes what optimizations the system can use when - building images to reduce the final size or time spent building the image. The - default policy is 'None' which means the final build image will be equivalent - to an image created by the Docker build API. The experimental policy 'SkipLayers' - will avoid commiting new layers in between each image step, and will fail if - the Dockerfile cannot provide compatibility with the 'None' policy. An additional - experimental policy 'SkipLayersAndWarn' is the same as 'SkipLayers' but simply - warns if compatibility cannot be preserved. - aliases: - - strategy_docker_strategy_image_optimization_policy - spec_strategy_docker_strategy_no_cache: - description: - - noCache if set to true indicates that the docker build must be executed with - the --no-cache=true flag - aliases: - - strategy_docker_strategy_no_cache - type: bool - spec_strategy_docker_strategy_pull_secret_name: - description: - - Name of the referent. - aliases: - - strategy_docker_strategy_pull_secret_name - spec_strategy_jenkins_pipeline_strategy_env: - description: - - env contains additional environment variables you want to pass into a build - pipeline. - aliases: - - strategy_jenkins_pipeline_strategy_env - type: list - spec_strategy_jenkins_pipeline_strategy_jenkinsfile: - description: - - Jenkinsfile defines the optional raw contents of a Jenkinsfile which defines - a Jenkins pipeline build. - aliases: - - strategy_jenkins_pipeline_strategy_jenkinsfile - spec_strategy_jenkins_pipeline_strategy_jenkinsfile_path: - description: - - JenkinsfilePath is the optional path of the Jenkinsfile that will be used to - configure the pipeline relative to the root of the context (contextDir). If - both JenkinsfilePath & Jenkinsfile are both not specified, this defaults to - Jenkinsfile in the root of the specified contextDir. - aliases: - - strategy_jenkins_pipeline_strategy_jenkinsfile_path - spec_strategy_source_strategy_env: - description: - - env contains additional environment variables you want to pass into a builder - container. - aliases: - - strategy_source_strategy_env - type: list - spec_strategy_source_strategy_force_pull: - description: - - forcePull describes if the builder should pull the images from registry prior - to building. - aliases: - - strategy_source_strategy_force_pull - type: bool - spec_strategy_source_strategy_from_api_version: - description: - - API version of the referent. - aliases: - - strategy_source_strategy_from_api_version - spec_strategy_source_strategy_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - strategy_source_strategy_from_field_path - spec_strategy_source_strategy_from_kind: - description: - - Kind of the referent. - aliases: - - strategy_source_strategy_from_kind - spec_strategy_source_strategy_from_name: - description: - - Name of the referent. - aliases: - - strategy_source_strategy_from_name - spec_strategy_source_strategy_from_namespace: - description: - - Namespace of the referent. - aliases: - - strategy_source_strategy_from_namespace - spec_strategy_source_strategy_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - strategy_source_strategy_from_resource_version - spec_strategy_source_strategy_from_uid: - description: - - UID of the referent. - aliases: - - strategy_source_strategy_from_uid - spec_strategy_source_strategy_incremental: - description: - - incremental flag forces the Source build to do incremental builds if true. - aliases: - - strategy_source_strategy_incremental - type: bool - spec_strategy_source_strategy_pull_secret_name: - description: - - Name of the referent. - aliases: - - strategy_source_strategy_pull_secret_name - spec_strategy_source_strategy_scripts: - description: - - scripts is the location of Source scripts - aliases: - - strategy_source_strategy_scripts - spec_strategy_type: - description: - - type is the kind of build strategy. - aliases: - - strategy_type - spec_successful_builds_history_limit: - description: - - successfulBuildsHistoryLimit is the number of old successful builds to retain. - If not specified, all successful builds are retained. - aliases: - - successful_builds_history_limit - type: int - spec_triggers: - description: - - triggers determine how new Builds can be launched from a BuildConfig. If no - triggers are defined, a new build can only occur as a result of an explicit - client build creation. - aliases: - - triggers - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -build_config: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata for BuildConfig. - type: complex - spec: - description: - - spec holds all the input necessary to produce a new build, and the conditions - when to trigger them. - type: complex - status: - description: - - status holds any relevant information about a build config - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('build_config', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_build_config_list.py b/library/openshift_v1_build_config_list.py deleted file mode 100644 index 104910e8..00000000 --- a/library/openshift_v1_build_config_list.py +++ /dev/null @@ -1,166 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_build_config_list -short_description: OpenShift BuildConfigList -description: -- Retrieve a list of build_configs. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -build_config_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is a list of build configs - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - metadata for BuildConfig. - type: complex - spec: - description: - - spec holds all the input necessary to produce a new build, and the conditions - when to trigger them. - type: complex - status: - description: - - status holds any relevant information about a build config - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata for BuildConfigList. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('build_config_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_build_list.py b/library/openshift_v1_build_list.py deleted file mode 100644 index ef61c355..00000000 --- a/library/openshift_v1_build_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_build_list -short_description: OpenShift BuildList -description: -- Retrieve a list of builds. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -build_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is a list of builds - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - spec is all the inputs used to execute the build. - type: complex - status: - description: - - status is the current status of the build. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata for BuildList. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('build_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_build_request.py b/library/openshift_v1_build_request.py deleted file mode 100644 index 0ac6eb6a..00000000 --- a/library/openshift_v1_build_request.py +++ /dev/null @@ -1,363 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_build_request -short_description: OpenShift BuildRequest -description: -- Manage the lifecycle of a build_request object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - binary_as_file: - description: - - asFile indicates that the provided binary input should be considered a single - file within the build input. For example, specifying "webapp.war" would place - the provided binary as `/webapp.war` for the builder. If left empty, the Docker - and Source build strategies assume this file is a zip, tar, or tar.gz file and - extract it as the source. The custom strategy receives this binary as standard - input. This filename may not contain slashes or be '..' or '.'. - aliases: - - as_file - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - docker_strategy_options_build_args: - description: - - Args contains any build arguments that are to be passed to Docker. See - aliases: - - build_args - type: list - docker_strategy_options_no_cache: - description: - - noCache overrides the docker-strategy noCache option in the build config - aliases: - - no_cache - type: bool - env: - description: - - env contains additional environment variables you want to pass into a builder - container. - type: list - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - from_api_version: - description: - - API version of the referent. - aliases: - - api_version - from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - from_kind: - description: - - Kind of the referent. - aliases: - - kind - from_name: - description: - - Name of the referent. - from_namespace: - description: - - Namespace of the referent. - from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - from_uid: - description: - - UID of the referent. - aliases: - - uid - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - last_version: - description: - - lastVersion (optional) is the LastVersion of the BuildConfig that was used to - generate the build. If the BuildConfig in the generator doesn't match, a build - will not be generated. - type: int - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - revision_git_author_email: - description: - - email of the source control user - aliases: - - email - revision_git_author_name: - description: - - name of the source control user - revision_git_commit: - description: - - commit is the commit hash identifying a specific commit - aliases: - - commit - revision_git_committer_email: - description: - - email of the source control user - revision_git_committer_name: - description: - - name of the source control user - revision_git_message: - description: - - message is the description of a specific commit - aliases: - - message - revision_type: - description: - - type of the build source, may be one of 'Source', 'Dockerfile', 'Binary', or - 'Images' - aliases: - - type - source_strategy_options_incremental: - description: - - incremental overrides the source-strategy incremental option in the build config - aliases: - - incremental - type: bool - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - triggered_by: - description: - - triggeredBy describes which triggers started the most recent update to the build - configuration and contains information about those triggers. - type: list - triggered_by_image_api_version: - description: - - API version of the referent. - triggered_by_image_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - triggered_by_image_kind: - description: - - Kind of the referent. - triggered_by_image_name: - description: - - Name of the referent. - triggered_by_image_namespace: - description: - - Namespace of the referent. - triggered_by_image_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - triggered_by_image_uid: - description: - - UID of the referent. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -build_request: - type: complex - returned: on success - contains: - from: - description: - - from is the reference to the ImageStreamTag that triggered the build. - type: complex - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - binary: - description: - - binary indicates a request to build from a binary provided to the builder - type: complex - docker_strategy_options: - description: - - DockerStrategyOptions contains additional docker-strategy specific options - for the build - type: complex - env: - description: - - env contains additional environment variables you want to pass into a builder - container. - type: list - contains: - name: - description: - - Name of the environment variable. Must be a C_IDENTIFIER. - type: str - value: - description: - - 'Variable references $(VAR_NAME) are expanded using the previous defined - environment variables in the container and any service environment variables. - If a variable cannot be resolved, the reference in the input string will - be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, - ie: $$(VAR_NAME). Escaped references will never be expanded, regardless - of whether the variable exists or not. Defaults to "".' - type: str - value_from: - description: - - Source for the environment variable's value. Cannot be used if value is - not empty. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - last_version: - description: - - lastVersion (optional) is the LastVersion of the BuildConfig that was used - to generate the build. If the BuildConfig in the generator doesn't match, - a build will not be generated. - type: int - metadata: - description: - - metadata for BuildRequest. - type: complex - revision: - description: - - revision is the information from the source for a specific repo snapshot. - type: complex - source_strategy_options: - description: - - SourceStrategyOptions contains additional source-strategy specific options - for the build - type: complex - triggered_by: - description: - - triggeredBy describes which triggers started the most recent update to the - build configuration and contains information about those triggers. - type: list - contains: - bitbucket_web_hook: - description: - - BitbucketWebHook represents data for a Bitbucket webhook that fired a - specific build. - type: complex - generic_web_hook: - description: - - genericWebHook holds data about a builds generic webhook trigger. - type: complex - github_web_hook: - description: - - gitHubWebHook represents data for a GitHub webhook that fired a specific - build. - type: complex - gitlab_web_hook: - description: - - GitLabWebHook represents data for a GitLab webhook that fired a specific - build. - type: complex - image_change_build: - description: - - imageChangeBuild stores information about an imagechange event that triggered - a new build. - type: complex - message: - description: - - 'message is used to store a human readable message for why the build was - triggered. E.g.: "Manually triggered by user", "Configuration change",etc.' - type: str - triggered_by_image: - description: - - triggeredByImage is the Image that triggered this build. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('build_request', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_network.py b/library/openshift_v1_cluster_network.py deleted file mode 100644 index b98429f4..00000000 --- a/library/openshift_v1_cluster_network.py +++ /dev/null @@ -1,214 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_network -short_description: OpenShift ClusterNetwork -description: -- Manage the lifecycle of a cluster_network object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - cluster_networks: - description: - - ClusterNetworks is a list of ClusterNetwork objects that defines the global - overlay network's L3 space by specifying a set of CIDR and netmasks that the - SDN can allocate addressed from. - type: list - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - hostsubnetlength: - description: - - HostSubnetLength is the number of bits of network to allocate to each node. - eg, 8 would mean that each node would have a /24 slice of the overlay network - for its pods - type: int - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - network: - description: - - Network is a CIDR string specifying the global overlay network's L3 space - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - plugin_name: - description: - - PluginName is the name of the network plugin being used - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - service_network: - description: - - ServiceNetwork is the CIDR range that Service IP addresses are allocated from - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_network: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - cluster_networks: - description: - - ClusterNetworks is a list of ClusterNetwork objects that defines the global - overlay network's L3 space by specifying a set of CIDR and netmasks that the - SDN can allocate addressed from. - type: list - contains: - cidr: - description: - - CIDR defines the total range of a cluster networks address space. - type: str - host_subnet_length: - description: - - HostSubnetLength is the number of bits of the accompanying CIDR address - to allocate to each node. eg, 8 would mean that each node would have a - /24 slice of the overlay network for its pods. - type: int - hostsubnetlength: - description: - - HostSubnetLength is the number of bits of network to allocate to each node. - eg, 8 would mean that each node would have a /24 slice of the overlay network - for its pods - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - network: - description: - - Network is a CIDR string specifying the global overlay network's L3 space - type: str - plugin_name: - description: - - PluginName is the name of the network plugin being used - type: str - service_network: - description: - - ServiceNetwork is the CIDR range that Service IP addresses are allocated from - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_network', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_network_list.py b/library/openshift_v1_cluster_network_list.py deleted file mode 100644 index 52edabec..00000000 --- a/library/openshift_v1_cluster_network_list.py +++ /dev/null @@ -1,193 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_network_list -short_description: OpenShift ClusterNetworkList -description: -- Retrieve a list of cluster_networks. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_network_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of cluster networks - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - cluster_networks: - description: - - ClusterNetworks is a list of ClusterNetwork objects that defines the global - overlay network's L3 space by specifying a set of CIDR and netmasks that - the SDN can allocate addressed from. - type: list - contains: - cidr: - description: - - CIDR defines the total range of a cluster networks address space. - type: str - host_subnet_length: - description: - - HostSubnetLength is the number of bits of the accompanying CIDR address - to allocate to each node. eg, 8 would mean that each node would have - a /24 slice of the overlay network for its pods. - type: int - hostsubnetlength: - description: - - HostSubnetLength is the number of bits of network to allocate to each - node. eg, 8 would mean that each node would have a /24 slice of the overlay - network for its pods - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - network: - description: - - Network is a CIDR string specifying the global overlay network's L3 space - type: str - plugin_name: - description: - - PluginName is the name of the network plugin being used - type: str - service_network: - description: - - ServiceNetwork is the CIDR range that Service IP addresses are allocated - from - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_network_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_resource_quota.py b/library/openshift_v1_cluster_resource_quota.py deleted file mode 100644 index 2a86339b..00000000 --- a/library/openshift_v1_cluster_resource_quota.py +++ /dev/null @@ -1,201 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_resource_quota -short_description: OpenShift ClusterResourceQuota -description: -- Manage the lifecycle of a cluster_resource_quota object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_quota_hard: - description: - - Hard is the set of desired hard limits for each named resource. - aliases: - - quota_hard - type: dict - spec_quota_scopes: - description: - - A collection of filters that must match each object tracked by a quota. If not - specified, the quota matches all objects. - aliases: - - quota_scopes - type: list - spec_selector_annotations: - description: - - AnnotationSelector is used to select projects by annotation. - aliases: - - selector_annotations - type: dict - spec_selector_labels_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_labels_match_expressions - type: list - spec_selector_labels_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_labels_match_labels - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_resource_quota: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired quota - type: complex - status: - description: - - Status defines the actual enforced quota and its current usage - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_resource_quota', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_resource_quota_list.py b/library/openshift_v1_cluster_resource_quota_list.py deleted file mode 100644 index 19271697..00000000 --- a/library/openshift_v1_cluster_resource_quota_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_resource_quota_list -short_description: OpenShift ClusterResourceQuotaList -description: -- Retrieve a list of cluster_resource_quotas. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_resource_quota_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterResourceQuotas - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the desired quota - type: complex - status: - description: - - Status defines the actual enforced quota and its current usage - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_resource_quota_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_role.py b/library/openshift_v1_cluster_role.py deleted file mode 100644 index e0aeb67e..00000000 --- a/library/openshift_v1_cluster_role.py +++ /dev/null @@ -1,222 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_role -short_description: OpenShift ClusterRole -description: -- Manage the lifecycle of a cluster_role object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - aggregation_rule_cluster_role_selectors: - description: - - ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles - and create the rules. If any of the selectors match, then the ClusterRole's - permissions will be added - aliases: - - cluster_role_selectors - type: list - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role: - type: complex - returned: when I(state) = C(present) - contains: - aggregation_rule: - description: - - AggregationRule is an optional field that describes how to build the Rules - for this ClusterRole. If AggregationRule is set, then the Rules are controller - managed and direct changes to Rules will be stomped by the controller. - type: complex - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - this field is empty, then both kubernetes and origin API groups are assumed. - That means that if an action is requested against one of the enumerated - resources in either the kubernetes or the origin API group, the request - will be allowed - type: list - contains: str - attribute_restrictions: - description: - - AttributeRestrictions will vary depending on what the Authorizer/AuthorizationAttributeBuilder - pair supports. If the Authorizer does not recognize how to handle the - AttributeRestrictions, the Authorizer should report an error. - type: complex - non_resource_ur_ls: - description: - - NonResourceURLsSlice is a set of partial urls that a user should have - access to. *s are allowed, but only as the full, final step in the path - This name is intentionally different than the internal type so that the - DefaultConvert works nicely and because the ordering may be different. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_role', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_role_binding.py b/library/openshift_v1_cluster_role_binding.py deleted file mode 100644 index 511e340f..00000000 --- a/library/openshift_v1_cluster_role_binding.py +++ /dev/null @@ -1,281 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_role_binding -short_description: OpenShift ClusterRoleBinding -description: -- Manage the lifecycle of a cluster_role_binding object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - group_names: - description: - - GroupNames holds all the groups directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects for - further details. - type: list - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_version: - description: - - API version of the referent. - aliases: - - api_version - role_ref_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - role_ref_kind: - description: - - Kind of the referent. - aliases: - - kind - role_ref_name: - description: - - Name of the referent. - role_ref_namespace: - description: - - Namespace of the referent. - role_ref_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - role_ref_uid: - description: - - UID of the referent. - aliases: - - uid - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects hold object references to authorize with this rule. This field is ignored - if UserNames or GroupNames are specified to support legacy clients and servers. - Thus newer clients that do not need to support backwards compatibility should - send only fully qualified Subjects and should omit the UserNames and GroupNames - fields. Clients that need to support backwards compatibility can use this field - to build the UserNames and GroupNames. - type: list - user_names: - description: - - UserNames holds all the usernames directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects for - further details. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - group_names: - description: - - GroupNames holds all the groups directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects - for further details. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference the current namespace and the global namespace. - If the ClusterRoleRef cannot be resolved, the Authorizer must return an error. - Since Policy is a singleton, this is sufficient knowledge to locate a role. - type: complex - subjects: - description: - - Subjects hold object references to authorize with this rule. This field is - ignored if UserNames or GroupNames are specified to support legacy clients - and servers. Thus newer clients that do not need to support backwards compatibility - should send only fully qualified Subjects and should omit the UserNames and - GroupNames fields. Clients that need to support backwards compatibility can - use this field to build the UserNames and GroupNames. - type: list - contains: - api_version: - description: - - API version of the referent. - type: str - field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this - string should contain a valid JSON/Go field access statement, such as - desiredState.manifest.containers[2]. For example, if the object reference - is to a container within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered the event) - or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object.' - type: str - kind: - description: - - Kind of the referent. - type: str - name: - description: - - Name of the referent. - type: str - namespace: - description: - - Namespace of the referent. - type: str - resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - type: str - uid: - description: - - UID of the referent. - type: str - user_names: - description: - - UserNames holds all the usernames directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects - for further details. - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_role_binding', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_role_binding_list.py b/library/openshift_v1_cluster_role_binding_list.py deleted file mode 100644 index bdf0ee23..00000000 --- a/library/openshift_v1_cluster_role_binding_list.py +++ /dev/null @@ -1,224 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_role_binding_list -short_description: OpenShift ClusterRoleBindingList -description: -- Retrieve a list of cluster_role_bindings. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - group_names: - description: - - GroupNames holds all the groups directly bound to the role. This field - should only be specified when supporting legacy clients and servers. See - Subjects for further details. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference the current namespace and the global namespace. - If the ClusterRoleRef cannot be resolved, the Authorizer must return an - error. Since Policy is a singleton, this is sufficient knowledge to locate - a role. - type: complex - subjects: - description: - - Subjects hold object references to authorize with this rule. This field - is ignored if UserNames or GroupNames are specified to support legacy - clients and servers. Thus newer clients that do not need to support backwards - compatibility should send only fully qualified Subjects and should omit - the UserNames and GroupNames fields. Clients that need to support backwards - compatibility can use this field to build the UserNames and GroupNames. - type: list - contains: - api_version: - description: - - API version of the referent. - type: str - field_path: - description: - - 'If referring to a piece of an object instead of an entire object, - this string should contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For example, if the object - reference is to a container within a pod, this would take on a value - like: "spec.containers{name}" (where "name" refers to the name of - the container that triggered the event) or if no container name is - specified "spec.containers[2]" (container with index 2 in this pod). - This syntax is chosen only to have some well-defined way of referencing - a part of an object.' - type: str - kind: - description: - - Kind of the referent. - type: str - name: - description: - - Name of the referent. - type: str - namespace: - description: - - Namespace of the referent. - type: str - resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - type: str - uid: - description: - - UID of the referent. - type: str - user_names: - description: - - UserNames holds all the usernames directly bound to the role. This field - should only be specified when supporting legacy clients and servers. See - Subjects for further details. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_role_binding_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_cluster_role_list.py b/library/openshift_v1_cluster_role_list.py deleted file mode 100644 index 882493fc..00000000 --- a/library/openshift_v1_cluster_role_list.py +++ /dev/null @@ -1,210 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_cluster_role_list -short_description: OpenShift ClusterRoleList -description: -- Retrieve a list of cluster_roles. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -cluster_role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of ClusterRoles - type: list - contains: - aggregation_rule: - description: - - AggregationRule is an optional field that describes how to build the Rules - for this ClusterRole. If AggregationRule is set, then the Rules are controller - managed and direct changes to Rules will be stomped by the controller. - type: complex - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this ClusterRole - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If this field is empty, then both kubernetes and origin API groups - are assumed. That means that if an action is requested against one - of the enumerated resources in either the kubernetes or the origin - API group, the request will be allowed - type: list - contains: str - attribute_restrictions: - description: - - AttributeRestrictions will vary depending on what the Authorizer/AuthorizationAttributeBuilder - pair supports. If the Authorizer does not recognize how to handle - the AttributeRestrictions, the Authorizer should report an error. - type: complex - non_resource_ur_ls: - description: - - NonResourceURLsSlice is a set of partial urls that a user should have - access to. *s are allowed, but only as the full, final step in the - path This name is intentionally different than the internal type so - that the DefaultConvert works nicely and because the ordering may - be different. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('cluster_role_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_controller_revision.py b/library/openshift_v1_controller_revision.py deleted file mode 100644 index 176c1891..00000000 --- a/library/openshift_v1_controller_revision.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_controller_revision -short_description: OpenShift ControllerRevision -description: -- Manage the lifecycle of a controller_revision object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - data_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - raw - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -controller_revision: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - data: - description: - - Data is the serialized representation of the state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('controller_revision', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_controller_revision_list.py b/library/openshift_v1_controller_revision_list.py deleted file mode 100644 index 637b0748..00000000 --- a/library/openshift_v1_controller_revision_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_controller_revision_list -short_description: OpenShift ControllerRevisionList -description: -- Retrieve a list of controller_revisions. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -controller_revision_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of ControllerRevisions - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - data: - description: - - Data is the serialized representation of the state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - revision: - description: - - Revision indicates the revision of the state represented by Data. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - '' - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('controller_revision_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_daemon_set.py b/library/openshift_v1_daemon_set.py deleted file mode 100644 index 2b8c3e51..00000000 --- a/library/openshift_v1_daemon_set.py +++ /dev/null @@ -1,542 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_daemon_set -short_description: OpenShift DaemonSet -description: -- Manage the lifecycle of a daemon_set object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - The minimum number of seconds for which a newly created DaemonSet pod should - be ready without any of its container crashing, for it to be considered available. - Defaults to 0 (pod will be considered available as soon as it is ready). - aliases: - - min_ready_seconds - type: int - spec_revision_history_limit: - description: - - The number of old history to retain to allow rollback. This is a pointer to - distinguish between explicit zero and not specified. Defaults to 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_update_strategy_rolling_update_max_unavailable: - description: - - 'The maximum number of DaemonSet pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet - pods at the start of the update (ex: 10%). Absolute number is calculated from - percentage by rounding up. This cannot be 0. Default value is 1. Example: when - this is set to 30%, at most 30% of the total number of nodes that should be - running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods - stopped for an update at any given time. The update starts by stopping at most - 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. - Once the new pods are available, it then proceeds onto other DaemonSet pods, - thus ensuring that at least 70% of original number of DaemonSet pods are available - at all times during the update.' - aliases: - - update_strategy_rolling_update_max_unavailable - type: object - spec_update_strategy_type: - description: - - Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is - RollingUpdate. - aliases: - - update_strategy_type - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -daemon_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - The desired behavior of this daemon set. - type: complex - status: - description: - - The current status of this daemon set. This data may be out of date by some - window of time. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('daemon_set', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_daemon_set_list.py b/library/openshift_v1_daemon_set_list.py deleted file mode 100644 index f453dddc..00000000 --- a/library/openshift_v1_daemon_set_list.py +++ /dev/null @@ -1,166 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_daemon_set_list -short_description: OpenShift DaemonSetList -description: -- Retrieve a list of daemon_sets. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -daemon_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - A list of daemon sets. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - The desired behavior of this daemon set. - type: complex - status: - description: - - The current status of this daemon set. This data may be out of date by - some window of time. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('daemon_set_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_deployment.py b/library/openshift_v1_deployment.py deleted file mode 100644 index 22d2da00..00000000 --- a/library/openshift_v1_deployment.py +++ /dev/null @@ -1,606 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_deployment -short_description: OpenShift Deployment -description: -- Manage the lifecycle of a deployment object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_paused: - description: - - Indicates that the deployment is paused. - aliases: - - paused - type: bool - spec_progress_deadline_seconds: - description: - - The maximum time in seconds for a deployment to make progress before it is considered - to be failed. The deployment controller will continue to process failed deployments - and a condition with a ProgressDeadlineExceeded reason will be surfaced in the - deployment status. Note that progress will not be estimated during the time - a deployment is paused. Defaults to 600s. - aliases: - - progress_deadline_seconds - type: int - spec_replicas: - description: - - Number of desired pods. This is a pointer to distinguish between explicit zero - and not specified. Defaults to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - The number of old ReplicaSets to retain to allow rollback. This is a pointer - to distinguish between explicit zero and not specified. Defaults to 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_strategy_active_deadline_seconds: - description: - - ActiveDeadlineSeconds is the duration in seconds that the deployer pods for - this deployment config may be active on a node before the system actively tries - to terminate them. - aliases: - - strategy_active_deadline_seconds - type: int - spec_strategy_annotations: - description: - - Annotations is a set of key, value pairs added to custom deployer and lifecycle - pre/post hook pods. - aliases: - - strategy_annotations - type: dict - spec_strategy_custom_params: - description: - - When C(spec_strategy_type) is I(Custom), provide a mapping of 'key:value' settings. - aliases: - - strategy_custom_params - type: dict - spec_strategy_labels: - description: - - Labels is a set of key, value pairs added to custom deployer and lifecycle pre/post - hook pods. - aliases: - - strategy_labels - type: dict - spec_strategy_recreate_params: - description: - - When C(spec_strategy_type) is I(Recreate), provide a mapping of 'key:value' - settings. - aliases: - - strategy_recreate_params - type: dict - spec_strategy_resources_limits: - description: - - Limits describes the maximum amount of compute resources allowed. - aliases: - - strategy_resources_limits - type: dict - spec_strategy_resources_requests: - description: - - Requests describes the minimum amount of compute resources required. If Requests - is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. - aliases: - - strategy_resources_requests - type: dict - spec_strategy_rolling_params: - description: - - When C(spec_strategy_type) is I(Rolling), provide a mapping of 'key:value' settings. - aliases: - - strategy_rolling_params - type: dict - spec_strategy_type: - description: - - Type is the name of a deployment strategy. - choices: - - Rolling - - Custom - - Recreate - aliases: - - strategy_type - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('deployment', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_deployment_config.py b/library/openshift_v1_deployment_config.py deleted file mode 100644 index 5ad45ab4..00000000 --- a/library/openshift_v1_deployment_config.py +++ /dev/null @@ -1,687 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_deployment_config -short_description: OpenShift DeploymentConfig -description: -- Manage the lifecycle of a deployment_config object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - MinReadySeconds is the minimum number of seconds for which a newly created pod - should be ready without any of its container crashing, for it to be considered - available. Defaults to 0 (pod will be considered available as soon as it is - ready) - aliases: - - min_ready_seconds - type: int - spec_paused: - description: - - Paused indicates that the deployment config is paused resulting in no new deployments - on template changes or changes in the template caused by other triggers. - aliases: - - paused - type: bool - spec_replicas: - description: - - Replicas is the number of desired replicas. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - RevisionHistoryLimit is the number of old ReplicationControllers to retain to - allow for rollbacks. This field is a pointer to allow for differentiation between - an explicit zero and not specified. Defaults to 10. (This only applies to DeploymentConfigs - created via the new group API resource, not the legacy resource.) - aliases: - - revision_history_limit - type: int - spec_selector: - description: - - Selector is a label query over pods that should match the Replicas count. - aliases: - - selector - type: dict - spec_strategy_active_deadline_seconds: - description: - - ActiveDeadlineSeconds is the duration in seconds that the deployer pods for - this deployment config may be active on a node before the system actively tries - to terminate them. - aliases: - - strategy_active_deadline_seconds - type: int - spec_strategy_annotations: - description: - - Annotations is a set of key, value pairs added to custom deployer and lifecycle - pre/post hook pods. - aliases: - - strategy_annotations - type: dict - spec_strategy_custom_params: - description: - - When C(spec_strategy_type) is I(Custom), provide a mapping of 'key:value' settings. - aliases: - - strategy_custom_params - type: dict - spec_strategy_labels: - description: - - Labels is a set of key, value pairs added to custom deployer and lifecycle pre/post - hook pods. - aliases: - - strategy_labels - type: dict - spec_strategy_recreate_params: - description: - - When C(spec_strategy_type) is I(Recreate), provide a mapping of 'key:value' - settings. - aliases: - - strategy_recreate_params - type: dict - spec_strategy_resources_limits: - description: - - Limits describes the maximum amount of compute resources allowed. - aliases: - - strategy_resources_limits - type: dict - spec_strategy_resources_requests: - description: - - Requests describes the minimum amount of compute resources required. If Requests - is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. - aliases: - - strategy_resources_requests - type: dict - spec_strategy_rolling_params: - description: - - When C(spec_strategy_type) is I(Rolling), provide a mapping of 'key:value' settings. - aliases: - - strategy_rolling_params - type: dict - spec_strategy_type: - description: - - Type is the name of a deployment strategy. - choices: - - Rolling - - Custom - - Recreate - aliases: - - strategy_type - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_test: - description: - - Test ensures that this deployment config will have zero replicas except while - a deployment is running. This allows the deployment config to be used as a continuous - deployment test - triggering on images, running the deployment, and then succeeding - or failing. Post strategy hooks and After actions can be used to integrate successful - deployment with an action. - aliases: - - test - type: bool - spec_triggers: - description: - - Triggers determine how updates to a DeploymentConfig result in new deployments. - If no triggers are defined, a new deployment can only occur as a result of an - explicit client update to the DeploymentConfig with a new LatestVersion. If - null, defaults to having a config change trigger. - aliases: - - triggers - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -- name: Create deployment config - openshift_v1_deployment_config.yml: - name: frontend - namespace: k8s-project - state: present - spec_template_metadata_labels: - name: frontend - containers: - - name: helloworld - image: openshift/origin-ruby-sample - ports: - - container_port: 8080 - protocol: TCP - name: http-port - replicas: 5 - selector: - name: frontend - triggers: - - type: ConfigChange - - type: ImageChange - image_change_params: - automatic: true - container_names: - - helloworld - _from: - kind: ImageStreamTag - name: origin-ruby-sample:latest - strategy_type: Rolling - -- name: Patch deployment config - openshift_v1_deployment_config.yml: - name: frontend - namespace: k8s-project - state: present - spec_template_metadata_labels: - name: frontend - containers: - - name: helloworld - image: openshift/origin-ruby-sample:v1.0 - ports: - - container_port: 9000 - protocol: UDP - name: udp-port - replicas: 3 - -- name: Replace deployment config - openshift_v1_deployment_config.yml: - name: frontend - namespace: k8s-project - state: replaced - spec_template_metadata_labels: - name: frontend_app - containers: - - name: helloworld - image: openshift/origin-ruby-sample:v2 - ports: - - container_port: 8888 - protocol: TCP - name: http-port - replicas: 2 - selector: - name: frontend_app - triggers: - - type: ConfigChange - - type: ImageChange - image_change_params: - automatic: true - container_names: - - helloworld - _from: - kind: ImageStreamTag - name: origin-ruby-sample:v2 - strategy_type: Rolling - -- name: Remove deployment config - openshift_v1_deployment_config.yml: - name: frontend - namespace: k8s-project - state: absent -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_config: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec represents a desired deployment state and how to deploy to it. - type: complex - status: - description: - - Status represents the current deployment state. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('deployment_config', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_deployment_config_list.py b/library/openshift_v1_deployment_config_list.py deleted file mode 100644 index 8d0db2e6..00000000 --- a/library/openshift_v1_deployment_config_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_deployment_config_list -short_description: OpenShift DeploymentConfigList -description: -- Retrieve a list of deployment_configs. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_config_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of deployment configs - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec represents a desired deployment state and how to deploy to it. - type: complex - status: - description: - - Status represents the current deployment state. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('deployment_config_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_deployment_config_rollback.py b/library/openshift_v1_deployment_config_rollback.py deleted file mode 100644 index 2d1d6c4e..00000000 --- a/library/openshift_v1_deployment_config_rollback.py +++ /dev/null @@ -1,200 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_deployment_config_rollback -short_description: OpenShift DeploymentConfigRollback -description: -- Manage the lifecycle of a deployment_config_rollback object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - name: - description: - - Name of the deployment config that will be rolled back. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_from_api_version: - description: - - API version of the referent. - aliases: - - from_api_version - spec_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - from_field_path - spec_from_kind: - description: - - Kind of the referent. - aliases: - - from_kind - spec_from_name: - description: - - Name of the referent. - aliases: - - from_name - spec_from_namespace: - description: - - Namespace of the referent. - aliases: - - from_namespace - spec_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - from_resource_version - spec_from_uid: - description: - - UID of the referent. - aliases: - - from_uid - spec_include_replication_meta: - description: - - IncludeReplicationMeta specifies whether to include the replica count and selector. - aliases: - - include_replication_meta - type: bool - spec_include_strategy: - description: - - IncludeStrategy specifies whether to include the deployment Strategy. - aliases: - - include_strategy - type: bool - spec_include_template: - description: - - IncludeTemplate specifies whether to include the PodTemplateSpec. - aliases: - - include_template - type: bool - spec_include_triggers: - description: - - IncludeTriggers specifies whether to include config Triggers. - aliases: - - include_triggers - type: bool - spec_revision: - description: - - Revision to rollback to. If set to 0, rollback to the last revision. - aliases: - - revision - type: int - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - updated_annotations: - description: - - UpdatedAnnotations is a set of new annotations that will be added in the deployment - config. - type: dict - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_config_rollback: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - name: - description: - - Name of the deployment config that will be rolled back. - type: str - spec: - description: - - Spec defines the options to rollback generation. - type: complex - updated_annotations: - description: - - UpdatedAnnotations is a set of new annotations that will be added in the deployment - config. - type: complex - contains: str, str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('deployment_config_rollback', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_deployment_list.py b/library/openshift_v1_deployment_list.py deleted file mode 100644 index efcd8ce7..00000000 --- a/library/openshift_v1_deployment_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_deployment_list -short_description: OpenShift DeploymentList -description: -- Retrieve a list of deployments. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -deployment_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of Deployments. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - Specification of the desired behavior of the Deployment. - type: complex - status: - description: - - Most recently observed status of the Deployment. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('deployment_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_egress_network_policy.py b/library/openshift_v1_egress_network_policy.py deleted file mode 100644 index 7bbc6ccf..00000000 --- a/library/openshift_v1_egress_network_policy.py +++ /dev/null @@ -1,168 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_egress_network_policy -short_description: OpenShift EgressNetworkPolicy -description: -- Manage the lifecycle of a egress_network_policy object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_egress: - description: - - egress contains the list of egress policy rules - aliases: - - egress - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -egress_network_policy: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata for EgressNetworkPolicy - type: complex - spec: - description: - - spec is the specification of the current egress network policy - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('egress_network_policy', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_egress_network_policy_list.py b/library/openshift_v1_egress_network_policy_list.py deleted file mode 100644 index a10cd014..00000000 --- a/library/openshift_v1_egress_network_policy_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_egress_network_policy_list -short_description: OpenShift EgressNetworkPolicyList -description: -- Retrieve a list of egress_network_policys. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -egress_network_policy_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is the list of policies - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - metadata for EgressNetworkPolicy - type: complex - spec: - description: - - spec is the specification of the current egress network policy - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - metadata for EgressNetworkPolicyList - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('egress_network_policy_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_group.py b/library/openshift_v1_group.py deleted file mode 100644 index 4f9cfa00..00000000 --- a/library/openshift_v1_group.py +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_group -short_description: OpenShift Group -description: -- Manage the lifecycle of a group object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - users: - description: - - Users is the list of users in this group. - type: list - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -group: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - users: - description: - - Users is the list of users in this group. - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('group', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_group_list.py b/library/openshift_v1_group_list.py deleted file mode 100644 index 9d93bc35..00000000 --- a/library/openshift_v1_group_list.py +++ /dev/null @@ -1,162 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_group_list -short_description: OpenShift GroupList -description: -- Retrieve a list of groups. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -group_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of groups - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - users: - description: - - Users is the list of users in this group. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('group_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_host_subnet.py b/library/openshift_v1_host_subnet.py deleted file mode 100644 index b600f4f0..00000000 --- a/library/openshift_v1_host_subnet.py +++ /dev/null @@ -1,193 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_host_subnet -short_description: OpenShift HostSubnet -description: -- Manage the lifecycle of a host_subnet object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - egress_i_ps: - description: - - EgressIPs is the list of automatic egress IP addresses currently hosted by this - node - type: list - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Host is the name of the node. (This is the same as the object's name, but both - fields must be set.) - host_ip: - description: - - HostIP is the IP address to be used as a VTEP by other nodes in the overlay - network - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subnet: - description: - - Subnet is the CIDR range of the overlay network assigned to the node for its - pods - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -host_subnet: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - egress_i_ps: - description: - - EgressIPs is the list of automatic egress IP addresses currently hosted by - this node - type: list - contains: str - host: - description: - - Host is the name of the node. (This is the same as the object's name, but - both fields must be set.) - type: str - host_ip: - description: - - HostIP is the IP address to be used as a VTEP by other nodes in the overlay - network - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - subnet: - description: - - Subnet is the CIDR range of the overlay network assigned to the node for its - pods - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('host_subnet', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_host_subnet_list.py b/library/openshift_v1_host_subnet_list.py deleted file mode 100644 index 12ff372f..00000000 --- a/library/openshift_v1_host_subnet_list.py +++ /dev/null @@ -1,178 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_host_subnet_list -short_description: OpenShift HostSubnetList -description: -- Retrieve a list of host_subnets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -host_subnet_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of host subnets - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - egress_i_ps: - description: - - EgressIPs is the list of automatic egress IP addresses currently hosted - by this node - type: list - contains: str - host: - description: - - Host is the name of the node. (This is the same as the object's name, - but both fields must be set.) - type: str - host_ip: - description: - - HostIP is the IP address to be used as a VTEP by other nodes in the overlay - network - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - subnet: - description: - - Subnet is the CIDR range of the overlay network assigned to the node for - its pods - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('host_subnet_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_identity.py b/library/openshift_v1_identity.py deleted file mode 100644 index 397e8b6d..00000000 --- a/library/openshift_v1_identity.py +++ /dev/null @@ -1,223 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_identity -short_description: OpenShift Identity -description: -- Manage the lifecycle of a identity object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - extra: - description: - - Extra holds extra information about this identity - type: dict - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - provider_name: - description: - - ProviderName is the source of identity information - provider_user_name: - description: - - ProviderUserName uniquely represents this identity in the scope of the provider - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - user_api_version: - description: - - API version of the referent. - aliases: - - api_version - user_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - user_kind: - description: - - Kind of the referent. - aliases: - - kind - user_name: - description: - - Name of the referent. - user_namespace: - description: - - Namespace of the referent. - user_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - user_uid: - description: - - UID of the referent. - aliases: - - uid - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -identity: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - extra: - description: - - Extra holds extra information about this identity - type: complex - contains: str, str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - provider_name: - description: - - ProviderName is the source of identity information - type: str - provider_user_name: - description: - - ProviderUserName uniquely represents this identity in the scope of the provider - type: str - user: - description: - - User is a reference to the user this identity is associated with Both Name - and UID must be set - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('identity', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_identity_list.py b/library/openshift_v1_identity_list.py deleted file mode 100644 index 14d3bb2b..00000000 --- a/library/openshift_v1_identity_list.py +++ /dev/null @@ -1,176 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_identity_list -short_description: OpenShift IdentityList -description: -- Retrieve a list of identitys. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -identity_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of identities - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - extra: - description: - - Extra holds extra information about this identity - type: complex - contains: str, str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - provider_name: - description: - - ProviderName is the source of identity information - type: str - provider_user_name: - description: - - ProviderUserName uniquely represents this identity in the scope of the - provider - type: str - user: - description: - - User is a reference to the user this identity is associated with Both - Name and UID must be set - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('identity_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image.py b/library/openshift_v1_image.py deleted file mode 100644 index cd8fd79e..00000000 --- a/library/openshift_v1_image.py +++ /dev/null @@ -1,332 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image -short_description: OpenShift Image -description: -- Manage the lifecycle of a image object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - docker_image_config: - description: - - DockerImageConfig is a JSON blob that the runtime uses to set up the container. - This is a part of manifest schema v2. - docker_image_layers: - description: - - DockerImageLayers represents the layers in the image. May not be set if the - image does not define that data. - type: list - docker_image_manifest: - description: - - DockerImageManifest is the raw JSON of the manifest - docker_image_manifest_media_type: - description: - - DockerImageManifestMediaType specifies the mediaType of manifest. This is a - part of manifest schema v2. - docker_image_metadata_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - raw - docker_image_metadata_version: - description: - - DockerImageMetadataVersion conveys the version of the object, which if empty - defaults to "1.0" - docker_image_reference: - description: - - DockerImageReference is the string that can be used to pull this image. - docker_image_signatures: - description: - - DockerImageSignatures provides the signatures as opaque blobs. This is a part - of manifest schema v1. - type: list - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - signatures: - description: - - Signatures holds all signatures of the image. - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - docker_image_config: - description: - - DockerImageConfig is a JSON blob that the runtime uses to set up the container. - This is a part of manifest schema v2. - type: str - docker_image_layers: - description: - - DockerImageLayers represents the layers in the image. May not be set if the - image does not define that data. - type: list - contains: - media_type: - description: - - MediaType of the referenced object. - type: str - name: - description: - - Name of the layer as defined by the underlying store. - type: str - size: - description: - - Size of the layer in bytes as defined by the underlying store. - type: int - docker_image_manifest: - description: - - DockerImageManifest is the raw JSON of the manifest - type: str - docker_image_manifest_media_type: - description: - - DockerImageManifestMediaType specifies the mediaType of manifest. This is - a part of manifest schema v2. - type: str - docker_image_metadata: - description: - - DockerImageMetadata contains metadata about this image - type: complex - docker_image_metadata_version: - description: - - DockerImageMetadataVersion conveys the version of the object, which if empty - defaults to "1.0" - type: str - docker_image_reference: - description: - - DockerImageReference is the string that can be used to pull this image. - type: str - docker_image_signatures: - description: - - DockerImageSignatures provides the signatures as opaque blobs. This is a part - of manifest schema v1. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - signatures: - description: - - Signatures holds all signatures of the image. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - conditions: - description: - - Conditions represent the latest available observations of a signature's - current state. - type: list - contains: - last_probe_time: - description: - - Last time the condition was checked. - type: complex - contains: {} - last_transition_time: - description: - - Last time the condition transit from one status to another. - type: complex - contains: {} - message: - description: - - Human readable message indicating details about last transition. - type: str - reason: - description: - - (brief) reason for the condition's last transition. - type: str - status: - description: - - Status of the condition, one of True, False, Unknown. - type: str - type: - description: - - Type of signature condition, Complete or Failed. - type: str - content: - description: - - "Required: An opaque binary string which is an image's signature." - type: str - created: - description: - - If specified, it is the time of signature's creation. - type: complex - contains: {} - image_identity: - description: - - A human readable string representing image's identity. It could be a product - name and version, or an image pull spec (e.g. "registry.access.redhat.com/rhel7/rhel:7.2"). - type: str - issued_by: - description: - - If specified, it holds information about an issuer of signing certificate - or key (a person or entity who signed the signing certificate or key). - type: complex - issued_to: - description: - - If specified, it holds information about a subject of signing certificate - or key (a person or entity who signed the image). - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - signed_claims: - description: - - Contains claims from the signature. - type: complex - contains: str, str - type: - description: - - 'Required: Describes a type of stored blob.' - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_list.py b/library/openshift_v1_image_list.py deleted file mode 100644 index d90f486e..00000000 --- a/library/openshift_v1_image_list.py +++ /dev/null @@ -1,294 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_list -short_description: OpenShift ImageList -description: -- Retrieve a list of images. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of images - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - docker_image_config: - description: - - DockerImageConfig is a JSON blob that the runtime uses to set up the container. - This is a part of manifest schema v2. - type: str - docker_image_layers: - description: - - DockerImageLayers represents the layers in the image. May not be set if - the image does not define that data. - type: list - contains: - media_type: - description: - - MediaType of the referenced object. - type: str - name: - description: - - Name of the layer as defined by the underlying store. - type: str - size: - description: - - Size of the layer in bytes as defined by the underlying store. - type: int - docker_image_manifest: - description: - - DockerImageManifest is the raw JSON of the manifest - type: str - docker_image_manifest_media_type: - description: - - DockerImageManifestMediaType specifies the mediaType of manifest. This - is a part of manifest schema v2. - type: str - docker_image_metadata: - description: - - DockerImageMetadata contains metadata about this image - type: complex - docker_image_metadata_version: - description: - - DockerImageMetadataVersion conveys the version of the object, which if - empty defaults to "1.0" - type: str - docker_image_reference: - description: - - DockerImageReference is the string that can be used to pull this image. - type: str - docker_image_signatures: - description: - - DockerImageSignatures provides the signatures as opaque blobs. This is - a part of manifest schema v1. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - signatures: - description: - - Signatures holds all signatures of the image. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of - an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. - type: str - conditions: - description: - - Conditions represent the latest available observations of a signature's - current state. - type: list - contains: - last_probe_time: - description: - - Last time the condition was checked. - type: complex - contains: {} - last_transition_time: - description: - - Last time the condition transit from one status to another. - type: complex - contains: {} - message: - description: - - Human readable message indicating details about last transition. - type: str - reason: - description: - - (brief) reason for the condition's last transition. - type: str - status: - description: - - Status of the condition, one of True, False, Unknown. - type: str - type: - description: - - Type of signature condition, Complete or Failed. - type: str - content: - description: - - "Required: An opaque binary string which is an image's signature." - type: str - created: - description: - - If specified, it is the time of signature's creation. - type: complex - contains: {} - image_identity: - description: - - A human readable string representing image's identity. It could be - a product name and version, or an image pull spec (e.g. "registry.access.redhat.com/rhel7/rhel:7.2"). - type: str - issued_by: - description: - - If specified, it holds information about an issuer of signing certificate - or key (a person or entity who signed the signing certificate or key). - type: complex - issued_to: - description: - - If specified, it holds information about a subject of signing certificate - or key (a person or entity who signed the image). - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object - represents. Servers may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - signed_claims: - description: - - Contains claims from the signature. - type: complex - contains: str, str - type: - description: - - 'Required: Describes a type of stored blob.' - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_signature.py b/library/openshift_v1_image_signature.py deleted file mode 100644 index 8d679239..00000000 --- a/library/openshift_v1_image_signature.py +++ /dev/null @@ -1,268 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_signature -short_description: OpenShift ImageSignature -description: -- Manage the lifecycle of a image_signature object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - conditions: - description: - - Conditions represent the latest available observations of a signature's current - state. - type: list - content: - description: - - "Required: An opaque binary string which is an image's signature." - context: - description: - - The name of a context found in the Kubernetes config file. - created: - description: - - If specified, it is the time of signature's creation. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - image_identity: - description: - - A human readable string representing image's identity. It could be a product - name and version, or an image pull spec (e.g. "registry.access.redhat.com/rhel7/rhel:7.2"). - issued_by_common_name: - description: - - Common name (e.g. openshift-signing-service). - aliases: - - common_name - issued_by_organization: - description: - - Organization name. - aliases: - - organization - issued_to_common_name: - description: - - Common name (e.g. openshift-signing-service). - issued_to_organization: - description: - - Organization name. - issued_to_public_key_id: - description: - - If present, it is a human readable key id of public key belonging to the subject - used to verify image signature. It should contain at least 64 lowest bits of - public key's fingerprint (e.g. 0x685ebe62bf278440). - aliases: - - public_key_id - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - signed_claims: - description: - - Contains claims from the signature. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - type: - description: - - 'Required: Describes a type of stored blob.' - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_signature: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - conditions: - description: - - Conditions represent the latest available observations of a signature's current - state. - type: list - contains: - last_probe_time: - description: - - Last time the condition was checked. - type: complex - contains: {} - last_transition_time: - description: - - Last time the condition transit from one status to another. - type: complex - contains: {} - message: - description: - - Human readable message indicating details about last transition. - type: str - reason: - description: - - (brief) reason for the condition's last transition. - type: str - status: - description: - - Status of the condition, one of True, False, Unknown. - type: str - type: - description: - - Type of signature condition, Complete or Failed. - type: str - content: - description: - - "Required: An opaque binary string which is an image's signature." - type: str - created: - description: - - If specified, it is the time of signature's creation. - type: complex - contains: {} - image_identity: - description: - - A human readable string representing image's identity. It could be a product - name and version, or an image pull spec (e.g. "registry.access.redhat.com/rhel7/rhel:7.2"). - type: str - issued_by: - description: - - If specified, it holds information about an issuer of signing certificate - or key (a person or entity who signed the signing certificate or key). - type: complex - issued_to: - description: - - If specified, it holds information about a subject of signing certificate - or key (a person or entity who signed the image). - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - signed_claims: - description: - - Contains claims from the signature. - type: complex - contains: str, str - type: - description: - - 'Required: Describes a type of stored blob.' - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_signature', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream.py b/library/openshift_v1_image_stream.py deleted file mode 100644 index 5b607cd8..00000000 --- a/library/openshift_v1_image_stream.py +++ /dev/null @@ -1,190 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream -short_description: OpenShift ImageStream -description: -- Manage the lifecycle of a image_stream object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_docker_image_repository: - description: - - 'dockerImageRepository is optional, if specified this stream is backed by a - Docker repository on this server Deprecated: This field is deprecated as of - v3.7 and will be removed in a future release. Specify the source for the tags - to be imported in each tag via the spec.tags.from reference instead.' - aliases: - - docker_image_repository - spec_lookup_policy_local: - description: - - local will change the docker short image references (like "mysql" or "php:latest") - on objects in this namespace to the image ID whenever they match this image - stream, instead of reaching out to a remote registry. The name will be fully - qualified to an image ID if found. The tag's referencePolicy is taken into account - on the replaced value. Only works within the current namespace. - aliases: - - lookup_policy_local - type: bool - spec_tags: - description: - - tags map arbitrary string values to specific image locators - aliases: - - tags - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec describes the desired state of this stream - type: complex - status: - description: - - Status describes the current state of this stream - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream_image.py b/library/openshift_v1_image_stream_image.py deleted file mode 100644 index 2c023559..00000000 --- a/library/openshift_v1_image_stream_image.py +++ /dev/null @@ -1,228 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream_image -short_description: OpenShift ImageStreamImage -description: -- Manage the lifecycle of a image_stream_image object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - image_api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - aliases: - - api_version - image_docker_image_config: - description: - - DockerImageConfig is a JSON blob that the runtime uses to set up the container. - This is a part of manifest schema v2. - aliases: - - docker_image_config - image_docker_image_layers: - description: - - DockerImageLayers represents the layers in the image. May not be set if the - image does not define that data. - aliases: - - docker_image_layers - type: list - image_docker_image_manifest: - description: - - DockerImageManifest is the raw JSON of the manifest - aliases: - - docker_image_manifest - image_docker_image_manifest_media_type: - description: - - DockerImageManifestMediaType specifies the mediaType of manifest. This is a - part of manifest schema v2. - aliases: - - docker_image_manifest_media_type - image_docker_image_metadata_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - image_docker_metadata_raw - image_docker_image_metadata_version: - description: - - DockerImageMetadataVersion conveys the version of the object, which if empty - defaults to "1.0" - aliases: - - docker_image_metadata_version - image_docker_image_reference: - description: - - DockerImageReference is the string that can be used to pull this image. - aliases: - - docker_image_reference - image_docker_image_signatures: - description: - - DockerImageSignatures provides the signatures as opaque blobs. This is a part - of manifest schema v1. - aliases: - - docker_image_signatures - type: list - image_kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - aliases: - - kind - image_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - image_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - image_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - image_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - image_signatures: - description: - - Signatures holds all signatures of the image. - aliases: - - signatures - type: list - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream_image: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - image: - description: - - Image associated with the ImageStream and image name. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream_image', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream_import.py b/library/openshift_v1_image_stream_import.py deleted file mode 100644 index 008d747f..00000000 --- a/library/openshift_v1_image_stream_import.py +++ /dev/null @@ -1,231 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream_import -short_description: OpenShift ImageStreamImport -description: -- Manage the lifecycle of a image_stream_import object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_images: - description: - - Images are a list of individual images to import. - aliases: - - images - type: list - spec_import: - description: - - Import indicates whether to perform an import - if so, the specified tags are - set on the spec and status of the image stream defined by the type meta. - aliases: - - import - type: bool - spec_repository_from_api_version: - description: - - API version of the referent. - aliases: - - repository_from_api_version - spec_repository_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - repository_from_field_path - spec_repository_from_kind: - description: - - Kind of the referent. - aliases: - - repository_from_kind - spec_repository_from_name: - description: - - Name of the referent. - aliases: - - repository_from_name - spec_repository_from_namespace: - description: - - Namespace of the referent. - aliases: - - repository_from_namespace - spec_repository_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - repository_from_resource_version - spec_repository_from_uid: - description: - - UID of the referent. - aliases: - - repository_from_uid - spec_repository_import_policy_insecure: - description: - - Insecure is true if the server may bypass certificate verification or connect - directly over HTTP during image import. - aliases: - - repository_import_policy_insecure - type: bool - spec_repository_import_policy_scheduled: - description: - - Scheduled indicates to the server that this tag should be periodically checked - to ensure it is up to date, and imported - aliases: - - repository_import_policy_scheduled - type: bool - spec_repository_include_manifest: - description: - - IncludeManifest determines if the manifest for each image is returned in the - response - aliases: - - repository_include_manifest - type: bool - spec_repository_reference_policy_type: - description: - - Type determines how the image pull spec should be transformed when the image - stream tag is used in deployment config triggers or new builds. The default - value is `Source`, indicating the original location of the image should be used - (if imported). The user may also specify `Local`, indicating that the pull spec - should point to the integrated Docker registry and leverage the registry's ability - to proxy the pull to an upstream registry. `Local` allows the credentials used - to pull this image to be managed from the image stream's namespace, so others - on the platform can access a remote image but have no access to the remote secret. - It also allows the image layers to be mirrored into the local registry which - the images can still be pulled even if the upstream registry is unavailable. - aliases: - - repository_reference_policy_type - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream_import: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec is a description of the images that the user wishes to import - type: complex - status: - description: - - Status is the the result of importing the image - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream_import', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream_list.py b/library/openshift_v1_image_stream_list.py deleted file mode 100644 index 2cf1ed9b..00000000 --- a/library/openshift_v1_image_stream_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream_list -short_description: OpenShift ImageStreamList -description: -- Retrieve a list of image_streams. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of imageStreams - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec describes the desired state of this stream - type: complex - status: - description: - - Status describes the current state of this stream - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream_mapping.py b/library/openshift_v1_image_stream_mapping.py deleted file mode 100644 index f11ff007..00000000 --- a/library/openshift_v1_image_stream_mapping.py +++ /dev/null @@ -1,235 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream_mapping -short_description: OpenShift ImageStreamMapping -description: -- Manage the lifecycle of a image_stream_mapping object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - image_api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - aliases: - - api_version - image_docker_image_config: - description: - - DockerImageConfig is a JSON blob that the runtime uses to set up the container. - This is a part of manifest schema v2. - aliases: - - docker_image_config - image_docker_image_layers: - description: - - DockerImageLayers represents the layers in the image. May not be set if the - image does not define that data. - aliases: - - docker_image_layers - type: list - image_docker_image_manifest: - description: - - DockerImageManifest is the raw JSON of the manifest - aliases: - - docker_image_manifest - image_docker_image_manifest_media_type: - description: - - DockerImageManifestMediaType specifies the mediaType of manifest. This is a - part of manifest schema v2. - aliases: - - docker_image_manifest_media_type - image_docker_image_metadata_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - image_docker_metadata_raw - image_docker_image_metadata_version: - description: - - DockerImageMetadataVersion conveys the version of the object, which if empty - defaults to "1.0" - aliases: - - docker_image_metadata_version - image_docker_image_reference: - description: - - DockerImageReference is the string that can be used to pull this image. - aliases: - - docker_image_reference - image_docker_image_signatures: - description: - - DockerImageSignatures provides the signatures as opaque blobs. This is a part - of manifest schema v1. - aliases: - - docker_image_signatures - type: list - image_kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - aliases: - - kind - image_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - image_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - image_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - image_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - image_signatures: - description: - - Signatures holds all signatures of the image. - aliases: - - signatures - type: list - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - tag: - description: - - Tag is a string value this image can be located with inside the stream. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream_mapping: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - image: - description: - - Image is a Docker image. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - tag: - description: - - Tag is a string value this image can be located with inside the stream. - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream_mapping', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream_tag.py b/library/openshift_v1_image_stream_tag.py deleted file mode 100644 index e276cde5..00000000 --- a/library/openshift_v1_image_stream_tag.py +++ /dev/null @@ -1,410 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream_tag -short_description: OpenShift ImageStreamTag -description: -- Manage the lifecycle of a image_stream_tag object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - conditions: - description: - - conditions is an array of conditions that apply to the image stream tag. - type: list - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - generation: - description: - - generation is the current generation of the tagged image - if tag is provided - and this value is not equal to the tag generation, a user has requested an import - that has not completed, or conditions will be filled out indicating any error. - type: int - host: - description: - - Provide a URL for acessing the Kubernetes API. - image_api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - aliases: - - api_version - image_docker_image_config: - description: - - DockerImageConfig is a JSON blob that the runtime uses to set up the container. - This is a part of manifest schema v2. - aliases: - - docker_image_config - image_docker_image_layers: - description: - - DockerImageLayers represents the layers in the image. May not be set if the - image does not define that data. - aliases: - - docker_image_layers - type: list - image_docker_image_manifest: - description: - - DockerImageManifest is the raw JSON of the manifest - aliases: - - docker_image_manifest - image_docker_image_manifest_media_type: - description: - - DockerImageManifestMediaType specifies the mediaType of manifest. This is a - part of manifest schema v2. - aliases: - - docker_image_manifest_media_type - image_docker_image_metadata_raw: - description: - - Raw is the underlying serialization of this object. - aliases: - - image_docker_metadata_raw - image_docker_image_metadata_version: - description: - - DockerImageMetadataVersion conveys the version of the object, which if empty - defaults to "1.0" - aliases: - - docker_image_metadata_version - image_docker_image_reference: - description: - - DockerImageReference is the string that can be used to pull this image. - aliases: - - docker_image_reference - image_docker_image_signatures: - description: - - DockerImageSignatures provides the signatures as opaque blobs. This is a part - of manifest schema v1. - aliases: - - docker_image_signatures - type: list - image_kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - aliases: - - kind - image_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - image_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - image_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - image_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - image_signatures: - description: - - Signatures holds all signatures of the image. - aliases: - - signatures - type: list - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - lookup_policy_local: - description: - - local will change the docker short image references (like "mysql" or "php:latest") - on objects in this namespace to the image ID whenever they match this image - stream, instead of reaching out to a remote registry. The name will be fully - qualified to an image ID if found. The tag's referencePolicy is taken into account - on the replaced value. Only works within the current namespace. - aliases: - - local - type: bool - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - tag_annotations: - description: - - Optional; if specified, annotations that are applied to images retrieved via - ImageStreamTags. - type: dict - tag_from_api_version: - description: - - API version of the referent. - tag_from_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - tag_from_kind: - description: - - Kind of the referent. - tag_from_name: - description: - - Name of the referent. - tag_from_namespace: - description: - - Namespace of the referent. - tag_from_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - tag_from_uid: - description: - - UID of the referent. - aliases: - - uid - tag_generation: - description: - - Generation is a counter that tracks mutations to the spec tag (user intent). - When a tag reference is changed the generation is set to match the current stream - generation (which is incremented every time spec is changed). Other processes - in the system like the image importer observe that the generation of spec tag - is newer than the generation recorded in the status and use that as a trigger - to import the newest remote tag. To trigger a new import, clients may set this - value to zero which will reset the generation to the latest stream generation. - Legacy clients will send this value as nil which will be merged with the current - tag generation. - type: int - tag_import_policy_insecure: - description: - - Insecure is true if the server may bypass certificate verification or connect - directly over HTTP during image import. - aliases: - - insecure - type: bool - tag_import_policy_scheduled: - description: - - Scheduled indicates to the server that this tag should be periodically checked - to ensure it is up to date, and imported - aliases: - - scheduled - type: bool - tag_name: - description: - - Name of the tag - tag_reference: - description: - - Reference states if the tag will be imported. Default value is false, which - means the tag will be imported. - aliases: - - reference - type: bool - tag_reference_policy_type: - description: - - Type determines how the image pull spec should be transformed when the image - stream tag is used in deployment config triggers or new builds. The default - value is `Source`, indicating the original location of the image should be used - (if imported). The user may also specify `Local`, indicating that the pull spec - should point to the integrated Docker registry and leverage the registry's ability - to proxy the pull to an upstream registry. `Local` allows the credentials used - to pull this image to be managed from the image stream's namespace, so others - on the platform can access a remote image but have no access to the remote secret. - It also allows the image layers to be mirrored into the local registry which - the images can still be pulled even if the upstream registry is unavailable. - aliases: - - type - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream_tag: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - conditions: - description: - - conditions is an array of conditions that apply to the image stream tag. - type: list - contains: - generation: - description: - - Generation is the spec tag generation that this status corresponds to - type: int - last_transition_time: - description: - - LastTransitionTIme is the time the condition transitioned from one status - to another. - type: complex - contains: {} - message: - description: - - Message is a human readable description of the details about last transition, - complementing reason. - type: str - reason: - description: - - Reason is a brief machine readable explanation for the condition's last - transition. - type: str - status: - description: - - Status of the condition, one of True, False, Unknown. - type: str - type: - description: - - Type of tag event condition, currently only ImportSuccess - type: str - generation: - description: - - generation is the current generation of the tagged image - if tag is provided - and this value is not equal to the tag generation, a user has requested an - import that has not completed, or conditions will be filled out indicating - any error. - type: int - image: - description: - - image associated with the ImageStream and tag. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - lookup_policy: - description: - - lookupPolicy indicates whether this tag will handle image references in this - namespace. - type: complex - metadata: - description: - - Standard object's metadata. - type: complex - tag: - description: - - tag is the spec tag associated with this image stream tag, and it may be null - if only pushes have occurred to this image stream. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream_tag', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_image_stream_tag_list.py b/library/openshift_v1_image_stream_tag_list.py deleted file mode 100644 index 182c11df..00000000 --- a/library/openshift_v1_image_stream_tag_list.py +++ /dev/null @@ -1,212 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_image_stream_tag_list -short_description: OpenShift ImageStreamTagList -description: -- Retrieve a list of image_stream_tags. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -image_stream_tag_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of image stream tags - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - conditions: - description: - - conditions is an array of conditions that apply to the image stream tag. - type: list - contains: - generation: - description: - - Generation is the spec tag generation that this status corresponds - to - type: int - last_transition_time: - description: - - LastTransitionTIme is the time the condition transitioned from one - status to another. - type: complex - contains: {} - message: - description: - - Message is a human readable description of the details about last - transition, complementing reason. - type: str - reason: - description: - - Reason is a brief machine readable explanation for the condition's - last transition. - type: str - status: - description: - - Status of the condition, one of True, False, Unknown. - type: str - type: - description: - - Type of tag event condition, currently only ImportSuccess - type: str - generation: - description: - - generation is the current generation of the tagged image - if tag is provided - and this value is not equal to the tag generation, a user has requested - an import that has not completed, or conditions will be filled out indicating - any error. - type: int - image: - description: - - image associated with the ImageStream and tag. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - lookup_policy: - description: - - lookupPolicy indicates whether this tag will handle image references in - this namespace. - type: complex - metadata: - description: - - Standard object's metadata. - type: complex - tag: - description: - - tag is the spec tag associated with this image stream tag, and it may - be null if only pushes have occurred to this image stream. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('image_stream_tag_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_net_namespace.py b/library/openshift_v1_net_namespace.py deleted file mode 100644 index 5169d535..00000000 --- a/library/openshift_v1_net_namespace.py +++ /dev/null @@ -1,191 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_net_namespace -short_description: OpenShift NetNamespace -description: -- Manage the lifecycle of a net_namespace object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - egress_i_ps: - description: - - EgressIPs is a list of reserved IPs that will be used as the source for external - traffic coming from pods in this namespace. (If empty, external traffic will - be masqueraded to Node IPs.) - type: list - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - netid: - description: - - NetID is the network identifier of the network namespace assigned to each overlay - network packet. This can be manipulated with the "oc adm pod-network" commands. - type: int - netname: - description: - - NetName is the name of the network namespace. (This is the same as the object's - name, but both fields must be set.) - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -net_namespace: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - egress_i_ps: - description: - - EgressIPs is a list of reserved IPs that will be used as the source for external - traffic coming from pods in this namespace. (If empty, external traffic will - be masqueraded to Node IPs.) - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - netid: - description: - - NetID is the network identifier of the network namespace assigned to each - overlay network packet. This can be manipulated with the "oc adm pod-network" - commands. - type: int - netname: - description: - - NetName is the name of the network namespace. (This is the same as the object's - name, but both fields must be set.) - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('net_namespace', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_net_namespace_list.py b/library/openshift_v1_net_namespace_list.py deleted file mode 100644 index 5bf9b834..00000000 --- a/library/openshift_v1_net_namespace_list.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_net_namespace_list -short_description: OpenShift NetNamespaceList -description: -- Retrieve a list of net_namespaces. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -net_namespace_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of net namespaces - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - egress_i_ps: - description: - - EgressIPs is a list of reserved IPs that will be used as the source for - external traffic coming from pods in this namespace. (If empty, external - traffic will be masqueraded to Node IPs.) - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - netid: - description: - - NetID is the network identifier of the network namespace assigned to each - overlay network packet. This can be manipulated with the "oc adm pod-network" - commands. - type: int - netname: - description: - - NetName is the name of the network namespace. (This is the same as the - object's name, but both fields must be set.) - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('net_namespace_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_access_token.py b/library/openshift_v1_o_auth_access_token.py deleted file mode 100644 index ed1d5a13..00000000 --- a/library/openshift_v1_o_auth_access_token.py +++ /dev/null @@ -1,229 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_access_token -short_description: OpenShift OAuthAccessToken -description: -- Manage the lifecycle of a o_auth_access_token object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - authorize_token: - description: - - AuthorizeToken contains the token that authorized this token - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - client_name: - description: - - ClientName references the client that created this token. - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - expires_in: - description: - - ExpiresIn is the seconds from CreationTime before this token expires. - type: int - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - inactivity_timeout_seconds: - description: - - InactivityTimeoutSeconds is the value in seconds, from the CreationTimestamp, - after which this token can no longer be used. The value is automatically incremented - when the token is used. - type: int - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - redirect_uri: - description: - - RedirectURI is the redirection associated with the token. - refresh_token: - description: - - RefreshToken is the value by which this token can be renewed. Can be blank. - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - scopes: - description: - - Scopes is an array of the requested scopes. - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - user_name: - description: - - UserName is the user name associated with this token - user_uid: - description: - - UserUID is the unique UID associated with this token - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_access_token: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - authorize_token: - description: - - AuthorizeToken contains the token that authorized this token - type: str - client_name: - description: - - ClientName references the client that created this token. - type: str - expires_in: - description: - - ExpiresIn is the seconds from CreationTime before this token expires. - type: int - inactivity_timeout_seconds: - description: - - InactivityTimeoutSeconds is the value in seconds, from the CreationTimestamp, - after which this token can no longer be used. The value is automatically incremented - when the token is used. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - redirect_uri: - description: - - RedirectURI is the redirection associated with the token. - type: str - refresh_token: - description: - - RefreshToken is the value by which this token can be renewed. Can be blank. - type: str - scopes: - description: - - Scopes is an array of the requested scopes. - type: list - contains: str - user_name: - description: - - UserName is the user name associated with this token - type: str - user_uid: - description: - - UserUID is the unique UID associated with this token - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_access_token', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_access_token_list.py b/library/openshift_v1_o_auth_access_token_list.py deleted file mode 100644 index 2cc561be..00000000 --- a/library/openshift_v1_o_auth_access_token_list.py +++ /dev/null @@ -1,196 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_access_token_list -short_description: OpenShift OAuthAccessTokenList -description: -- Retrieve a list of o_auth_access_tokens. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_access_token_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of OAuth access tokens - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - authorize_token: - description: - - AuthorizeToken contains the token that authorized this token - type: str - client_name: - description: - - ClientName references the client that created this token. - type: str - expires_in: - description: - - ExpiresIn is the seconds from CreationTime before this token expires. - type: int - inactivity_timeout_seconds: - description: - - InactivityTimeoutSeconds is the value in seconds, from the CreationTimestamp, - after which this token can no longer be used. The value is automatically - incremented when the token is used. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - redirect_uri: - description: - - RedirectURI is the redirection associated with the token. - type: str - refresh_token: - description: - - RefreshToken is the value by which this token can be renewed. Can be blank. - type: str - scopes: - description: - - Scopes is an array of the requested scopes. - type: list - contains: str - user_name: - description: - - UserName is the user name associated with this token - type: str - user_uid: - description: - - UserUID is the unique UID associated with this token - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_access_token_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_authorize_token.py b/library/openshift_v1_o_auth_authorize_token.py deleted file mode 100644 index c9452abd..00000000 --- a/library/openshift_v1_o_auth_authorize_token.py +++ /dev/null @@ -1,216 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_authorize_token -short_description: OpenShift OAuthAuthorizeToken -description: -- Manage the lifecycle of a o_auth_authorize_token object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - client_name: - description: - - ClientName references the client that created this token. - code_challenge: - description: - - CodeChallenge is the optional code_challenge associated with this authorization - code, as described in rfc7636 - code_challenge_method: - description: - - CodeChallengeMethod is the optional code_challenge_method associated with this - authorization code, as described in rfc7636 - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - expires_in: - description: - - ExpiresIn is the seconds from CreationTime before this token expires. - type: int - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - redirect_uri: - description: - - RedirectURI is the redirection associated with the token. - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - scopes: - description: - - Scopes is an array of the requested scopes. - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - State data from request - user_name: - description: - - UserName is the user name associated with this token - user_uid: - description: - - UserUID is the unique UID associated with this token. UserUID and UserName must - both match for this token to be valid. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_authorize_token: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - client_name: - description: - - ClientName references the client that created this token. - type: str - code_challenge: - description: - - CodeChallenge is the optional code_challenge associated with this authorization - code, as described in rfc7636 - type: str - code_challenge_method: - description: - - CodeChallengeMethod is the optional code_challenge_method associated with - this authorization code, as described in rfc7636 - type: str - expires_in: - description: - - ExpiresIn is the seconds from CreationTime before this token expires. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - redirect_uri: - description: - - RedirectURI is the redirection associated with the token. - type: str - scopes: - description: - - Scopes is an array of the requested scopes. - type: list - contains: str - state: - description: - - State data from request - type: str - user_name: - description: - - UserName is the user name associated with this token - type: str - user_uid: - description: - - UserUID is the unique UID associated with this token. UserUID and UserName - must both match for this token to be valid. - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_authorize_token', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_authorize_token_list.py b/library/openshift_v1_o_auth_authorize_token_list.py deleted file mode 100644 index 1fa25173..00000000 --- a/library/openshift_v1_o_auth_authorize_token_list.py +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_authorize_token_list -short_description: OpenShift OAuthAuthorizeTokenList -description: -- Retrieve a list of o_auth_authorize_tokens. List operations provide a snapshot read - of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_authorize_token_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of OAuth authorization tokens - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - client_name: - description: - - ClientName references the client that created this token. - type: str - code_challenge: - description: - - CodeChallenge is the optional code_challenge associated with this authorization - code, as described in rfc7636 - type: str - code_challenge_method: - description: - - CodeChallengeMethod is the optional code_challenge_method associated with - this authorization code, as described in rfc7636 - type: str - expires_in: - description: - - ExpiresIn is the seconds from CreationTime before this token expires. - type: int - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - redirect_uri: - description: - - RedirectURI is the redirection associated with the token. - type: str - scopes: - description: - - Scopes is an array of the requested scopes. - type: list - contains: str - state: - description: - - State data from request - type: str - user_name: - description: - - UserName is the user name associated with this token - type: str - user_uid: - description: - - UserUID is the unique UID associated with this token. UserUID and UserName - must both match for this token to be valid. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_authorize_token_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_client.py b/library/openshift_v1_o_auth_client.py deleted file mode 100644 index 1fe0f24f..00000000 --- a/library/openshift_v1_o_auth_client.py +++ /dev/null @@ -1,268 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_client -short_description: OpenShift OAuthClient -description: -- Manage the lifecycle of a o_auth_client object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - access_token_inactivity_timeout_seconds: - description: - - 'AccessTokenInactivityTimeoutSeconds overrides the default token inactivity - timeout for tokens granted to this client. The value represents the maximum - amount of time that can occur between consecutive uses of the token. Tokens - become invalid if they are not used within this temporal window. The user will - need to acquire a new token to regain access once a token times out. This value - needs to be set only if the default set in configuration is not appropriate - for this client. Valid values are: - 0: Tokens for this client never time out - - X: Tokens time out if there is no activity for X seconds The current minimum - allowed value for X is 300 (5 minutes)' - type: int - access_token_max_age_seconds: - description: - - AccessTokenMaxAgeSeconds overrides the default access token max age for tokens - granted to this client. 0 means no expiration. - type: int - additional_secrets: - description: - - AdditionalSecrets holds other secrets that may be used to identify the client. - This is useful for rotation and for service account token validation - type: list - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - grant_method: - description: - - 'GrantMethod determines how to handle grants for this client. If no method is - provided, the cluster default grant handling method will be used. Valid grant - handling methods are: - auto: always approves grant requests, useful for trusted - clients - prompt: prompts the end user for approval of grant requests, useful - for third-party clients - deny: always denies grant requests, useful for black-listed - clients' - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - redirect_ur_is: - description: - - RedirectURIs is the valid redirection URIs associated with a client - type: list - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - respond_with_challenges: - description: - - RespondWithChallenges indicates whether the client wants authentication needed - responses made in the form of challenges instead of redirects - type: bool - scope_restrictions: - description: - - ScopeRestrictions describes which scopes this client can request. Each requested - scope is checked against each restriction. If any restriction matches, then - the scope is allowed. If no restriction matches, then the scope is denied. - type: list - secret: - description: - - Secret is the unique secret associated with a client - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_client: - type: complex - returned: when I(state) = C(present) - contains: - access_token_inactivity_timeout_seconds: - description: - - 'AccessTokenInactivityTimeoutSeconds overrides the default token inactivity - timeout for tokens granted to this client. The value represents the maximum - amount of time that can occur between consecutive uses of the token. Tokens - become invalid if they are not used within this temporal window. The user - will need to acquire a new token to regain access once a token times out. - This value needs to be set only if the default set in configuration is not - appropriate for this client. Valid values are: - 0: Tokens for this client - never time out - X: Tokens time out if there is no activity for X seconds - The current minimum allowed value for X is 300 (5 minutes)' - type: int - access_token_max_age_seconds: - description: - - AccessTokenMaxAgeSeconds overrides the default access token max age for tokens - granted to this client. 0 means no expiration. - type: int - additional_secrets: - description: - - AdditionalSecrets holds other secrets that may be used to identify the client. - This is useful for rotation and for service account token validation - type: list - contains: str - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - grant_method: - description: - - 'GrantMethod determines how to handle grants for this client. If no method - is provided, the cluster default grant handling method will be used. Valid - grant handling methods are: - auto: always approves grant requests, useful - for trusted clients - prompt: prompts the end user for approval of grant requests, - useful for third-party clients - deny: always denies grant requests, useful - for black-listed clients' - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - redirect_ur_is: - description: - - RedirectURIs is the valid redirection URIs associated with a client - type: list - contains: str - respond_with_challenges: - description: - - RespondWithChallenges indicates whether the client wants authentication needed - responses made in the form of challenges instead of redirects - type: bool - scope_restrictions: - description: - - ScopeRestrictions describes which scopes this client can request. Each requested - scope is checked against each restriction. If any restriction matches, then - the scope is allowed. If no restriction matches, then the scope is denied. - type: list - contains: - cluster_role: - description: - - ClusterRole describes a set of restrictions for cluster role scoping. - type: complex - literals: - description: - - ExactValues means the scope has to match a particular set of strings exactly - type: list - contains: str - secret: - description: - - Secret is the unique secret associated with a client - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_client', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_client_authorization.py b/library/openshift_v1_o_auth_client_authorization.py deleted file mode 100644 index 41baccb6..00000000 --- a/library/openshift_v1_o_auth_client_authorization.py +++ /dev/null @@ -1,190 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_client_authorization -short_description: OpenShift OAuthClientAuthorization -description: -- Manage the lifecycle of a o_auth_client_authorization object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - client_name: - description: - - ClientName references the client that created this authorization - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - scopes: - description: - - Scopes is an array of the granted scopes. - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - user_name: - description: - - UserName is the user name that authorized this client - user_uid: - description: - - UserUID is the unique UID associated with this authorization. UserUID and UserName - must both match for this authorization to be valid. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_client_authorization: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - client_name: - description: - - ClientName references the client that created this authorization - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - scopes: - description: - - Scopes is an array of the granted scopes. - type: list - contains: str - user_name: - description: - - UserName is the user name that authorized this client - type: str - user_uid: - description: - - UserUID is the unique UID associated with this authorization. UserUID and - UserName must both match for this authorization to be valid. - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_client_authorization', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_client_authorization_list.py b/library/openshift_v1_o_auth_client_authorization_list.py deleted file mode 100644 index 755a729a..00000000 --- a/library/openshift_v1_o_auth_client_authorization_list.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_client_authorization_list -short_description: OpenShift OAuthClientAuthorizationList -description: -- Retrieve a list of o_auth_client_authorizations. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_client_authorization_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of OAuth client authorizations - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - client_name: - description: - - ClientName references the client that created this authorization - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - scopes: - description: - - Scopes is an array of the granted scopes. - type: list - contains: str - user_name: - description: - - UserName is the user name that authorized this client - type: str - user_uid: - description: - - UserUID is the unique UID associated with this authorization. UserUID - and UserName must both match for this authorization to be valid. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_client_authorization_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_o_auth_client_list.py b/library/openshift_v1_o_auth_client_list.py deleted file mode 100644 index d6737685..00000000 --- a/library/openshift_v1_o_auth_client_list.py +++ /dev/null @@ -1,221 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_o_auth_client_list -short_description: OpenShift OAuthClientList -description: -- Retrieve a list of o_auth_clients. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -o_auth_client_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of OAuth clients - type: list - contains: - access_token_inactivity_timeout_seconds: - description: - - 'AccessTokenInactivityTimeoutSeconds overrides the default token inactivity - timeout for tokens granted to this client. The value represents the maximum - amount of time that can occur between consecutive uses of the token. Tokens - become invalid if they are not used within this temporal window. The user - will need to acquire a new token to regain access once a token times out. - This value needs to be set only if the default set in configuration is - not appropriate for this client. Valid values are: - 0: Tokens for this - client never time out - X: Tokens time out if there is no activity for - X seconds The current minimum allowed value for X is 300 (5 minutes)' - type: int - access_token_max_age_seconds: - description: - - AccessTokenMaxAgeSeconds overrides the default access token max age for - tokens granted to this client. 0 means no expiration. - type: int - additional_secrets: - description: - - AdditionalSecrets holds other secrets that may be used to identify the - client. This is useful for rotation and for service account token validation - type: list - contains: str - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - grant_method: - description: - - 'GrantMethod determines how to handle grants for this client. If no method - is provided, the cluster default grant handling method will be used. Valid - grant handling methods are: - auto: always approves grant requests, useful - for trusted clients - prompt: prompts the end user for approval of grant - requests, useful for third-party clients - deny: always denies grant requests, - useful for black-listed clients' - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - redirect_ur_is: - description: - - RedirectURIs is the valid redirection URIs associated with a client - type: list - contains: str - respond_with_challenges: - description: - - RespondWithChallenges indicates whether the client wants authentication - needed responses made in the form of challenges instead of redirects - type: bool - scope_restrictions: - description: - - ScopeRestrictions describes which scopes this client can request. Each - requested scope is checked against each restriction. If any restriction - matches, then the scope is allowed. If no restriction matches, then the - scope is denied. - type: list - contains: - cluster_role: - description: - - ClusterRole describes a set of restrictions for cluster role scoping. - type: complex - literals: - description: - - ExactValues means the scope has to match a particular set of strings - exactly - type: list - contains: str - secret: - description: - - Secret is the unique secret associated with a client - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('o_auth_client_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_pod_security_policy_review.py b/library/openshift_v1_pod_security_policy_review.py deleted file mode 100644 index dc9f26bd..00000000 --- a/library/openshift_v1_pod_security_policy_review.py +++ /dev/null @@ -1,446 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_pod_security_policy_review -short_description: OpenShift PodSecurityPolicyReview -description: -- Manage the lifecycle of a pod_security_policy_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_service_account_names: - description: - - serviceAccountNames is an optional set of ServiceAccounts to run the check with. - If serviceAccountNames is empty, the template.spec.serviceAccountName is used, - unless it's empty, in which case "default" is used instead. If serviceAccountNames - is specified, template.spec.serviceAccountName is ignored. - aliases: - - service_account_names - type: list - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_security_policy_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - spec: - description: - - spec is the PodSecurityPolicy to check. - type: complex - status: - description: - - status represents the current information/status for the PodSecurityPolicyReview. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('pod_security_policy_review', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_pod_security_policy_self_subject_review.py b/library/openshift_v1_pod_security_policy_self_subject_review.py deleted file mode 100644 index 492bf0e6..00000000 --- a/library/openshift_v1_pod_security_policy_self_subject_review.py +++ /dev/null @@ -1,437 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_pod_security_policy_self_subject_review -short_description: OpenShift PodSecurityPolicySelfSubjectReview -description: -- Manage the lifecycle of a pod_security_policy_self_subject_review object. Supports - check mode, and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_security_policy_self_subject_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - spec: - description: - - spec defines specification the PodSecurityPolicySelfSubjectReview. - type: complex - status: - description: - - status represents the current information/status for the PodSecurityPolicySelfSubjectReview. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('pod_security_policy_self_subject_review', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_pod_security_policy_subject_review.py b/library/openshift_v1_pod_security_policy_subject_review.py deleted file mode 100644 index a6563aa4..00000000 --- a/library/openshift_v1_pod_security_policy_subject_review.py +++ /dev/null @@ -1,451 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_pod_security_policy_subject_review -short_description: OpenShift PodSecurityPolicySubjectReview -description: -- Manage the lifecycle of a pod_security_policy_subject_review object. Supports check - mode, and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_groups: - description: - - groups is the groups you're testing for. - aliases: - - groups - type: list - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_user: - description: - - user is the user you're testing for. If you specify "user" but not "group", - then is it interpreted as "What if user were not a member of any groups. If - user and groups are empty, then the check is performed using *only* the serviceAccountName - in the template. - aliases: - - user - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -pod_security_policy_subject_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - spec: - description: - - spec defines specification for the PodSecurityPolicySubjectReview. - type: complex - status: - description: - - status represents the current information/status for the PodSecurityPolicySubjectReview. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('pod_security_policy_subject_review', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_project.py b/library/openshift_v1_project.py deleted file mode 100644 index 1ad523f1..00000000 --- a/library/openshift_v1_project.py +++ /dev/null @@ -1,188 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_project -short_description: OpenShift Project -description: -- Manage the lifecycle of a project object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - description: - description: - - Provides a brief overview or narrative for the project. - display_name: - description: - - Provides a descriptive name for the project. - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_finalizers: - description: - - Finalizers is an opaque list of values that must be empty to permanently remove - object from storage - aliases: - - finalizers - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -- name: Create project - openshift_v1_project.yml: - name: example - state: present - -- name: Remove project - openshift_v1_project.yml: - name: example - state: absent -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -project: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of the Namespace. - type: complex - status: - description: - - Status describes the current status of a Namespace - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('project', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_project_list.py b/library/openshift_v1_project_list.py deleted file mode 100644 index 5b3c1c07..00000000 --- a/library/openshift_v1_project_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_project_list -short_description: OpenShift ProjectList -description: -- Retrieve a list of projects. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -project_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of projects - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the behavior of the Namespace. - type: complex - status: - description: - - Status describes the current status of a Namespace - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('project_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_replica_set.py b/library/openshift_v1_replica_set.py deleted file mode 100644 index 3d3f48f6..00000000 --- a/library/openshift_v1_replica_set.py +++ /dev/null @@ -1,521 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_replica_set -short_description: OpenShift ReplicaSet -description: -- Manage the lifecycle of a replica_set object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_min_ready_seconds: - description: - - Minimum number of seconds for which a newly created pod should be ready without - any of its container crashing, for it to be considered available. Defaults to - 0 (pod will be considered available as soon as it is ready) - aliases: - - min_ready_seconds - type: int - spec_replicas: - description: - - Replicas is the number of desired replicas. This is a pointer to distinguish - between explicit zero and unspecified. Defaults to 1. - aliases: - - replicas - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replica_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicaSet are empty, they are defaulted to be the same - as the Pod(s) that the ReplicaSet manages. Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the ReplicaSet. - type: complex - status: - description: - - Status is the most recently observed status of the ReplicaSet. This data may - be out of date by some window of time. Populated by the system. Read-only. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('replica_set', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_replica_set_list.py b/library/openshift_v1_replica_set_list.py deleted file mode 100644 index af37202c..00000000 --- a/library/openshift_v1_replica_set_list.py +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_replica_set_list -short_description: OpenShift ReplicaSetList -description: -- Retrieve a list of replica_sets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -replica_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ReplicaSets. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - If the Labels of a ReplicaSet are empty, they are defaulted to be the - same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. - type: complex - spec: - description: - - Spec defines the specification of the desired behavior of the ReplicaSet. - type: complex - status: - description: - - Status is the most recently observed status of the ReplicaSet. This data - may be out of date by some window of time. Populated by the system. Read-only. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('replica_set_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_role.py b/library/openshift_v1_role.py deleted file mode 100644 index 7d3b5575..00000000 --- a/library/openshift_v1_role.py +++ /dev/null @@ -1,208 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_role -short_description: OpenShift Role -description: -- Manage the lifecycle of a role object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. If - this field is empty, then both kubernetes and origin API groups are assumed. - That means that if an action is requested against one of the enumerated - resources in either the kubernetes or the origin API group, the request - will be allowed - type: list - contains: str - attribute_restrictions: - description: - - AttributeRestrictions will vary depending on what the Authorizer/AuthorizationAttributeBuilder - pair supports. If the Authorizer does not recognize how to handle the - AttributeRestrictions, the Authorizer should report an error. - type: complex - non_resource_ur_ls: - description: - - NonResourceURLsSlice is a set of partial urls that a user should have - access to. *s are allowed, but only as the full, final step in the path - This name is intentionally different than the internal type so that the - DefaultConvert works nicely and because the ordering may be different. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll represents - all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('role', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_role_binding.py b/library/openshift_v1_role_binding.py deleted file mode 100644 index 5029d7a7..00000000 --- a/library/openshift_v1_role_binding.py +++ /dev/null @@ -1,281 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_role_binding -short_description: OpenShift RoleBinding -description: -- Manage the lifecycle of a role_binding object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - group_names: - description: - - GroupNames holds all the groups directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects for - further details. - type: list - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - role_ref_api_version: - description: - - API version of the referent. - aliases: - - api_version - role_ref_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - role_ref_kind: - description: - - Kind of the referent. - aliases: - - kind - role_ref_name: - description: - - Name of the referent. - role_ref_namespace: - description: - - Namespace of the referent. - role_ref_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - role_ref_uid: - description: - - UID of the referent. - aliases: - - uid - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - subjects: - description: - - Subjects hold object references to authorize with this rule. This field is ignored - if UserNames or GroupNames are specified to support legacy clients and servers. - Thus newer clients that do not need to support backwards compatibility should - send only fully qualified Subjects and should omit the UserNames and GroupNames - fields. Clients that need to support backwards compatibility can use this field - to build the UserNames and GroupNames. - type: list - user_names: - description: - - UserNames holds all the usernames directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects for - further details. - type: list - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - group_names: - description: - - GroupNames holds all the groups directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects - for further details. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference the current namespace and the global namespace. - If the RoleRef cannot be resolved, the Authorizer must return an error. Since - Policy is a singleton, this is sufficient knowledge to locate a role. - type: complex - subjects: - description: - - Subjects hold object references to authorize with this rule. This field is - ignored if UserNames or GroupNames are specified to support legacy clients - and servers. Thus newer clients that do not need to support backwards compatibility - should send only fully qualified Subjects and should omit the UserNames and - GroupNames fields. Clients that need to support backwards compatibility can - use this field to build the UserNames and GroupNames. - type: list - contains: - api_version: - description: - - API version of the referent. - type: str - field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this - string should contain a valid JSON/Go field access statement, such as - desiredState.manifest.containers[2]. For example, if the object reference - is to a container within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered the event) - or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object.' - type: str - kind: - description: - - Kind of the referent. - type: str - name: - description: - - Name of the referent. - type: str - namespace: - description: - - Namespace of the referent. - type: str - resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - type: str - uid: - description: - - UID of the referent. - type: str - user_names: - description: - - UserNames holds all the usernames directly bound to the role. This field should - only be specified when supporting legacy clients and servers. See Subjects - for further details. - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('role_binding', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_role_binding_list.py b/library/openshift_v1_role_binding_list.py deleted file mode 100644 index 64a4c42f..00000000 --- a/library/openshift_v1_role_binding_list.py +++ /dev/null @@ -1,224 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_role_binding_list -short_description: OpenShift RoleBindingList -description: -- Retrieve a list of role_bindings. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of RoleBindings - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - group_names: - description: - - GroupNames holds all the groups directly bound to the role. This field - should only be specified when supporting legacy clients and servers. See - Subjects for further details. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - role_ref: - description: - - RoleRef can only reference the current namespace and the global namespace. - If the RoleRef cannot be resolved, the Authorizer must return an error. - Since Policy is a singleton, this is sufficient knowledge to locate a - role. - type: complex - subjects: - description: - - Subjects hold object references to authorize with this rule. This field - is ignored if UserNames or GroupNames are specified to support legacy - clients and servers. Thus newer clients that do not need to support backwards - compatibility should send only fully qualified Subjects and should omit - the UserNames and GroupNames fields. Clients that need to support backwards - compatibility can use this field to build the UserNames and GroupNames. - type: list - contains: - api_version: - description: - - API version of the referent. - type: str - field_path: - description: - - 'If referring to a piece of an object instead of an entire object, - this string should contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For example, if the object - reference is to a container within a pod, this would take on a value - like: "spec.containers{name}" (where "name" refers to the name of - the container that triggered the event) or if no container name is - specified "spec.containers[2]" (container with index 2 in this pod). - This syntax is chosen only to have some well-defined way of referencing - a part of an object.' - type: str - kind: - description: - - Kind of the referent. - type: str - name: - description: - - Name of the referent. - type: str - namespace: - description: - - Namespace of the referent. - type: str - resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - type: str - uid: - description: - - UID of the referent. - type: str - user_names: - description: - - UserNames holds all the usernames directly bound to the role. This field - should only be specified when supporting legacy clients and servers. See - Subjects for further details. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('role_binding_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_role_binding_restriction.py b/library/openshift_v1_role_binding_restriction.py deleted file mode 100644 index 1f9746b0..00000000 --- a/library/openshift_v1_role_binding_restriction.py +++ /dev/null @@ -1,206 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_role_binding_restriction -short_description: OpenShift RoleBindingRestriction -description: -- Manage the lifecycle of a role_binding_restriction object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_grouprestriction_groups: - description: - - Groups is a list of groups used to match against an individual user's groups. - If the user is a member of one of the whitelisted groups, the user is allowed - to be bound to a role. - aliases: - - grouprestriction_groups - type: list - spec_grouprestriction_labels: - description: - - Selectors specifies a list of label selectors over group labels. - aliases: - - grouprestriction_labels - type: list - spec_serviceaccountrestriction_namespaces: - description: - - Namespaces specifies a list of literal namespace names. - aliases: - - serviceaccountrestriction_namespaces - type: list - spec_serviceaccountrestriction_serviceaccounts: - description: - - ServiceAccounts specifies a list of literal service-account names. - aliases: - - serviceaccountrestriction_serviceaccounts - type: list - spec_userrestriction_groups: - description: - - Groups specifies a list of literal group names. - aliases: - - userrestriction_groups - type: list - spec_userrestriction_labels: - description: - - Selectors specifies a list of label selectors over user labels. - aliases: - - userrestriction_labels - type: list - spec_userrestriction_users: - description: - - Users specifies a list of literal user names. - aliases: - - userrestriction_users - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding_restriction: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the matcher. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('role_binding_restriction', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_role_binding_restriction_list.py b/library/openshift_v1_role_binding_restriction_list.py deleted file mode 100644 index ff0d5aa4..00000000 --- a/library/openshift_v1_role_binding_restriction_list.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_role_binding_restriction_list -short_description: OpenShift RoleBindingRestrictionList -description: -- Retrieve a list of role_binding_restrictions. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_binding_restriction_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of RoleBindingRestriction objects. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - spec: - description: - - Spec defines the matcher. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('role_binding_restriction_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_role_list.py b/library/openshift_v1_role_list.py deleted file mode 100644 index eaba63d0..00000000 --- a/library/openshift_v1_role_list.py +++ /dev/null @@ -1,204 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_role_list -short_description: OpenShift RoleList -description: -- Retrieve a list of roles. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -role_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of Roles - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - rules: - description: - - Rules holds all the PolicyRules for this Role - type: list - contains: - api_groups: - description: - - APIGroups is the name of the APIGroup that contains the resources. - If this field is empty, then both kubernetes and origin API groups - are assumed. That means that if an action is requested against one - of the enumerated resources in either the kubernetes or the origin - API group, the request will be allowed - type: list - contains: str - attribute_restrictions: - description: - - AttributeRestrictions will vary depending on what the Authorizer/AuthorizationAttributeBuilder - pair supports. If the Authorizer does not recognize how to handle - the AttributeRestrictions, the Authorizer should report an error. - type: complex - non_resource_ur_ls: - description: - - NonResourceURLsSlice is a set of partial urls that a user should have - access to. *s are allowed, but only as the full, final step in the - path This name is intentionally different than the internal type so - that the DefaultConvert works nicely and because the ordering may - be different. - type: list - contains: str - resource_names: - description: - - ResourceNames is an optional white list of names that the rule applies - to. An empty set means that everything is allowed. - type: list - contains: str - resources: - description: - - Resources is a list of resources this rule applies to. ResourceAll - represents all resources. - type: list - contains: str - verbs: - description: - - Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions - contained in this rule. VerbAll represents all kinds. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('role_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_route.py b/library/openshift_v1_route.py deleted file mode 100644 index 9fd5ac94..00000000 --- a/library/openshift_v1_route.py +++ /dev/null @@ -1,304 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_route -short_description: OpenShift Route -description: -- Manage the lifecycle of a route object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_alternate_backends: - description: - - alternateBackends allows up to 3 additional backends to be assigned to the route. - Only the Service kind is allowed, and it will be defaulted to Service. Use the - weight field in RouteTargetReference object to specify relative preference. - aliases: - - alternate_backends - type: list - spec_host: - description: - - host is an alias/DNS that points to the service. Optional. If not specified - a route name will typically be automatically chosen. Must follow DNS952 subdomain - conventions. - spec_path: - description: - - Path that the router watches for, to route traffic for to the service. Optional - aliases: - - path - spec_port_target_port: - description: - - The target port on pods selected by the service this route points to. If this - is a string, it will be looked up as a named port in the target endpoints port - list. Required - aliases: - - port_target_port - type: object - spec_tls_ca_certificate: - description: - - caCertificate provides the cert authority certificate contents - aliases: - - tls_ca_certificate - spec_tls_certificate: - description: - - certificate provides certificate contents - aliases: - - tls_certificate - spec_tls_destination_ca_certificate: - description: - - destinationCACertificate provides the contents of the ca certificate of the - final destination. When using reencrypt termination this file should be provided - in order to have routers use it for health checks on the secure connection. - If this field is not specified, the router may provide its own destination CA - and perform hostname validation using the short service name (service.namespace.svc), - which allows infrastructure generated certificates to automatically verify. - aliases: - - tls_destination_ca_certificate - spec_tls_insecure_edge_termination_policy: - description: - - insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections - to a route. While each router may make its own decisions on which ports to expose, - this is normally port 80. * Allow - traffic is sent to the server on the insecure - port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - - clients are redirected to the secure port. - aliases: - - tls_insecure_edge_termination_policy - spec_tls_key: - description: - - key provides key file contents - aliases: - - tls_key - spec_tls_termination: - description: - - termination indicates termination type. - aliases: - - tls_termination - spec_to_kind: - description: - - The kind of target that the route is referring to. Currently, only 'Service' - is allowed - aliases: - - to_kind - spec_to_name: - description: - - name of the service/target that is being referred to. e.g. name of the service - aliases: - - to_name - spec_to_weight: - description: - - weight as an integer between 0 and 256, default 1, that specifies the target's - relative weight against other target reference objects. 0 suppresses requests - to this backend. - aliases: - - to_weight - type: int - spec_wildcard_policy: - description: - - Wildcard policy if any for the route. Currently only 'Subdomain' or 'None' is - allowed. - aliases: - - wildcard_policy - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -- name: Create route - openshift_v1_route.yml: - name: myroute - namespace: k8s-project - state: present - host: www.example.com - spec_to_kind: Service - spec_to_name: service-name - tls_termination: edge - tls_key: |- - -----BEGIN PRIVATE KEY----- - key_file_contents - -----END PRIVATE KEY----- - tls_certificate: |- - -----BEGIN CERTIFICATE----- - certificate contents - -----END CERTIFICATE----- - tls_ca_certificate: |- - -----BEGIN CERTIFICATE----- - ca_certificate_contents - -----END CERTIFICATE----- - -- name: Patch route - openshift_v1_route.yml: - name: myroute - namespace: k8s-project - state: present - host: www.example.com - tls_termination: reencrypt - spec_to_kind: Service - spec_to_name: other-service-name - -- name: Replace route - openshift_v1_route.yml: - name: myroute - namespace: k8s-project - state: replaced - host: www.example.com - path: /foo/bar/baz.html - spec_to_kind: Service - spec_to_name: whimsy-name - tls_termination: edge - -- name: Remove route - openshift_v1_route.yml: - name: myroute - namespace: k8s-project - state: absent -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -route: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - spec is the desired state of the route - type: complex - status: - description: - - status is the current state of the route - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('route', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_route_list.py b/library/openshift_v1_route_list.py deleted file mode 100644 index 3e6ae269..00000000 --- a/library/openshift_v1_route_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_route_list -short_description: OpenShift RouteList -description: -- Retrieve a list of routes. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -route_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is a list of routes - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - spec is the desired state of the route - type: complex - status: - description: - - status is the current state of the route - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('route_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_security_context_constraints.py b/library/openshift_v1_security_context_constraints.py deleted file mode 100644 index 48b94687..00000000 --- a/library/openshift_v1_security_context_constraints.py +++ /dev/null @@ -1,434 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_security_context_constraints -short_description: OpenShift SecurityContextConstraints -description: -- Manage the lifecycle of a security_context_constraints object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - allow_host_dir_volume_plugin: - description: - - AllowHostDirVolumePlugin determines if the policy allow containers to use the - HostDir volume plugin - type: bool - allow_host_ipc: - description: - - AllowHostIPC determines if the policy allows host ipc in the containers. - type: bool - allow_host_network: - description: - - AllowHostNetwork determines if the policy allows the use of HostNetwork in the - pod spec. - type: bool - allow_host_pid: - description: - - AllowHostPID determines if the policy allows host pid in the containers. - type: bool - allow_host_ports: - description: - - AllowHostPorts determines if the policy allows host ports in the containers. - type: bool - allow_privileged_container: - description: - - AllowPrivilegedContainer determines if a container can request to be run as - privileged. - type: bool - allowed_capabilities: - description: - - AllowedCapabilities is a list of capabilities that can be requested to add to - the container. Capabilities in this field maybe added at the pod author's discretion. - You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities. - To allow all capabilities you may use '*'. - type: list - allowed_flex_volumes: - description: - - AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates - that all Flexvolumes may be used. This parameter is effective only when the - usage of the Flexvolumes is allowed in the "Volumes" field. - type: list - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - default_add_capabilities: - description: - - DefaultAddCapabilities is the default set of capabilities that will be added - to the container unless the pod spec specifically drops the capability. You - may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities. - type: list - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - fs_group_ranges: - description: - - Ranges are the allowed ranges of fs groups. If you would like to force a single - fs group then supply a single range with the same start and end. - aliases: - - ranges - type: list - fs_group_type: - description: - - Type is the strategy that will dictate what FSGroup is used in the SecurityContext. - aliases: - - type - groups: - description: - - The groups that have permission to use this security context constraints - type: list - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - priority: - description: - - Priority influences the sort order of SCCs when evaluating which SCCs to try - first for a given pod request based on access in the Users and Groups fields. - The higher the int, the higher priority. An unset value is considered a 0 priority. - If scores for multiple SCCs are equal they will be sorted from most restrictive - to least restrictive. If both priorities and restrictions are equal the SCCs - will be sorted by name. - type: int - read_only_root_filesystem: - description: - - ReadOnlyRootFilesystem when set to true will force containers to run with a - read only root file system. If the container specifically requests to run with - a non-read only root file system the SCC should deny the pod. If set to false - the container may run with a read only root file system if it wishes but it - will not be forced to. - type: bool - required_drop_capabilities: - description: - - RequiredDropCapabilities are the capabilities that will be dropped from the - container. These are required to be dropped and cannot be added. - type: list - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - run_as_user_type: - description: - - Type is the strategy that will dictate what RunAsUser is used in the SecurityContext. - run_as_user_uid: - description: - - UID is the user id that containers must run as. Required for the MustRunAs strategy - if not using namespace/service account allocated uids. - aliases: - - uid - type: int - run_as_user_uid_range_max: - description: - - UIDRangeMax defines the max value for a strategy that allocates by range. - aliases: - - uid_range_max - type: int - run_as_user_uid_range_min: - description: - - UIDRangeMin defines the min value for a strategy that allocates by range. - aliases: - - uid_range_min - type: int - se_linux_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - level - se_linux_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - role - se_linux_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - se_linux_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - user - se_linux_context_type: - description: - - Type is the strategy that will dictate what SELinux context is used in the SecurityContext. - seccomp_profiles: - description: - - SeccompProfiles lists the allowed profiles that may be set for the pod or container's - seccomp annotations. An unset (nil) or empty value means that no profiles may - be specifid by the pod or container. The wildcard '*' may be used to allow all - profiles. When used to generate a value for a pod the first non-wildcard profile - will be used as the default. - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - supplemental_groups_ranges: - description: - - Ranges are the allowed ranges of supplemental groups. If you would like to force - a single supplemental group then supply a single range with the same start and - end. - type: list - supplemental_groups_type: - description: - - Type is the strategy that will dictate what supplemental groups is used in the - SecurityContext. - username: - description: - - Provide a username for connecting to the API. - users: - description: - - The users who have permissions to use this security context constraints - type: list - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool - volumes: - description: - - Volumes is a white list of allowed volume plugins. FSType corresponds directly - with the field names of a VolumeSource (azureFile, configMap, emptyDir). To - allow all volumes you may use "*". To allow no volumes, set to ["none"]. - type: list -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -security_context_constraints: - type: complex - returned: when I(state) = C(present) - contains: - allow_host_dir_volume_plugin: - description: - - AllowHostDirVolumePlugin determines if the policy allow containers to use - the HostDir volume plugin - type: bool - allow_host_ipc: - description: - - AllowHostIPC determines if the policy allows host ipc in the containers. - type: bool - allow_host_network: - description: - - AllowHostNetwork determines if the policy allows the use of HostNetwork in - the pod spec. - type: bool - allow_host_pid: - description: - - AllowHostPID determines if the policy allows host pid in the containers. - type: bool - allow_host_ports: - description: - - AllowHostPorts determines if the policy allows host ports in the containers. - type: bool - allow_privileged_container: - description: - - AllowPrivilegedContainer determines if a container can request to be run as - privileged. - type: bool - allowed_capabilities: - description: - - AllowedCapabilities is a list of capabilities that can be requested to add - to the container. Capabilities in this field maybe added at the pod author's - discretion. You must not list a capability in both AllowedCapabilities and - RequiredDropCapabilities. To allow all capabilities you may use '*'. - type: list - contains: str - allowed_flex_volumes: - description: - - AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates - that all Flexvolumes may be used. This parameter is effective only when the - usage of the Flexvolumes is allowed in the "Volumes" field. - type: list - contains: - driver: - description: - - Driver is the name of the Flexvolume driver. - type: str - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - default_add_capabilities: - description: - - DefaultAddCapabilities is the default set of capabilities that will be added - to the container unless the pod spec specifically drops the capability. You - may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities. - type: list - contains: str - fs_group: - description: - - FSGroup is the strategy that will dictate what fs group is used by the SecurityContext. - type: complex - groups: - description: - - The groups that have permission to use this security context constraints - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - priority: - description: - - Priority influences the sort order of SCCs when evaluating which SCCs to try - first for a given pod request based on access in the Users and Groups fields. - The higher the int, the higher priority. An unset value is considered a 0 - priority. If scores for multiple SCCs are equal they will be sorted from most - restrictive to least restrictive. If both priorities and restrictions are - equal the SCCs will be sorted by name. - type: int - read_only_root_filesystem: - description: - - ReadOnlyRootFilesystem when set to true will force containers to run with - a read only root file system. If the container specifically requests to run - with a non-read only root file system the SCC should deny the pod. If set - to false the container may run with a read only root file system if it wishes - but it will not be forced to. - type: bool - required_drop_capabilities: - description: - - RequiredDropCapabilities are the capabilities that will be dropped from the - container. These are required to be dropped and cannot be added. - type: list - contains: str - run_as_user: - description: - - RunAsUser is the strategy that will dictate what RunAsUser is used in the - SecurityContext. - type: complex - se_linux_context: - description: - - SELinuxContext is the strategy that will dictate what labels will be set in - the SecurityContext. - type: complex - seccomp_profiles: - description: - - SeccompProfiles lists the allowed profiles that may be set for the pod or - container's seccomp annotations. An unset (nil) or empty value means that - no profiles may be specifid by the pod or container. The wildcard '*' may - be used to allow all profiles. When used to generate a value for a pod the - first non-wildcard profile will be used as the default. - type: list - contains: str - supplemental_groups: - description: - - SupplementalGroups is the strategy that will dictate what supplemental groups - are used by the SecurityContext. - type: complex - users: - description: - - The users who have permissions to use this security context constraints - type: list - contains: str - volumes: - description: - - Volumes is a white list of allowed volume plugins. FSType corresponds directly - with the field names of a VolumeSource (azureFile, configMap, emptyDir). To - allow all volumes you may use "*". To allow no volumes, set to ["none"]. - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('security_context_constraints', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_security_context_constraints_list.py b/library/openshift_v1_security_context_constraints_list.py deleted file mode 100644 index d2341f1d..00000000 --- a/library/openshift_v1_security_context_constraints_list.py +++ /dev/null @@ -1,280 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_security_context_constraints_list -short_description: OpenShift SecurityContextConstraintsList -description: -- Retrieve a list of security_context_constraints. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -security_context_constraints_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of security context constraints. - type: list - contains: - allow_host_dir_volume_plugin: - description: - - AllowHostDirVolumePlugin determines if the policy allow containers to - use the HostDir volume plugin - type: bool - allow_host_ipc: - description: - - AllowHostIPC determines if the policy allows host ipc in the containers. - type: bool - allow_host_network: - description: - - AllowHostNetwork determines if the policy allows the use of HostNetwork - in the pod spec. - type: bool - allow_host_pid: - description: - - AllowHostPID determines if the policy allows host pid in the containers. - type: bool - allow_host_ports: - description: - - AllowHostPorts determines if the policy allows host ports in the containers. - type: bool - allow_privileged_container: - description: - - AllowPrivilegedContainer determines if a container can request to be run - as privileged. - type: bool - allowed_capabilities: - description: - - AllowedCapabilities is a list of capabilities that can be requested to - add to the container. Capabilities in this field maybe added at the pod - author's discretion. You must not list a capability in both AllowedCapabilities - and RequiredDropCapabilities. To allow all capabilities you may use '*'. - type: list - contains: str - allowed_flex_volumes: - description: - - AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil - indicates that all Flexvolumes may be used. This parameter is effective - only when the usage of the Flexvolumes is allowed in the "Volumes" field. - type: list - contains: - driver: - description: - - Driver is the name of the Flexvolume driver. - type: str - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - default_add_capabilities: - description: - - DefaultAddCapabilities is the default set of capabilities that will be - added to the container unless the pod spec specifically drops the capability. - You may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities. - type: list - contains: str - fs_group: - description: - - FSGroup is the strategy that will dictate what fs group is used by the - SecurityContext. - type: complex - groups: - description: - - The groups that have permission to use this security context constraints - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - priority: - description: - - Priority influences the sort order of SCCs when evaluating which SCCs - to try first for a given pod request based on access in the Users and - Groups fields. The higher the int, the higher priority. An unset value - is considered a 0 priority. If scores for multiple SCCs are equal they - will be sorted from most restrictive to least restrictive. If both priorities - and restrictions are equal the SCCs will be sorted by name. - type: int - read_only_root_filesystem: - description: - - ReadOnlyRootFilesystem when set to true will force containers to run with - a read only root file system. If the container specifically requests to - run with a non-read only root file system the SCC should deny the pod. - If set to false the container may run with a read only root file system - if it wishes but it will not be forced to. - type: bool - required_drop_capabilities: - description: - - RequiredDropCapabilities are the capabilities that will be dropped from - the container. These are required to be dropped and cannot be added. - type: list - contains: str - run_as_user: - description: - - RunAsUser is the strategy that will dictate what RunAsUser is used in - the SecurityContext. - type: complex - se_linux_context: - description: - - SELinuxContext is the strategy that will dictate what labels will be set - in the SecurityContext. - type: complex - seccomp_profiles: - description: - - SeccompProfiles lists the allowed profiles that may be set for the pod - or container's seccomp annotations. An unset (nil) or empty value means - that no profiles may be specifid by the pod or container. The wildcard - '*' may be used to allow all profiles. When used to generate a value for - a pod the first non-wildcard profile will be used as the default. - type: list - contains: str - supplemental_groups: - description: - - SupplementalGroups is the strategy that will dictate what supplemental - groups are used by the SecurityContext. - type: complex - users: - description: - - The users who have permissions to use this security context constraints - type: list - contains: str - volumes: - description: - - Volumes is a white list of allowed volume plugins. FSType corresponds - directly with the field names of a VolumeSource (azureFile, configMap, - emptyDir). To allow all volumes you may use "*". To allow no volumes, - set to ["none"]. - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - '' - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('security_context_constraints_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_self_subject_rules_review.py b/library/openshift_v1_self_subject_rules_review.py deleted file mode 100644 index d0532ea4..00000000 --- a/library/openshift_v1_self_subject_rules_review.py +++ /dev/null @@ -1,122 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_self_subject_rules_review -short_description: OpenShift SelfSubjectRulesReview -description: -- Manage the lifecycle of a self_subject_rules_review object. Supports check mode, - and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_scopes: - description: - - Scopes to use for the evaluation. Empty means "use the unscoped (full) permissions - of the user/groups". Nil means "use the scopes on this request". - aliases: - - scopes - type: list - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -self_subject_rules_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - spec: - description: - - Spec adds information about how to conduct the check - type: complex - status: - description: - - Status is completed by the server to tell which permissions you have - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('self_subject_rules_review', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_stateful_set.py b/library/openshift_v1_stateful_set.py deleted file mode 100644 index 4748f5a9..00000000 --- a/library/openshift_v1_stateful_set.py +++ /dev/null @@ -1,564 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_stateful_set -short_description: OpenShift StatefulSet -description: -- Manage the lifecycle of a stateful_set object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_pod_management_policy: - description: - - podManagementPolicy controls how pods are created during initial scale up, when - replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, - where pods are created in increasing order (pod-0, then pod-1, etc) and the - controller will wait until each pod is ready before continuing. When scaling - down, the pods are removed in the opposite order. The alternative policy is - `Parallel` which will create pods in parallel to match the desired scale without - waiting, and on scale down will delete all pods at once. - aliases: - - pod_management_policy - spec_replicas: - description: - - replicas is the desired number of replicas of the given Template. These are - replicas in the sense that they are instantiations of the same Template, but - individual replicas also have a consistent identity. If unspecified, defaults - to 1. - aliases: - - replicas - type: int - spec_revision_history_limit: - description: - - revisionHistoryLimit is the maximum number of revisions that will be maintained - in the StatefulSet's revision history. The revision history consists of all - revisions not represented by a currently applied StatefulSetSpec version. The - default value is 10. - aliases: - - revision_history_limit - type: int - spec_selector_match_expressions: - description: - - matchExpressions is a list of label selector requirements. The requirements - are ANDed. - aliases: - - selector_match_expressions - type: list - spec_selector_match_labels: - description: - - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only "value". The requirements - are ANDed. - aliases: - - selector_match_labels - type: dict - spec_service_name: - description: - - 'serviceName is the name of the service that governs this StatefulSet. This - service must exist before the StatefulSet, and is responsible for the network - identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local - where "pod-specific-string" is managed by the StatefulSet controller.' - aliases: - - service_name - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_spec_active_deadline_seconds: - description: - - Optional duration in seconds the pod may be active on the node relative to StartTime - before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. - aliases: - - active_deadline_seconds - type: int - spec_template_spec_affinity_node_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_node_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms: - description: - - Required. A list of node selector terms. The terms are ORed. - aliases: - - affinity_node_affinity_required_during_scheduling_ignored_during_execution_node_selector_terms - type: list - spec_template_spec_affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution: - description: - - The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it may choose a node that violates - one or more of the expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - aliases: - - affinity_pod_anti_affinity_preferred_during_scheduling_ignored_during_execution - type: list - spec_template_spec_affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution: - description: - - If the anti-affinity requirements specified by this field are not met at scheduling - time, the pod will not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may not try to eventually evict - the pod from its node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. all terms must be - satisfied. - aliases: - - affinity_pod_anti_affinity_required_during_scheduling_ignored_during_execution - type: list - spec_template_spec_automount_service_account_token: - description: - - AutomountServiceAccountToken indicates whether a service account token should - be automatically mounted. - aliases: - - automount_service_account_token - type: bool - spec_template_spec_containers: - description: - - List of containers belonging to the pod. Containers cannot currently be added - or removed. There must be at least one container in a Pod. Cannot be updated. - aliases: - - containers - type: list - spec_template_spec_dns_policy: - description: - - Set DNS policy for containers within the pod. One of 'ClusterFirstWithHostNet', - 'ClusterFirst' or 'Default'. Defaults to "ClusterFirst". To have DNS options - set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - aliases: - - dns_policy - spec_template_spec_host_aliases: - description: - - HostAliases is an optional list of hosts and IPs that will be injected into - the pod's hosts file if specified. This is only valid for non-hostNetwork pods. - aliases: - - host_aliases - type: list - spec_template_spec_host_ipc: - description: - - "Use the host's ipc namespace. Optional: Default to false." - aliases: - - host_ipc - type: bool - spec_template_spec_host_network: - description: - - Host networking requested for this pod. Use the host's network namespace. If - this option is set, the ports that will be used must be specified. Default to - false. - aliases: - - host_network - type: bool - spec_template_spec_host_pid: - description: - - "Use the host's pid namespace. Optional: Default to false." - aliases: - - host_pid - type: bool - spec_template_spec_hostname: - description: - - Specifies the hostname of the Pod If not specified, the pod's hostname will - be set to a system-defined value. - aliases: - - hostname - spec_template_spec_image_pull_secrets: - description: - - ImagePullSecrets is an optional list of references to secrets in the same namespace - to use for pulling any of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations for them to use. - For example, in the case of docker, only DockerConfig type secrets are honored. - aliases: - - image_pull_secrets - type: list - spec_template_spec_init_containers: - description: - - List of initialization containers belonging to the pod. Init containers are - executed in order prior to containers being started. If any init container fails, - the pod is considered to have failed and is handled according to its restartPolicy. - The name for an init container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, Readiness probes, - or Liveness probes. The resourceRequirements of an init container are taken - into account during scheduling by finding the highest request/limit for each - resource type, and then using the max of of that value or the sum of the normal - containers. Limits are applied to init containers in a similar fashion. Init - containers cannot currently be added or removed. Cannot be updated. - aliases: - - init_containers - type: list - spec_template_spec_node_name: - description: - - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits - resource requirements. - aliases: - - node_name - spec_template_spec_node_selector: - description: - - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that - node. - aliases: - - node_selector - type: dict - spec_template_spec_priority: - description: - - The priority value. Various system components use this field to find the priority - of the pod. When Priority Admission Controller is enabled, it prevents users - from setting this field. The admission controller populates this field from - PriorityClassName. The higher the value, the higher the priority. - aliases: - - priority - type: int - spec_template_spec_priority_class_name: - description: - - If specified, indicates the pod's priority. "SYSTEM" is a special keyword which - indicates the highest priority. Any other name must be defined by creating a - PriorityClass object with that name. If not specified, the pod priority will - be default or zero if there is no default. - aliases: - - priority_class_name - spec_template_spec_restart_policy: - description: - - Restart policy for all containers within the pod. One of Always, OnFailure, - Never. Default to Always. - aliases: - - restart_policy - spec_template_spec_scheduler_name: - description: - - If specified, the pod will be dispatched by specified scheduler. If not specified, - the pod will be dispatched by default scheduler. - aliases: - - scheduler_name - spec_template_spec_security_context_fs_group: - description: - - "A special supplemental group that applies to all containers in a pod. Some\ - \ volume types allow the Kubelet to change the ownership of that volume to be\ - \ owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit\ - \ is set (new files created in the volume will be owned by FSGroup) 3. The permission\ - \ bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership\ - \ and permissions of any volume." - aliases: - - security_context_fs_group - type: int - spec_template_spec_security_context_run_as_non_root: - description: - - Indicates that the container must run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure that it does not run as UID 0 (root) - and fail to start the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes precedence. - aliases: - - security_context_run_as_non_root - type: bool - spec_template_spec_security_context_run_as_user: - description: - - The UID to run the entrypoint of the container process. Defaults to user specified - in image metadata if unspecified. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - aliases: - - security_context_run_as_user - type: int - spec_template_spec_security_context_se_linux_options_level: - description: - - Level is SELinux level label that applies to the container. - aliases: - - security_context_se_linux_options_level - spec_template_spec_security_context_se_linux_options_role: - description: - - Role is a SELinux role label that applies to the container. - aliases: - - security_context_se_linux_options_role - spec_template_spec_security_context_se_linux_options_type: - description: - - Type is a SELinux type label that applies to the container. - aliases: - - security_context_se_linux_options_type - spec_template_spec_security_context_se_linux_options_user: - description: - - User is a SELinux user label that applies to the container. - aliases: - - security_context_se_linux_options_user - spec_template_spec_security_context_supplemental_groups: - description: - - A list of groups applied to the first process run in each container, in addition - to the container's primary GID. If unspecified, no groups will be added to any - container. - aliases: - - security_context_supplemental_groups - type: list - spec_template_spec_service_account: - description: - - 'DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: - Use serviceAccountName instead.' - aliases: - - service_account - spec_template_spec_service_account_name: - description: - - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - aliases: - - service_account_name - spec_template_spec_subdomain: - description: - - If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a - domainname at all. - aliases: - - subdomain - spec_template_spec_termination_grace_period_seconds: - description: - - Optional duration in seconds the pod needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace period will be used - instead. The grace period is the duration in seconds after the processes running - in the pod are sent a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. - aliases: - - termination_grace_period_seconds - type: int - spec_template_spec_tolerations: - description: - - If specified, the pod's tolerations. - aliases: - - tolerations - type: list - spec_template_spec_volumes: - description: - - List of volumes that can be mounted by containers belonging to the pod. - aliases: - - volumes - type: list - spec_update_strategy_rolling_update_partition: - description: - - Partition indicates the ordinal at which the StatefulSet should be partitioned. - Default value is 0. - aliases: - - update_strategy_rolling_update_partition - type: int - spec_update_strategy_type: - description: - - Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. - aliases: - - update_strategy_type - spec_volume_claim_templates: - description: - - volumeClaimTemplates is a list of claims that pods are allowed to reference. - The StatefulSet controller is responsible for mapping network identities to - claims in a way that maintains the identity of a pod. Every claim in this list - must have at least one matching (by name) volumeMount in one container in the - template. A claim in this list takes precedence over any volumes in the template, - with the same name. - aliases: - - volume_claim_templates - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -stateful_set: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec defines the desired identities of pods in this set. - type: complex - status: - description: - - Status is the current status of Pods in this StatefulSet. This data may be - out of date by some window of time. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('stateful_set', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_stateful_set_list.py b/library/openshift_v1_stateful_set_list.py deleted file mode 100644 index 786b233e..00000000 --- a/library/openshift_v1_stateful_set_list.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_stateful_set_list -short_description: OpenShift StatefulSetList -description: -- Retrieve a list of stateful_sets. List operations provide a snapshot read of the - underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -stateful_set_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: [] - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - spec: - description: - - Spec defines the desired identities of pods in this set. - type: complex - status: - description: - - Status is the current status of Pods in this StatefulSet. This data may - be out of date by some window of time. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('stateful_set_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_subject_rules_review.py b/library/openshift_v1_subject_rules_review.py deleted file mode 100644 index 560dc3b1..00000000 --- a/library/openshift_v1_subject_rules_review.py +++ /dev/null @@ -1,134 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_subject_rules_review -short_description: OpenShift SubjectRulesReview -description: -- Manage the lifecycle of a subject_rules_review object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - spec_groups: - description: - - Groups is optional. Groups is the list of groups to which the User belongs. - At least one of User and Groups must be specified. - aliases: - - groups - type: list - spec_scopes: - description: - - Scopes to use for the evaluation. Empty means "use the unscoped (full) permissions - of the user/groups". - aliases: - - scopes - type: list - spec_user: - description: - - User is optional. At least one of User and Groups must be specified. - aliases: - - user - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -subject_rules_review: - type: complex - returned: on success - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - spec: - description: - - Spec adds information about how to conduct the check - type: complex - status: - description: - - Status is completed by the server to tell which permissions you have - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('subject_rules_review', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_template.py b/library/openshift_v1_template.py deleted file mode 100644 index 8fdd2d0b..00000000 --- a/library/openshift_v1_template.py +++ /dev/null @@ -1,250 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_template -short_description: OpenShift Template -description: -- Manage the lifecycle of a template object. Supports check mode, and attempts to - to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - message: - description: - - message is an optional instructional message that will be displayed when this - template is instantiated. This field should inform the user how to utilize the - newly created resources. Parameter substitution will be performed on the message - before being displayed so that generated credentials and other parameters can - be included in the output. - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - objects: - description: - - objects is an array of resources to include in this template. If a namespace - value is hardcoded in the object, it will be removed during template instantiation, - however if the namespace value is, or contains, a ${PARAMETER_REFERENCE}, the - resolved value after parameter substitution will be respected and the object - will be created in that namespace. - type: list - parameters: - description: - - parameters is an optional array of Parameters used during the Template to Config - transformation. - type: list - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -template: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - labels: - description: - - labels is a optional set of labels that are applied to every object during - the Template to Config transformation. - type: complex - contains: str, str - message: - description: - - message is an optional instructional message that will be displayed when this - template is instantiated. This field should inform the user how to utilize - the newly created resources. Parameter substitution will be performed on the - message before being displayed so that generated credentials and other parameters - can be included in the output. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - objects: - description: - - objects is an array of resources to include in this template. If a namespace - value is hardcoded in the object, it will be removed during template instantiation, - however if the namespace value is, or contains, a ${PARAMETER_REFERENCE}, - the resolved value after parameter substitution will be respected and the - object will be created in that namespace. - type: list - contains: - raw: - description: - - Raw is the underlying serialization of this object. - type: str - parameters: - description: - - parameters is an optional array of Parameters used during the Template to - Config transformation. - type: list - contains: - from: - description: - - From is an input value for the generator. Optional. - type: str - description: - description: - - Description of a parameter. Optional. - type: str - display_name: - description: - - "Optional: The name that will show in UI instead of parameter 'Name'" - type: str - generate: - description: - - 'generate specifies the generator to be used to generate random string - from an input value specified by From field. The result string is stored - into Value field. If empty, no generator is being used, leaving the result - Value untouched. Optional. The only supported generator is "expression", - which accepts a "from" value in the form of a simple regular expression - containing the range expression "[a-zA-Z0-9]", and the length expression - "a{length}". Examples: from | value ----------------------------- "test[0-9]{1}x" - | "test7x" "[0-1]{8}" | "01001100" "0x[A-F0-9]{4}" | "0xB3AF" "[a-zA-Z0-9]{8}" - | "hW4yQU5i"' - type: str - name: - description: - - Name must be set and it can be referenced in Template Items using ${PARAMETER_NAME}. - Required. - type: str - required: - description: - - 'Optional: Indicates the parameter must have a value. Defaults to false.' - type: bool - value: - description: - - Value holds the Parameter data. If specified, the generator will be ignored. - The value replaces all occurrences of the Parameter ${Name} expression - during the Template to Config transformation. Optional. - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('template', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_template_instance.py b/library/openshift_v1_template_instance.py deleted file mode 100644 index f87a3c3f..00000000 --- a/library/openshift_v1_template_instance.py +++ /dev/null @@ -1,263 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_template_instance -short_description: OpenShift TemplateInstance -description: -- Manage the lifecycle of a template_instance object. Supports check mode, and attempts - to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - spec_requester_extra: - description: - - extra holds additional information provided by the authenticator. - aliases: - - requester_extra - type: dict - spec_requester_groups: - description: - - groups represent the groups this user is a part of. - aliases: - - requester_groups - type: list - spec_requester_uid: - description: - - uid is a unique value that identifies this user across time; if this user is - deleted and another user by the same name is added, they will have different - UIDs. - aliases: - - requester_uid - spec_requester_username: - description: - - username uniquely identifies this user among all active users. - aliases: - - requester_username - spec_secret_name: - description: - - Name of the referent. - aliases: - - secret_name - spec_template_api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - aliases: - - api_version - spec_template_kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - aliases: - - kind - spec_template_labels: - description: - - labels is a optional set of labels that are applied to every object during the - Template to Config transformation. - type: dict - spec_template_message: - description: - - message is an optional instructional message that will be displayed when this - template is instantiated. This field should inform the user how to utilize the - newly created resources. Parameter substitution will be performed on the message - before being displayed so that generated credentials and other parameters can - be included in the output. - aliases: - - message - spec_template_metadata_annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - spec_template_metadata_labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - spec_template_metadata_name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - spec_template_metadata_namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - spec_template_objects: - description: - - objects is an array of resources to include in this template. If a namespace - value is hardcoded in the object, it will be removed during template instantiation, - however if the namespace value is, or contains, a ${PARAMETER_REFERENCE}, the - resolved value after parameter substitution will be respected and the object - will be created in that namespace. - aliases: - - objects - type: list - spec_template_parameters: - description: - - parameters is an optional array of Parameters used during the Template to Config - transformation. - aliases: - - parameters - type: list - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -template_instance: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - spec describes the desired state of this TemplateInstance. - type: complex - status: - description: - - status describes the current state of this TemplateInstance. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('template_instance', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_template_instance_list.py b/library/openshift_v1_template_instance_list.py deleted file mode 100644 index 28a7f136..00000000 --- a/library/openshift_v1_template_instance_list.py +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_template_instance_list -short_description: OpenShift TemplateInstanceList -description: -- Retrieve a list of template_instances. List operations provide a snapshot read of - the underlying objects, returning a resource_version representing a consistent version - of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -template_instance_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - items is a list of Templateinstances - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex - spec: - description: - - spec describes the desired state of this TemplateInstance. - type: complex - status: - description: - - status describes the current state of this TemplateInstance. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('template_instance_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_template_list.py b/library/openshift_v1_template_list.py deleted file mode 100644 index 117b383f..00000000 --- a/library/openshift_v1_template_list.py +++ /dev/null @@ -1,230 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_template_list -short_description: OpenShift TemplateList -description: -- Retrieve a list of templates. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -template_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of templates - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - labels: - description: - - labels is a optional set of labels that are applied to every object during - the Template to Config transformation. - type: complex - contains: str, str - message: - description: - - message is an optional instructional message that will be displayed when - this template is instantiated. This field should inform the user how to - utilize the newly created resources. Parameter substitution will be performed - on the message before being displayed so that generated credentials and - other parameters can be included in the output. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - objects: - description: - - objects is an array of resources to include in this template. If a namespace - value is hardcoded in the object, it will be removed during template instantiation, - however if the namespace value is, or contains, a ${PARAMETER_REFERENCE}, - the resolved value after parameter substitution will be respected and - the object will be created in that namespace. - type: list - contains: - raw: - description: - - Raw is the underlying serialization of this object. - type: str - parameters: - description: - - parameters is an optional array of Parameters used during the Template - to Config transformation. - type: list - contains: - from: - description: - - From is an input value for the generator. Optional. - type: str - description: - description: - - Description of a parameter. Optional. - type: str - display_name: - description: - - "Optional: The name that will show in UI instead of parameter 'Name'" - type: str - generate: - description: - - 'generate specifies the generator to be used to generate random string - from an input value specified by From field. The result string is - stored into Value field. If empty, no generator is being used, leaving - the result Value untouched. Optional. The only supported generator - is "expression", which accepts a "from" value in the form of a simple - regular expression containing the range expression "[a-zA-Z0-9]", - and the length expression "a{length}". Examples: from | value ----------------------------- - "test[0-9]{1}x" | "test7x" "[0-1]{8}" | "01001100" "0x[A-F0-9]{4}" - | "0xB3AF" "[a-zA-Z0-9]{8}" | "hW4yQU5i"' - type: str - name: - description: - - Name must be set and it can be referenced in Template Items using - ${PARAMETER_NAME}. Required. - type: str - required: - description: - - 'Optional: Indicates the parameter must have a value. Defaults to - false.' - type: bool - value: - description: - - Value holds the Parameter data. If specified, the generator will be - ignored. The value replaces all occurrences of the Parameter ${Name} - expression during the Template to Config transformation. Optional. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('template_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_user.py b/library/openshift_v1_user.py deleted file mode 100644 index b95eac40..00000000 --- a/library/openshift_v1_user.py +++ /dev/null @@ -1,187 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_user -short_description: OpenShift User -description: -- Manage the lifecycle of a user object. Supports check mode, and attempts to to be - idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - full_name: - description: - - FullName is the full name of user - groups: - description: - - Groups specifies group names this user is a member of. This field is deprecated - and will be removed in a future release. Instead, create a Group object containing - the name of this User. - type: list - host: - description: - - Provide a URL for acessing the Kubernetes API. - identities: - description: - - Identities are the identities associated with this user - type: list - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -user: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - full_name: - description: - - FullName is the full name of user - type: str - groups: - description: - - Groups specifies group names this user is a member of. This field is deprecated - and will be removed in a future release. Instead, create a Group object containing - the name of this User. - type: list - contains: str - identities: - description: - - Identities are the identities associated with this user - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('user', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_user_identity_mapping.py b/library/openshift_v1_user_identity_mapping.py deleted file mode 100644 index 5760b8cf..00000000 --- a/library/openshift_v1_user_identity_mapping.py +++ /dev/null @@ -1,230 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_user_identity_mapping -short_description: OpenShift UserIdentityMapping -description: -- Manage the lifecycle of a user_identity_mapping object. Supports check mode, and - attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - identity_api_version: - description: - - API version of the referent. - aliases: - - api_version - identity_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - identity_kind: - description: - - Kind of the referent. - aliases: - - kind - identity_name: - description: - - Name of the referent. - identity_namespace: - description: - - Namespace of the referent. - identity_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - identity_uid: - description: - - UID of the referent. - aliases: - - uid - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - user_api_version: - description: - - API version of the referent. - user_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - user_kind: - description: - - Kind of the referent. - user_name: - description: - - Name of the referent. - user_namespace: - description: - - Namespace of the referent. - user_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - user_uid: - description: - - UID of the referent. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -user_identity_mapping: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - identity: - description: - - Identity is a reference to an identity - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - user: - description: - - User is a reference to a user - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('user_identity_mapping', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1_user_list.py b/library/openshift_v1_user_list.py deleted file mode 100644 index 8750b710..00000000 --- a/library/openshift_v1_user_list.py +++ /dev/null @@ -1,173 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1_user_list -short_description: OpenShift UserList -description: -- Retrieve a list of users. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -user_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is the list of users - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - full_name: - description: - - FullName is the full name of user - type: str - groups: - description: - - Groups specifies group names this user is a member of. This field is deprecated - and will be removed in a future release. Instead, create a Group object - containing the name of this User. - type: list - contains: str - identities: - description: - - Identities are the identities associated with this user - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object's metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('user_list', 'v1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1beta1_event.py b/library/openshift_v1beta1_event.py deleted file mode 100644 index b5c1d409..00000000 --- a/library/openshift_v1beta1_event.py +++ /dev/null @@ -1,341 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1beta1_event -short_description: OpenShift Event -description: -- Manage the lifecycle of a event object. Supports check mode, and attempts to to - be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - action: - description: - - What action was taken/failed regarding to the regarding object. - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - deprecated_count: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: int - deprecated_first_timestamp: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - deprecated_last_timestamp: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - deprecated_source_component: - description: - - Component from which the event is generated. - aliases: - - component - deprecated_source_host: - description: - - Node name on which the event is generated. - event_time: - description: - - Required. Time when this Event was first observed. - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - note: - description: - - Optional. A human-readable description of the status of this operation. Maximal - length of the note is 1kB, but libraries should be prepared to handle values - up to 64kB. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - reason: - description: - - Why the action was taken. - regarding_api_version: - description: - - API version of the referent. - aliases: - - api_version - regarding_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - aliases: - - field_path - regarding_kind: - description: - - Kind of the referent. - aliases: - - kind - regarding_name: - description: - - Name of the referent. - regarding_namespace: - description: - - Namespace of the referent. - regarding_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - aliases: - - resource_version - regarding_uid: - description: - - UID of the referent. - aliases: - - uid - related_api_version: - description: - - API version of the referent. - related_field_path: - description: - - 'If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would - take on a value like: "spec.containers{name}" (where "name" refers to the name - of the container that triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of an object.' - related_kind: - description: - - Kind of the referent. - related_name: - description: - - Name of the referent. - related_namespace: - description: - - Namespace of the referent. - related_resource_version: - description: - - Specific resourceVersion to which this reference is made, if any. - related_uid: - description: - - UID of the referent. - reporting_controller: - description: - - Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`. - reporting_instance: - description: - - ID of the controller instance, e.g. `kubelet-xyzf`. - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - series_count: - description: - - Number of occurrences in this series up to the last heartbeat time - aliases: - - count - type: int - series_last_observed_time: - description: - - Time when last Event from the series was seen before last heartbeat. - aliases: - - last_observed_time - series_state: - description: - - Information whether this series is ongoing or finished. - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - type: - description: - - Type of this event (Normal, Warning), new types could be added in the future. - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -event: - type: complex - returned: when I(state) = C(present) - contains: - action: - description: - - What action was taken/failed regarding to the regarding object. - type: str - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - deprecated_count: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: int - deprecated_first_timestamp: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: complex - contains: {} - deprecated_last_timestamp: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: complex - contains: {} - deprecated_source: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: complex - event_time: - description: - - Required. Time when this Event was first observed. - type: complex - contains: {} - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - note: - description: - - Optional. A human-readable description of the status of this operation. Maximal - length of the note is 1kB, but libraries should be prepared to handle values - up to 64kB. - type: str - reason: - description: - - Why the action was taken. - type: str - regarding: - description: - - The object this Event is about. In most cases it's an Object reporting controller - implements. E.g. ReplicaSetController implements ReplicaSets and this event - is emitted because it acts on some changes in a ReplicaSet object. - type: complex - related: - description: - - Optional secondary object for more complex actions. E.g. when regarding object - triggers a creation or deletion of related object. - type: complex - reporting_controller: - description: - - Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`. - type: str - reporting_instance: - description: - - ID of the controller instance, e.g. `kubelet-xyzf`. - type: str - series: - description: - - Data about the Event series this event represents or nil if it's a singleton - Event. - type: complex - type: - description: - - Type of this event (Normal, Warning), new types could be added in the future. - type: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('event', 'v1beta1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1beta1_event_list.py b/library/openshift_v1beta1_event_list.py deleted file mode 100644 index fb56a6e1..00000000 --- a/library/openshift_v1beta1_event_list.py +++ /dev/null @@ -1,223 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1beta1_event_list -short_description: OpenShift EventList -description: -- Retrieve a list of events. List operations provide a snapshot read of the underlying - objects, returning a resource_version representing a consistent version of the listed - objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -event_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - Items is a list of schema objects. - type: list - contains: - action: - description: - - What action was taken/failed regarding to the regarding object. - type: str - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - deprecated_count: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: int - deprecated_first_timestamp: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: complex - contains: {} - deprecated_last_timestamp: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: complex - contains: {} - deprecated_source: - description: - - Deprecated field assuring backward compatibility with core.v1 Event type - type: complex - event_time: - description: - - Required. Time when this Event was first observed. - type: complex - contains: {} - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: [] - type: complex - note: - description: - - Optional. A human-readable description of the status of this operation. - Maximal length of the note is 1kB, but libraries should be prepared to - handle values up to 64kB. - type: str - reason: - description: - - Why the action was taken. - type: str - regarding: - description: - - The object this Event is about. In most cases it's an Object reporting - controller implements. E.g. ReplicaSetController implements ReplicaSets - and this event is emitted because it acts on some changes in a ReplicaSet - object. - type: complex - related: - description: - - Optional secondary object for more complex actions. E.g. when regarding - object triggers a creation or deletion of related object. - type: complex - reporting_controller: - description: - - Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`. - type: str - reporting_instance: - description: - - ID of the controller instance, e.g. `kubelet-xyzf`. - type: str - series: - description: - - Data about the Event series this event represents or nil if it's a singleton - Event. - type: complex - type: - description: - - Type of this event (Normal, Warning), new types could be added in the - future. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('event_list', 'v1beta1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1beta1_mutating_webhook_configuration.py b/library/openshift_v1beta1_mutating_webhook_configuration.py deleted file mode 100644 index cf130183..00000000 --- a/library/openshift_v1beta1_mutating_webhook_configuration.py +++ /dev/null @@ -1,238 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1beta1_mutating_webhook_configuration -short_description: OpenShift MutatingWebhookConfiguration -description: -- Manage the lifecycle of a mutating_webhook_configuration object. Supports check - mode, and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool - webhooks: - description: - - Webhooks is a list of webhooks and the affected resources and operations. - type: list -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -mutating_webhook_configuration: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - webhooks: - description: - - Webhooks is a list of webhooks and the affected resources and operations. - type: list - contains: - client_config: - description: - - ClientConfig defines how to communicate with the hook. Required - type: complex - failure_policy: - description: - - FailurePolicy defines how unrecognized errors from the admission endpoint - are handled - allowed values are Ignore or Fail. Defaults to Ignore. - type: str - name: - description: - - The name of the admission webhook. Name should be fully qualified, e.g., - imagepolicy.kubernetes.io, where "imagepolicy" is the name of the webhook, - and kubernetes.io is the name of the organization. Required. - type: str - namespace_selector: - description: - - 'NamespaceSelector decides whether to run the webhook on an object based - on whether the namespace for that object matches the selector. If the - object itself is a namespace, the matching is performed on object.metadata.labels. - If the object is other cluster scoped resource, it is not subjected to - the webhook. For example, to run the webhook on any objects whose namespace - is not associated with "runlevel" of "0" or "1"; you will set the selector - as follows: "namespaceSelector": { "matchExpressions": [ { "key": "runlevel", - "operator": "NotIn", "values": [ "0", "1" ] } ] } If instead you want - to only run the webhook on any objects whose namespace is associated with - the "environment" of "prod" or "staging"; you will set the selector as - follows: "namespaceSelector": { "matchExpressions": [ { "key": "environment", - "operator": "In", "values": [ "prod", "staging" ] } ] } See for more examples - of label selectors. Default to the empty LabelSelector, which matches - everything.' - type: complex - rules: - description: - - Rules describes what operations on what resources/subresources the webhook - cares about. The webhook cares about an operation if it matches _any_ - Rule. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all groups. - If '*' is present, the length of the slice must be one. Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is all - versions. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - operations: - description: - - Operations is the operations the admission hook cares about - CREATE, - UPDATE, or * for all operations. If '*' is present, the length of - the slice must be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means all\ - \ subresources of pods. '*/scale' means all scale subresources. '*/*'\ - \ means all resources and their subresources. If wildcard is present,\ - \ the validation rule will ensure resources do not overlap with each\ - \ other. Depending on the enclosing object, subresources might not\ - \ be allowed. Required." - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('mutating_webhook_configuration', 'v1beta1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1beta1_mutating_webhook_configuration_list.py b/library/openshift_v1beta1_mutating_webhook_configuration_list.py deleted file mode 100644 index 6b3279bc..00000000 --- a/library/openshift_v1beta1_mutating_webhook_configuration_list.py +++ /dev/null @@ -1,234 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1beta1_mutating_webhook_configuration_list -short_description: OpenShift MutatingWebhookConfigurationList -description: -- Retrieve a list of mutating_webhook_configurations. List operations provide a snapshot - read of the underlying objects, returning a resource_version representing a consistent - version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -mutating_webhook_configuration_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of MutatingWebhookConfiguration. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - webhooks: - description: - - Webhooks is a list of webhooks and the affected resources and operations. - type: list - contains: - client_config: - description: - - ClientConfig defines how to communicate with the hook. Required - type: complex - failure_policy: - description: - - FailurePolicy defines how unrecognized errors from the admission endpoint - are handled - allowed values are Ignore or Fail. Defaults to Ignore. - type: str - name: - description: - - The name of the admission webhook. Name should be fully qualified, - e.g., imagepolicy.kubernetes.io, where "imagepolicy" is the name of - the webhook, and kubernetes.io is the name of the organization. Required. - type: str - namespace_selector: - description: - - 'NamespaceSelector decides whether to run the webhook on an object - based on whether the namespace for that object matches the selector. - If the object itself is a namespace, the matching is performed on - object.metadata.labels. If the object is other cluster scoped resource, - it is not subjected to the webhook. For example, to run the webhook - on any objects whose namespace is not associated with "runlevel" of - "0" or "1"; you will set the selector as follows: "namespaceSelector": - { "matchExpressions": [ { "key": "runlevel", "operator": "NotIn", - "values": [ "0", "1" ] } ] } If instead you want to only run the webhook - on any objects whose namespace is associated with the "environment" - of "prod" or "staging"; you will set the selector as follows: "namespaceSelector": - { "matchExpressions": [ { "key": "environment", "operator": "In", - "values": [ "prod", "staging" ] } ] } See for more examples of label - selectors. Default to the empty LabelSelector, which matches everything.' - type: complex - rules: - description: - - Rules describes what operations on what resources/subresources the - webhook cares about. The webhook cares about an operation if it matches - _any_ Rule. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all - groups. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is - all versions. If '*' is present, the length of the slice must - be one. Required. - type: list - contains: str - operations: - description: - - Operations is the operations the admission hook cares about - - CREATE, UPDATE, or * for all operations. If '*' is present, the - length of the slice must be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means\ - \ all subresources of pods. '*/scale' means all scale subresources.\ - \ '*/*' means all resources and their subresources. If wildcard\ - \ is present, the validation rule will ensure resources do not\ - \ overlap with each other. Depending on the enclosing object,\ - \ subresources might not be allowed. Required." - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('mutating_webhook_configuration_list', 'v1beta1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1beta1_validating_webhook_configuration.py b/library/openshift_v1beta1_validating_webhook_configuration.py deleted file mode 100644 index 7bd1fdfc..00000000 --- a/library/openshift_v1beta1_validating_webhook_configuration.py +++ /dev/null @@ -1,238 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1beta1_validating_webhook_configuration -short_description: OpenShift ValidatingWebhookConfiguration -description: -- Manage the lifecycle of a validating_webhook_configuration object. Supports check - mode, and attempts to to be idempotent. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - annotations: - description: - - Annotations is an unstructured key value map stored with a resource that may - be set by external tools to store and retrieve arbitrary metadata. They are - not queryable and should be preserved when modifying objects. - type: dict - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - labels: - description: - - Map of string keys and values that can be used to organize and categorize (scope - and select) objects. May match selectors of replication controllers and services. - type: dict - name: - description: - - Name must be unique within a namespace. Is required when creating resources, - although some resources may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation idempotence and - configuration definition. Cannot be updated. - namespace: - description: - - Namespace defines the space within each name must be unique. An empty namespace - is equivalent to the "default" namespace, but "default" is the canonical representation. - Not all objects are required to be scoped to a namespace - the value of this - field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool - webhooks: - description: - - Webhooks is a list of webhooks and the affected resources and operations. - type: list -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -validating_webhook_configuration: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - webhooks: - description: - - Webhooks is a list of webhooks and the affected resources and operations. - type: list - contains: - client_config: - description: - - ClientConfig defines how to communicate with the hook. Required - type: complex - failure_policy: - description: - - FailurePolicy defines how unrecognized errors from the admission endpoint - are handled - allowed values are Ignore or Fail. Defaults to Ignore. - type: str - name: - description: - - The name of the admission webhook. Name should be fully qualified, e.g., - imagepolicy.kubernetes.io, where "imagepolicy" is the name of the webhook, - and kubernetes.io is the name of the organization. Required. - type: str - namespace_selector: - description: - - 'NamespaceSelector decides whether to run the webhook on an object based - on whether the namespace for that object matches the selector. If the - object itself is a namespace, the matching is performed on object.metadata.labels. - If the object is other cluster scoped resource, it is not subjected to - the webhook. For example, to run the webhook on any objects whose namespace - is not associated with "runlevel" of "0" or "1"; you will set the selector - as follows: "namespaceSelector": { "matchExpressions": [ { "key": "runlevel", - "operator": "NotIn", "values": [ "0", "1" ] } ] } If instead you want - to only run the webhook on any objects whose namespace is associated with - the "environment" of "prod" or "staging"; you will set the selector as - follows: "namespaceSelector": { "matchExpressions": [ { "key": "environment", - "operator": "In", "values": [ "prod", "staging" ] } ] } See for more examples - of label selectors. Default to the empty LabelSelector, which matches - everything.' - type: complex - rules: - description: - - Rules describes what operations on what resources/subresources the webhook - cares about. The webhook cares about an operation if it matches _any_ - Rule. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all groups. - If '*' is present, the length of the slice must be one. Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is all - versions. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - operations: - description: - - Operations is the operations the admission hook cares about - CREATE, - UPDATE, or * for all operations. If '*' is present, the length of - the slice must be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means all\ - \ subresources of pods. '*/scale' means all scale subresources. '*/*'\ - \ means all resources and their subresources. If wildcard is present,\ - \ the validation rule will ensure resources do not overlap with each\ - \ other. Depending on the enclosing object, subresources might not\ - \ be allowed. Required." - type: list - contains: str -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('validating_webhook_configuration', 'v1beta1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/library/openshift_v1beta1_validating_webhook_configuration_list.py b/library/openshift_v1beta1_validating_webhook_configuration_list.py deleted file mode 100644 index 583599ae..00000000 --- a/library/openshift_v1beta1_validating_webhook_configuration_list.py +++ /dev/null @@ -1,234 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -from ansible.module_utils.openshift_common import OpenShiftAnsibleModule, OpenShiftAnsibleException - -DOCUMENTATION = ''' -module: openshift_v1beta1_validating_webhook_configuration_list -short_description: OpenShift ValidatingWebhookConfigurationList -description: -- Retrieve a list of validating_webhook_configurations. List operations provide a - snapshot read of the underlying objects, returning a resource_version representing - a consistent version of the listed objects. -version_added: 2.3.0 -author: OpenShift (@openshift) -options: - api_key: - description: - - Token used to connect to the API. - cert_file: - description: - - Path to a certificate used to authenticate with the API. - type: path - context: - description: - - The name of a context found in the Kubernetes config file. - debug: - description: - - Enable debug output from the OpenShift helper. Logging info is written to KubeObjHelper.log - default: false - type: bool - force: - description: - - If set to C(True), and I(state) is C(present), an existing object will updated, - and lists will be replaced, rather than merged. - default: false - type: bool - host: - description: - - Provide a URL for acessing the Kubernetes API. - key_file: - description: - - Path to a key file used to authenticate with the API. - type: path - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the openshift client will attempt to load the default - configuration file from I(~/.kube/config.json). - type: path - password: - description: - - Provide a password for connecting to the API. Use in conjunction with I(username). - resource_definition: - description: - - Provide the YAML definition for the object, bypassing any modules parameters - intended to define object attributes. - type: dict - src: - description: - - Provide a path to a file containing the YAML definition of the object. Mutually - exclusive with I(resource_definition). - type: path - ssl_ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. - type: path - state: - description: - - Determines if an object should be created, patched, or deleted. When set to - C(present), the object will be created, if it does not exist, or patched, if - parameter values differ from the existing object's attributes, and deleted, - if set to C(absent). A patch operation results in merging lists and updating - dictionaries, with lists being merged into a unique set of values. If a list - contains a dictionary with a I(name) or I(type) attribute, a strategic merge - is performed, where individual elements with a matching I(name_) or I(type) - are merged. To force the replacement of lists, set the I(force) option to C(True). - default: present - choices: - - present - - absent - username: - description: - - Provide a username for connecting to the API. - verify_ssl: - description: - - Whether or not to verify the API server's SSL certificates. - type: bool -requirements: -- openshift == 0.4.0.a1 -''' - -EXAMPLES = ''' -''' - -RETURN = ''' -api_version: - description: Requested API version - type: string -validating_webhook_configuration_list: - type: complex - returned: when I(state) = C(present) - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - type: str - items: - description: - - List of ValidatingWebhookConfiguration. - type: list - contains: - api_version: - description: - - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, - and may reject unrecognized values. - type: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - type: str - metadata: - description: - - Standard object metadata; - type: complex - webhooks: - description: - - Webhooks is a list of webhooks and the affected resources and operations. - type: list - contains: - client_config: - description: - - ClientConfig defines how to communicate with the hook. Required - type: complex - failure_policy: - description: - - FailurePolicy defines how unrecognized errors from the admission endpoint - are handled - allowed values are Ignore or Fail. Defaults to Ignore. - type: str - name: - description: - - The name of the admission webhook. Name should be fully qualified, - e.g., imagepolicy.kubernetes.io, where "imagepolicy" is the name of - the webhook, and kubernetes.io is the name of the organization. Required. - type: str - namespace_selector: - description: - - 'NamespaceSelector decides whether to run the webhook on an object - based on whether the namespace for that object matches the selector. - If the object itself is a namespace, the matching is performed on - object.metadata.labels. If the object is other cluster scoped resource, - it is not subjected to the webhook. For example, to run the webhook - on any objects whose namespace is not associated with "runlevel" of - "0" or "1"; you will set the selector as follows: "namespaceSelector": - { "matchExpressions": [ { "key": "runlevel", "operator": "NotIn", - "values": [ "0", "1" ] } ] } If instead you want to only run the webhook - on any objects whose namespace is associated with the "environment" - of "prod" or "staging"; you will set the selector as follows: "namespaceSelector": - { "matchExpressions": [ { "key": "environment", "operator": "In", - "values": [ "prod", "staging" ] } ] } See for more examples of label - selectors. Default to the empty LabelSelector, which matches everything.' - type: complex - rules: - description: - - Rules describes what operations on what resources/subresources the - webhook cares about. The webhook cares about an operation if it matches - _any_ Rule. - type: list - contains: - api_groups: - description: - - APIGroups is the API groups the resources belong to. '*' is all - groups. If '*' is present, the length of the slice must be one. - Required. - type: list - contains: str - api_versions: - description: - - APIVersions is the API versions the resources belong to. '*' is - all versions. If '*' is present, the length of the slice must - be one. Required. - type: list - contains: str - operations: - description: - - Operations is the operations the admission hook cares about - - CREATE, UPDATE, or * for all operations. If '*' is present, the - length of the slice must be one. Required. - type: list - contains: str - resources: - description: - - "Resources is a list of resources this rule applies to. For example:\ - \ 'pods' means pods. 'pods/log' means the log subresource of pods.\ - \ '*' means all resources, but not subresources. 'pods/*' means\ - \ all subresources of pods. '*/scale' means all scale subresources.\ - \ '*/*' means all resources and their subresources. If wildcard\ - \ is present, the validation rule will ensure resources do not\ - \ overlap with each other. Depending on the enclosing object,\ - \ subresources might not be allowed. Required." - type: list - contains: str - kind: - description: - - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. - type: str - metadata: - description: - - Standard list metadata. - type: complex -''' - - -def main(): - try: - module = OpenShiftAnsibleModule('validating_webhook_configuration_list', 'v1beta1') - except OpenShiftAnsibleException as exc: - # The helper failed to init, so there is no module object. All we can do is raise the error. - raise Exception(exc.message) - - try: - module.execute_module() - except OpenShiftAnsibleException as exc: - module.fail_json(msg="Module failed!", error=str(exc)) - - -if __name__ == '__main__': - main() diff --git a/meta/main.yml b/meta/main.yml deleted file mode 100644 index 8f509dd8..00000000 --- a/meta/main.yml +++ /dev/null @@ -1,52 +0,0 @@ -galaxy_info: - author: Ansible - description: Pre-release Kubernetes modules - company: Ansible by Red Hat - - # If the issue tracker for your role is not on github, uncomment the - # next line and provide a value - issue_tracker_url: https://github.com/openshift/openshift-restclient-python/issues - - # Some suggested licenses: - # - BSD (default) - # - MIT - # - GPLv2 - # - GPLv3 - # - Apache - # - CC-BY - license: Apache V2 - - min_ansible_version: 2.3 - - # Optionally specify the branch Galaxy will use when accessing the GitHub - # repo for this role. During role install, if no tags are available, - # Galaxy will use this branch. During import Galaxy will access files on - # this branch. If travis integration is cofigured, only notification for this - # branch will be accepted. Otherwise, in all cases, the repo's default branch - # (usually master) will be used. - #github_branch: - - # - # Below are all platforms currently available. Just uncomment - # the ones that apply to your role. If you don't see your - # platform on this list, let us know and we'll get it added! - # - platforms: - - name: Fedora - versions: - - all - - name: Ubuntu - versions: - - all - - name: EL - versions: - - all - - galaxy_tags: - - k8s - - kubernetes - - openshift - - modules - - api - -dependencies: [] diff --git a/module_utils/README.md b/module_utils/README.md deleted file mode 100644 index 9847c7f1..00000000 --- a/module_utils/README.md +++ /dev/null @@ -1,3 +0,0 @@ -The `k8_common.py` and `openshift_common.py` modules are not currently available in an official release of Ansible. They are part of Ansible, as you'll find them in the `devel` branch. At some point they will make it into an official release. Until then, they're included here for convenience. - -If you have uncovered a problem, or would like to make a change, please open an issue and submit pull requess at the [Ansible repo](https://github.com/ansible/ansible). diff --git a/module_utils/k8s_common.py b/module_utils/k8s_common.py deleted file mode 100644 index 06716e43..00000000 --- a/module_utils/k8s_common.py +++ /dev/null @@ -1,313 +0,0 @@ -# -# Copyright 2017 Red Hat | Ansible -# -# This file is part of Ansible -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see . - -import copy -import json -import os - -from ansible.module_utils.basic import AnsibleModule - -try: - from openshift.helper.ansible import KubernetesAnsibleModuleHelper, ARG_ATTRIBUTES_BLACKLIST - from openshift.helper.exceptions import KubernetesException - HAS_K8S_MODULE_HELPER = True -except ImportError as exc: - HAS_K8S_MODULE_HELPER = False - -try: - import yaml - HAS_YAML = True -except ImportError: - HAS_YAML = False - - -class KubernetesAnsibleException(Exception): - pass - - -class KubernetesAnsibleModule(AnsibleModule): - @staticmethod - def get_helper(api_version, kind): - return KubernetesAnsibleModuleHelper(api_version, kind) - - def __init__(self, kind, api_version): - self.api_version = api_version - self.kind = kind - self.argspec_cache = None - - if not HAS_K8S_MODULE_HELPER: - raise KubernetesAnsibleException( - "This module requires the OpenShift Python client. Try `pip install openshift`" - ) - - if not HAS_YAML: - raise KubernetesAnsibleException( - "This module requires PyYAML. Try `pip install PyYAML`" - ) - - try: - self.helper = self.get_helper(api_version, kind) - except Exception as exc: - raise KubernetesAnsibleException( - "Error initializing AnsibleModuleHelper: {}".format(exc) - ) - - mutually_exclusive = ( - ('resource_definition', 'src'), - ) - - AnsibleModule.__init__(self, - argument_spec=self.argspec, - supports_check_mode=True, - mutually_exclusive=mutually_exclusive) - - @property - def argspec(self): - """ - Build the module argument spec from the helper.argspec, removing any extra attributes not needed by - Ansible. - - :return: dict: a valid Ansible argument spec - """ - if not self.argspec_cache: - spec = { - 'dry_run': { - 'type': 'bool', - 'default': False, - 'description': [ - "If set to C(True) the module will exit without executing any action." - "Useful to only generate YAML file definitions for the resources in the tasks." - ] - } - } - - for arg_name, arg_properties in self.helper.argspec.items(): - spec[arg_name] = {} - for option, option_value in arg_properties.items(): - if option not in ARG_ATTRIBUTES_BLACKLIST: - if option == 'choices': - if isinstance(option_value, dict): - spec[arg_name]['choices'] = [value for key, value in option_value.items()] - else: - spec[arg_name]['choices'] = option_value - else: - spec[arg_name][option] = option_value - - self.argspec_cache = spec - return self.argspec_cache - - def execute_module(self): - """ - Performs basic CRUD operations on the model object. Ends by calling - AnsibleModule.fail_json(), if an error is encountered, otherwise - AnsibleModule.exit_json() with a dict containing: - changed: boolean - api_version: the API version - : a dict representing the object's state - :return: None - """ - - if self.params.get('debug'): - self.helper.enable_debug(reset_logfile=False) - self.helper.log_argspec() - - resource_definition = self.params.get('resource_definition') - if self.params.get('src'): - resource_definition = self.load_resource_definition(self.params['src']) - if resource_definition: - resource_params = self.resource_to_parameters(resource_definition) - self.params.update(resource_params) - - state = self.params.get('state', None) - force = self.params.get('force', False) - dry_run = self.params.pop('dry_run', False) - name = self.params.get('name') - namespace = self.params.get('namespace', None) - existing = None - - return_attributes = dict(changed=False, - api_version=self.api_version, - request=self.helper.request_body_from_params(self.params)) - return_attributes[self.helper.base_model_name_snake] = {} - - if dry_run: - self.exit_json(**return_attributes) - - try: - auth_options = {} - for key, value in self.helper.argspec.items(): - if value.get('auth_option') and self.params.get(key) is not None: - auth_options[key] = self.params[key] - self.helper.set_client_config(**auth_options) - except KubernetesException as e: - self.fail_json(msg='Error loading config', error=str(e)) - - if state is None: - # This is a list, rollback or ? module with no 'state' param - if self.helper.base_model_name_snake.endswith('list'): - # For list modules, execute a GET, and exit - k8s_obj = self._read(name, namespace) - return_attributes[self.kind] = k8s_obj.to_dict() if k8s_obj else {} - self.exit_json(**return_attributes) - elif self.helper.has_method('create'): - # For a rollback, execute a POST, and exit - k8s_obj = self._create(namespace) - return_attributes[self.kind] = k8s_obj.to_dict() if k8s_obj else {} - return_attributes['changed'] = True - self.exit_json(**return_attributes) - else: - self.fail_json(msg="Missing state parameter. Expected one of: present, absent") - - # CRUD modules - try: - existing = self.helper.get_object(name, namespace) - except KubernetesException as exc: - self.fail_json(msg='Failed to retrieve requested object: {}'.format(exc.message), - error=exc.value.get('status')) - - if state == 'absent': - if not existing: - # The object already does not exist - self.exit_json(**return_attributes) - else: - # Delete the object - if not self.check_mode: - try: - self.helper.delete_object(name, namespace) - except KubernetesException as exc: - self.fail_json(msg="Failed to delete object: {}".format(exc.message), - error=exc.value.get('status')) - return_attributes['changed'] = True - self.exit_json(**return_attributes) - else: - if not existing: - k8s_obj = self._create(namespace) - return_attributes[self.kind] = k8s_obj.to_dict() if k8s_obj else {} - return_attributes['changed'] = True - self.exit_json(**return_attributes) - - if existing and force: - k8s_obj = None - request_body = self.helper.request_body_from_params(self.params) - if not self.check_mode: - try: - k8s_obj = self.helper.replace_object(name, namespace, body=request_body) - except KubernetesException as exc: - self.fail_json(msg="Failed to replace object: {}".format(exc.message), - error=exc.value.get('status')) - return_attributes[self.kind] = k8s_obj.to_dict() if k8s_obj else {} - return_attributes['changed'] = True - self.exit_json(**return_attributes) - - # Check if existing object should be patched - k8s_obj = copy.deepcopy(existing) - try: - self.helper.object_from_params(self.params, obj=k8s_obj) - except KubernetesException as exc: - self.fail_json(msg="Failed to patch object: {}".format(exc.message)) - match, diff = self.helper.objects_match(existing, k8s_obj) - if match: - return_attributes[self.kind] = existing.to_dict() - self.exit_json(**return_attributes) - else: - self.helper.log('Existing:') - self.helper.log(existing.to_str()) - self.helper.log('\nDifferences:') - self.helper.log(json.dumps(diff, indent=4)) - # Differences exist between the existing obj and requested params - if not self.check_mode: - try: - k8s_obj = self.helper.patch_object(name, namespace, k8s_obj) - except KubernetesException as exc: - self.fail_json(msg="Failed to patch object: {}".format(exc.message)) - return_attributes[self.kind] = k8s_obj.to_dict() if k8s_obj else {} - return_attributes['changed'] = True - self.exit_json(**return_attributes) - - def _create(self, namespace): - request_body = None - k8s_obj = None - try: - request_body = self.helper.request_body_from_params(self.params) - except KubernetesException as exc: - self.fail_json(msg="Failed to create object: {}".format(exc.message)) - if not self.check_mode: - try: - k8s_obj = self.helper.create_object(namespace, body=request_body) - except KubernetesException as exc: - self.fail_json(msg="Failed to create object: {}".format(exc.message), - error=exc.value.get('status')) - return k8s_obj - - def _read(self, name, namespace): - k8s_obj = None - try: - k8s_obj = self.helper.get_object(name, namespace) - except KubernetesException as exc: - self.fail_json(msg='Failed to retrieve requested object', - error=exc.value.get('status')) - return k8s_obj - - def load_resource_definition(self, src): - """ Load the requested src path """ - result = None - path = os.path.normpath(src) - self.helper.log("Reading definition from {}".format(path)) - if not os.path.exists(path): - self.fail_json(msg="Error accessing {}. Does the file exist?".format(path)) - try: - result = yaml.safe_load(open(path, 'r')) - except (IOError, yaml.YAMLError) as exc: - self.fail_json(msg="Error loading resource_definition: {}".format(exc)) - return result - - def resource_to_parameters(self, resource): - """ Converts a resource definition to module parameters """ - parameters = {} - for key, value in resource.items(): - if key in ('apiVersion', 'kind', 'status'): - continue - elif key == 'metadata' and isinstance(value, dict): - for meta_key, meta_value in value.items(): - if meta_key in ('name', 'namespace', 'labels', 'annotations'): - parameters[meta_key] = meta_value - elif key in self.helper.argspec and value is not None: - parameters[key] = value - elif isinstance(value, dict): - self._add_parameter(value, [key], parameters) - self.helper.log("Request to parameters: {}".format(json.dumps(parameters))) - return parameters - - def _add_parameter(self, request, path, parameters): - for key, value in request.items(): - if path: - param_name = '_'.join(path + [self.helper.attribute_to_snake(key)]) - else: - param_name = self.helper.attribute_to_snake(key) - if param_name in self.helper.argspec and value is not None: - parameters[param_name] = value - elif isinstance(value, dict): - continue_path = copy.copy(path) if path else [] - continue_path.append(self.helper.attribute_to_snake(key)) - self._add_parameter(value, continue_path, parameters) - else: - self.fail_json( - msg=("Error parsing resource definition. Encountered {}, which does not map to a module " - "parameter. If this looks like a problem with the module, please open an issue at " - "github.com/openshift/openshift-restclient-python/issues").format(param_name) - ) diff --git a/module_utils/openshift_common.py b/module_utils/openshift_common.py deleted file mode 100644 index 7b20f2b5..00000000 --- a/module_utils/openshift_common.py +++ /dev/null @@ -1,69 +0,0 @@ -# -# Copyright 2017 Red Hat | Ansible -# -# This file is part of Ansible -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see . - -from ansible.module_utils.k8s_common import KubernetesAnsibleException, KubernetesAnsibleModule - -try: - from openshift.helper.ansible import OpenShiftAnsibleModuleHelper, ARG_ATTRIBUTES_BLACKLIST - from openshift.helper.exceptions import KubernetesException, OpenShiftException - HAS_OPENSHIFT_HELPER = True -except ImportError as exc: - HAS_OPENSHIFT_HELPER = False - - -class OpenShiftAnsibleException(KubernetesAnsibleException): - pass - - -class OpenShiftAnsibleModule(KubernetesAnsibleModule): - def __init__(self, kind, api_version): - if not HAS_OPENSHIFT_HELPER: - raise OpenShiftAnsibleException( - "This module requires the OpenShift Python client. Try `pip install openshift`" - ) - - try: - super(OpenShiftAnsibleModule, self).__init__(kind, api_version) - except KubernetesAnsibleException as exc: - raise OpenShiftAnsibleException(exc.args) - - @staticmethod - def get_helper(api_version, kind): - return OpenShiftAnsibleModuleHelper(api_version, kind) - - def _create(self, namespace): - if self.kind.lower() == 'project': - return self._create_project() - else: - return super(OpenShiftAnsibleModule, self)._create(namespace) - - def _create_project(self): - new_obj = None - k8s_obj = None - try: - new_obj = self.helper.object_from_params(self.params) - except KubernetesException as exc: - self.fail_json(msg="Failed to create object: {}".format(exc.message)) - try: - k8s_obj = self.helper.create_project(metadata=new_obj.metadata, - display_name=self.params.get('display_name'), - description=self.params.get('description')) - except KubernetesException as exc: - self.fail_json(msg='Failed to retrieve requested object', - error=exc.value.get('status')) - return k8s_obj diff --git a/plugins/connection/kubectl.py b/plugins/connection/kubectl.py new file mode 100644 index 00000000..d8a0fcf6 --- /dev/null +++ b/plugins/connection/kubectl.py @@ -0,0 +1,356 @@ +# Based on the docker connection plugin +# +# Connection plugin for configuring kubernetes containers with kubectl +# (c) 2017, XuXinkun +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +DOCUMENTATION = """ + author: + - xuxinkun + + connection: kubectl + + short_description: Execute tasks in pods running on Kubernetes. + + description: + - Use the kubectl exec command to run tasks in, or put/fetch files to, pods running on the Kubernetes + container platform. + + version_added: "2.5" + + requirements: + - kubectl (go binary) + + options: + kubectl_pod: + description: + - Pod name. Required when the host name does not match pod name. + default: '' + vars: + - name: ansible_kubectl_pod + env: + - name: K8S_AUTH_POD + kubectl_container: + description: + - Container name. Required when a pod contains more than one container. + default: '' + vars: + - name: ansible_kubectl_container + env: + - name: K8S_AUTH_CONTAINER + kubectl_namespace: + description: + - The namespace of the pod + default: '' + vars: + - name: ansible_kubectl_namespace + env: + - name: K8S_AUTH_NAMESPACE + kubectl_extra_args: + description: + - Extra arguments to pass to the kubectl command line. + default: '' + vars: + - name: ansible_kubectl_extra_args + env: + - name: K8S_AUTH_EXTRA_ARGS + kubectl_kubeconfig: + description: + - Path to a kubectl config file. Defaults to I(~/.kube/config) + default: '' + vars: + - name: ansible_kubectl_kubeconfig + - name: ansible_kubectl_config + env: + - name: K8S_AUTH_KUBECONFIG + kubectl_context: + description: + - The name of a context found in the K8s config file. + default: '' + vars: + - name: ansible_kubectl_context + env: + - name: k8S_AUTH_CONTEXT + kubectl_host: + description: + - URL for accessing the API. + default: '' + vars: + - name: ansible_kubectl_host + - name: ansible_kubectl_server + env: + - name: K8S_AUTH_HOST + - name: K8S_AUTH_SERVER + kubectl_username: + description: + - Provide a username for authenticating with the API. + default: '' + vars: + - name: ansible_kubectl_username + - name: ansible_kubectl_user + env: + - name: K8S_AUTH_USERNAME + kubectl_password: + description: + - Provide a password for authenticating with the API. + default: '' + vars: + - name: ansible_kubectl_password + env: + - name: K8S_AUTH_PASSWORD + kubectl_token: + description: + - API authentication bearer token. + vars: + - name: ansible_kubectl_token + - name: ansible_kubectl_api_key + env: + - name: K8S_AUTH_TOKEN + - name: K8S_AUTH_API_KEY + client_cert: + description: + - Path to a certificate used to authenticate with the API. + default: '' + vars: + - name: ansible_kubectl_cert_file + - name: ansible_kubectl_client_cert + env: + - name: K8S_AUTH_CERT_FILE + aliases: [ kubectl_cert_file ] + client_key: + description: + - Path to a key file used to authenticate with the API. + default: '' + vars: + - name: ansible_kubectl_key_file + - name: ansible_kubectl_client_key + env: + - name: K8S_AUTH_KEY_FILE + aliases: [ kubectl_key_file ] + ca_cert: + description: + - Path to a CA certificate used to authenticate with the API. + default: '' + vars: + - name: ansible_kubectl_ssl_ca_cert + - name: ansible_kubectl_ca_cert + env: + - name: K8S_AUTH_SSL_CA_CERT + aliases: [ kubectl_ssl_ca_cert ] + validate_certs: + description: + - Whether or not to verify the API server's SSL certificate. Defaults to I(true). + default: '' + vars: + - name: ansible_kubectl_verify_ssl + - name: ansible_kubectl_validate_certs + env: + - name: K8S_AUTH_VERIFY_SSL + aliases: [ kubectl_verify_ssl ] +""" + +import distutils.spawn +import os +import os.path +import subprocess + +import ansible.constants as C +from ansible.parsing.yaml.loader import AnsibleLoader +from ansible.errors import AnsibleError, AnsibleFileNotFound +from ansible.module_utils.six.moves import shlex_quote +from ansible.module_utils._text import to_bytes +from ansible.plugins.connection import ConnectionBase, BUFSIZE +from ansible.utils.display import Display + +display = Display() + + +CONNECTION_TRANSPORT = 'kubectl' + +CONNECTION_OPTIONS = { + 'kubectl_container': '-c', + 'kubectl_namespace': '-n', + 'kubectl_kubeconfig': '--kubeconfig', + 'kubectl_context': '--context', + 'kubectl_host': '--server', + 'kubectl_username': '--username', + 'kubectl_password': '--password', + 'client_cert': '--client-certificate', + 'client_key': '--client-key', + 'ca_cert': '--certificate-authority', + 'validate_certs': '--insecure-skip-tls-verify', + 'kubectl_token': '--token' +} + + +class Connection(ConnectionBase): + ''' Local kubectl based connections ''' + + transport = CONNECTION_TRANSPORT + connection_options = CONNECTION_OPTIONS + documentation = DOCUMENTATION + has_pipelining = True + transport_cmd = None + + def __init__(self, play_context, new_stdin, *args, **kwargs): + super(Connection, self).__init__(play_context, new_stdin, *args, **kwargs) + + # Note: kubectl runs commands as the user that started the container. + # It is impossible to set the remote user for a kubectl connection. + cmd_arg = '{0}_command'.format(self.transport) + if cmd_arg in kwargs: + self.transport_cmd = kwargs[cmd_arg] + else: + self.transport_cmd = distutils.spawn.find_executable(self.transport) + if not self.transport_cmd: + raise AnsibleError("{0} command not found in PATH".format(self.transport)) + + def _build_exec_cmd(self, cmd): + """ Build the local kubectl exec command to run cmd on remote_host + """ + local_cmd = [self.transport_cmd] + + # Build command options based on doc string + doc_yaml = AnsibleLoader(self.documentation).get_single_data() + for key in doc_yaml.get('options'): + if key.endswith('verify_ssl') and self.get_option(key) != '': + # Translate verify_ssl to skip_verify_ssl, and output as string + skip_verify_ssl = not self.get_option(key) + local_cmd.append(u'{0}={1}'.format(self.connection_options[key], str(skip_verify_ssl).lower())) + elif not key.endswith('container') and self.get_option(key) and self.connection_options.get(key): + cmd_arg = self.connection_options[key] + local_cmd += [cmd_arg, self.get_option(key)] + + extra_args_name = u'{0}_extra_args'.format(self.transport) + if self.get_option(extra_args_name): + local_cmd += self.get_option(extra_args_name).split(' ') + + pod = self.get_option(u'{0}_pod'.format(self.transport)) + if not pod: + pod = self._play_context.remote_addr + # -i is needed to keep stdin open which allows pipelining to work + local_cmd += ['exec', '-i', pod] + + # if the pod has more than one container, then container is required + container_arg_name = u'{0}_container'.format(self.transport) + if self.get_option(container_arg_name): + local_cmd += ['-c', self.get_option(container_arg_name)] + + local_cmd += ['--'] + cmd + + return local_cmd + + def _connect(self, port=None): + """ Connect to the container. Nothing to do """ + super(Connection, self)._connect() + if not self._connected: + display.vvv(u"ESTABLISH {0} CONNECTION".format(self.transport), host=self._play_context.remote_addr) + self._connected = True + + def exec_command(self, cmd, in_data=None, sudoable=False): + """ Run a command in the container """ + super(Connection, self).exec_command(cmd, in_data=in_data, sudoable=sudoable) + + local_cmd = self._build_exec_cmd([self._play_context.executable, '-c', cmd]) + + display.vvv("EXEC %s" % (local_cmd,), host=self._play_context.remote_addr) + local_cmd = [to_bytes(i, errors='surrogate_or_strict') for i in local_cmd] + p = subprocess.Popen(local_cmd, shell=False, stdin=subprocess.PIPE, + stdout=subprocess.PIPE, stderr=subprocess.PIPE) + + stdout, stderr = p.communicate(in_data) + return (p.returncode, stdout, stderr) + + def _prefix_login_path(self, remote_path): + ''' Make sure that we put files into a standard path + + If a path is relative, then we need to choose where to put it. + ssh chooses $HOME but we aren't guaranteed that a home dir will + exist in any given chroot. So for now we're choosing "/" instead. + This also happens to be the former default. + + Can revisit using $HOME instead if it's a problem + ''' + if not remote_path.startswith(os.path.sep): + remote_path = os.path.join(os.path.sep, remote_path) + return os.path.normpath(remote_path) + + def put_file(self, in_path, out_path): + """ Transfer a file from local to the container """ + super(Connection, self).put_file(in_path, out_path) + display.vvv("PUT %s TO %s" % (in_path, out_path), host=self._play_context.remote_addr) + + out_path = self._prefix_login_path(out_path) + if not os.path.exists(to_bytes(in_path, errors='surrogate_or_strict')): + raise AnsibleFileNotFound( + "file or module does not exist: %s" % in_path) + + out_path = shlex_quote(out_path) + # kubectl doesn't have native support for copying files into + # running containers, so we use kubectl exec to implement this + with open(to_bytes(in_path, errors='surrogate_or_strict'), 'rb') as in_file: + if not os.fstat(in_file.fileno()).st_size: + count = ' count=0' + else: + count = '' + args = self._build_exec_cmd([self._play_context.executable, "-c", "dd of=%s bs=%s%s" % (out_path, BUFSIZE, count)]) + args = [to_bytes(i, errors='surrogate_or_strict') for i in args] + try: + p = subprocess.Popen(args, stdin=in_file, + stdout=subprocess.PIPE, stderr=subprocess.PIPE) + except OSError: + raise AnsibleError("kubectl connection requires dd command in the container to put files") + stdout, stderr = p.communicate() + + if p.returncode != 0: + raise AnsibleError("failed to transfer file %s to %s:\n%s\n%s" % (in_path, out_path, stdout, stderr)) + + def fetch_file(self, in_path, out_path): + """ Fetch a file from container to local. """ + super(Connection, self).fetch_file(in_path, out_path) + display.vvv("FETCH %s TO %s" % (in_path, out_path), host=self._play_context.remote_addr) + + in_path = self._prefix_login_path(in_path) + out_dir = os.path.dirname(out_path) + + # kubectl doesn't have native support for fetching files from + # running containers, so we use kubectl exec to implement this + args = self._build_exec_cmd([self._play_context.executable, "-c", "dd if=%s bs=%s" % (in_path, BUFSIZE)]) + args = [to_bytes(i, errors='surrogate_or_strict') for i in args] + actual_out_path = os.path.join(out_dir, os.path.basename(in_path)) + with open(to_bytes(actual_out_path, errors='surrogate_or_strict'), 'wb') as out_file: + try: + p = subprocess.Popen(args, stdin=subprocess.PIPE, + stdout=out_file, stderr=subprocess.PIPE) + except OSError: + raise AnsibleError( + "{0} connection requires dd command in the container to fetch files".format(self.transport) + ) + stdout, stderr = p.communicate() + + if p.returncode != 0: + raise AnsibleError("failed to fetch file %s to %s:\n%s\n%s" % (in_path, out_path, stdout, stderr)) + + if actual_out_path != out_path: + os.rename(to_bytes(actual_out_path, errors='strict'), to_bytes(out_path, errors='strict')) + + def close(self): + """ Terminate the connection. Nothing to do for kubectl""" + super(Connection, self).close() + self._connected = False diff --git a/plugins/doc_fragments/__init__.py b/plugins/doc_fragments/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/plugins/doc_fragments/k8s_auth_options.py b/plugins/doc_fragments/k8s_auth_options.py new file mode 100644 index 00000000..9decda11 --- /dev/null +++ b/plugins/doc_fragments/k8s_auth_options.py @@ -0,0 +1,86 @@ +# -*- coding: utf-8 -*- + +# Copyright: (c) 2018, Red Hat | Ansible +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +# Options for authenticating with the API. + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + + +class ModuleDocFragment(object): + + DOCUMENTATION = r''' +options: + host: + description: + - Provide a URL for accessing the API. Can also be specified via K8S_AUTH_HOST environment variable. + type: str + api_key: + description: + - Token used to authenticate with the API. Can also be specified via K8S_AUTH_API_KEY environment variable. + type: str + kubeconfig: + description: + - Path to an existing Kubernetes config file. If not provided, and no other connection + options are provided, the openshift client will attempt to load the default + configuration file from I(~/.kube/config.json). Can also be specified via K8S_AUTH_KUBECONFIG environment + variable. + type: path + context: + description: + - The name of a context found in the config file. Can also be specified via K8S_AUTH_CONTEXT environment variable. + type: str + username: + description: + - Provide a username for authenticating with the API. Can also be specified via K8S_AUTH_USERNAME environment + variable. + - Please note that this only works with clusters configured to use HTTP Basic Auth. If your cluster has a + different form of authentication (e.g. OAuth2 in OpenShift), this option will not work as expected and you + should look into the C(k8s_auth) module, as that might do what you need. + type: str + password: + description: + - Provide a password for authenticating with the API. Can also be specified via K8S_AUTH_PASSWORD environment + variable. + - Please read the description of the C(username) option for a discussion of when this option is applicable. + type: str + client_cert: + description: + - Path to a certificate used to authenticate with the API. Can also be specified via K8S_AUTH_CERT_FILE environment + variable. + type: path + aliases: [ cert_file ] + client_key: + description: + - Path to a key file used to authenticate with the API. Can also be specified via K8S_AUTH_KEY_FILE environment + variable. + type: path + aliases: [ key_file ] + ca_cert: + description: + - Path to a CA certificate used to authenticate with the API. The full certificate chain must be provided to + avoid certificate validation errors. Can also be specified via K8S_AUTH_SSL_CA_CERT environment variable. + type: path + aliases: [ ssl_ca_cert ] + validate_certs: + description: + - Whether or not to verify the API server's SSL certificates. Can also be specified via K8S_AUTH_VERIFY_SSL + environment variable. + type: bool + aliases: [ verify_ssl ] + proxy: + description: + - The URL of an HTTP proxy to use for the connection. Can also be specified via K8S_AUTH_PROXY environment variable. + - Please note that this module does not pick up typical proxy settings from the environment (e.g. HTTP_PROXY). + version_added: "2.9" + type: str +notes: + - "The OpenShift Python client wraps the K8s Python client, providing full access to + all of the APIS and models available on both platforms. For API version details and + additional information visit https://github.com/openshift/openshift-restclient-python" + - "To avoid SSL certificate validation errors when C(validate_certs) is I(True), the full + certificate chain for the API server must be provided via C(ca_cert) or in the + kubeconfig file." +''' diff --git a/plugins/doc_fragments/k8s_name_options.py b/plugins/doc_fragments/k8s_name_options.py new file mode 100644 index 00000000..088a5637 --- /dev/null +++ b/plugins/doc_fragments/k8s_name_options.py @@ -0,0 +1,48 @@ +# -*- coding: utf-8 -*- + +# Copyright: (c) 2018, Red Hat | Ansible +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +# Options for selecting or identifying a specific K8s object + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + + +class ModuleDocFragment(object): + + DOCUMENTATION = r''' +options: + api_version: + description: + - Use to specify the API version. Use to create, delete, or discover an object without providing a full + resource definition. Use in conjunction with I(kind), I(name), and I(namespace) to identify a + specific object. If I(resource definition) is provided, the I(apiVersion) from the I(resource_definition) + will override this option. + type: str + default: v1 + aliases: + - api + - version + kind: + description: + - Use to specify an object model. Use to create, delete, or discover an object without providing a full + resource definition. Use in conjunction with I(api_version), I(name), and I(namespace) to identify a + specific object. If I(resource definition) is provided, the I(kind) from the I(resource_definition) + will override this option. + type: str + name: + description: + - Use to specify an object name. Use to create, delete, or discover an object without providing a full + resource definition. Use in conjunction with I(api_version), I(kind) and I(namespace) to identify a + specific object. If I(resource definition) is provided, the I(metadata.name) value from the + I(resource_definition) will override this option. + type: str + namespace: + description: + - Use to specify an object namespace. Useful when creating, deleting, or discovering an object without + providing a full resource definition. Use in conjunction with I(api_version), I(kind), and I(name) + to identify a specfic object. If I(resource definition) is provided, the I(metadata.namespace) value + from the I(resource_definition) will override this option. + type: str +''' diff --git a/plugins/doc_fragments/k8s_resource_options.py b/plugins/doc_fragments/k8s_resource_options.py new file mode 100644 index 00000000..0742eed4 --- /dev/null +++ b/plugins/doc_fragments/k8s_resource_options.py @@ -0,0 +1,32 @@ +# -*- coding: utf-8 -*- + +# Copyright: (c) 2018, Red Hat | Ansible +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +# Options for providing an object configuration + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + + +class ModuleDocFragment(object): + + DOCUMENTATION = r''' +options: + resource_definition: + description: + - "Provide a valid YAML definition (either as a string, list, or dict) for an object when creating or updating. NOTE: I(kind), I(api_version), I(name), + and I(namespace) will be overwritten by corresponding values found in the provided I(resource_definition)." + aliases: + - definition + - inline + src: + description: + - "Provide a path to a file containing a valid YAML definition of an object or objects to be created or updated. Mutually + exclusive with I(resource_definition). NOTE: I(kind), I(api_version), I(name), and I(namespace) will be + overwritten by corresponding values found in the configuration read in from the I(src) file." + - Reads from the local file system. To read from the Ansible controller's file system, including vaulted files, use the file lookup + plugin or template lookup plugin, combined with the from_yaml filter, and pass the result to + I(resource_definition). See Examples below. + type: path +''' diff --git a/plugins/doc_fragments/k8s_scale_options.py b/plugins/doc_fragments/k8s_scale_options.py new file mode 100644 index 00000000..0c01439a --- /dev/null +++ b/plugins/doc_fragments/k8s_scale_options.py @@ -0,0 +1,43 @@ +# -*- coding: utf-8 -*- + +# Copyright: (c) 2018, Red Hat | Ansible +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +# Options used by scale modules. + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + + +class ModuleDocFragment(object): + + DOCUMENTATION = r''' +options: + replicas: + description: + - The desired number of replicas. + type: int + required: True + current_replicas: + description: + - For Deployment, ReplicaSet, Replication Controller, only scale, if the number of existing replicas + matches. In the case of a Job, update parallelism only if the current parallelism value matches. + type: int + resource_version: + description: + - Only attempt to scale, if the current object version matches. + type: str + wait: + description: + - For Deployment, ReplicaSet, Replication Controller, wait for the status value of I(ready_replicas) to change + to the number of I(replicas). In the case of a Job, this option is ignored. + type: bool + default: yes + wait_timeout: + description: + - When C(wait) is I(True), the number of seconds to wait for the I(ready_replicas) status to equal I(replicas). + If the status is not reached within the allotted time, an error will result. In the case of a Job, this option + is ignored. + type: int + default: 20 +''' diff --git a/plugins/doc_fragments/k8s_state_options.py b/plugins/doc_fragments/k8s_state_options.py new file mode 100644 index 00000000..8f741ba8 --- /dev/null +++ b/plugins/doc_fragments/k8s_state_options.py @@ -0,0 +1,30 @@ +# -*- coding: utf-8 -*- + +# Copyright: (c) 2018, Red Hat | Ansible +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +# Options for specifying object state + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + + +class ModuleDocFragment(object): + + DOCUMENTATION = r''' +options: + state: + description: + - Determines if an object should be created, patched, or deleted. When set to C(present), an object will be + created, if it does not already exist. If set to C(absent), an existing object will be deleted. If set to + C(present), an existing object will be patched, if its attributes differ from those specified using + I(resource_definition) or I(src). + type: str + default: present + choices: [ absent, present ] + force: + description: + - If set to C(yes), and I(state) is C(present), an existing object will be replaced. + type: bool + default: no +''' diff --git a/plugins/filter/k8s.py b/plugins/filter/k8s.py new file mode 100644 index 00000000..f6cb0579 --- /dev/null +++ b/plugins/filter/k8s.py @@ -0,0 +1,40 @@ +# Copyright (c) 2017 Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + + +ANSIBLE_METADATA = { + 'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community' +} + + +try: + from openshift.helper.hashes import generate_hash + HAS_GENERATE_HASH = True +except ImportError: + HAS_GENERATE_HASH = False + +from ansible.errors import AnsibleFilterError + + +def k8s_config_resource_name(resource): + if not HAS_GENERATE_HASH: + raise AnsibleFilterError("k8s_config_resource_name requires openshift>=0.7.2") + try: + return resource['metadata']['name'] + '-' + generate_hash(resource) + except KeyError: + raise AnsibleFilterError("resource must have a metadata.name key to generate a resource name") + + +# ---- Ansible filters ---- +class FilterModule(object): + + def filters(self): + return { + 'k8s_config_resource_name': k8s_config_resource_name + } diff --git a/plugins/inventory/k8s.py b/plugins/inventory/k8s.py new file mode 100644 index 00000000..4db69c52 --- /dev/null +++ b/plugins/inventory/k8s.py @@ -0,0 +1,360 @@ +# Copyright (c) 2018 Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +DOCUMENTATION = ''' + name: k8s + plugin_type: inventory + author: + - Chris Houseknecht <@chouseknecht> + - Fabian von Feilitzsch <@fabianvf> + + short_description: Kubernetes (K8s) inventory source + + description: + - Fetch containers and services for one or more clusters + - Groups by cluster name, namespace, namespace_services, namespace_pods, and labels + - Uses k8s.(yml|yaml) YAML configuration file to set parameter values. + + options: + plugin: + description: token that ensures this is a source file for the 'k8s' plugin. + required: True + choices: ['k8s'] + connections: + description: + - Optional list of cluster connection settings. If no connections are provided, the default + I(~/.kube/config) and active context will be used, and objects will be returned for all namespaces + the active user is authorized to access. + name: + description: + - Optional name to assign to the cluster. If not provided, a name is constructed from the server + and port. + kubeconfig: + description: + - Path to an existing Kubernetes config file. If not provided, and no other connection + options are provided, the OpenShift client will attempt to load the default + configuration file from I(~/.kube/config.json). Can also be specified via K8S_AUTH_KUBECONFIG + environment variable. + context: + description: + - The name of a context found in the config file. Can also be specified via K8S_AUTH_CONTEXT environment + variable. + host: + description: + - Provide a URL for accessing the API. Can also be specified via K8S_AUTH_HOST environment variable. + api_key: + description: + - Token used to authenticate with the API. Can also be specified via K8S_AUTH_API_KEY environment + variable. + username: + description: + - Provide a username for authenticating with the API. Can also be specified via K8S_AUTH_USERNAME + environment variable. + password: + description: + - Provide a password for authenticating with the API. Can also be specified via K8S_AUTH_PASSWORD + environment variable. + client_cert: + description: + - Path to a certificate used to authenticate with the API. Can also be specified via K8S_AUTH_CERT_FILE + environment variable. + aliases: [ cert_file ] + client_key: + description: + - Path to a key file used to authenticate with the API. Can also be specified via K8S_AUTH_KEY_FILE + environment variable. + aliases: [ key_file ] + ca_cert: + description: + - Path to a CA certificate used to authenticate with the API. Can also be specified via + K8S_AUTH_SSL_CA_CERT environment variable. + aliases: [ ssl_ca_cert ] + validate_certs: + description: + - "Whether or not to verify the API server's SSL certificates. Can also be specified via + K8S_AUTH_VERIFY_SSL environment variable." + type: bool + aliases: [ verify_ssl ] + namespaces: + description: + - List of namespaces. If not specified, will fetch all containers for all namespaces user is authorized + to access. + + requirements: + - "python >= 2.7" + - "openshift >= 0.6" + - "PyYAML >= 3.11" +''' + +EXAMPLES = ''' +# File must be named k8s.yaml or k8s.yml + +# Authenticate with token, and return all pods and services for all namespaces +plugin: k8s +connections: + - host: https://192.168.64.4:8443 + token: xxxxxxxxxxxxxxxx + validate_certs: false + +# Use default config (~/.kube/config) file and active context, and return objects for a specific namespace +plugin: k8s +connections: + - namespaces: + - testing + +# Use a custom config file, and a specific context. +plugin: k8s +connections: + - kubeconfig: /path/to/config + context: 'awx/192-168-64-4:8443/developer' +''' + +import json + +from ansible.errors import AnsibleError +from ansible_collections.community.kubernetes.plugins.module_utils.common import K8sAnsibleMixin, HAS_K8S_MODULE_HELPER, k8s_import_exception +from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable + +try: + from openshift.dynamic.exceptions import DynamicApiError +except ImportError: + pass + + +def format_dynamic_api_exc(exc): + if exc.body: + if exc.headers and exc.headers.get('Content-Type') == 'application/json': + message = json.loads(exc.body).get('message') + if message: + return message + return exc.body + else: + return '%s Reason: %s' % (exc.status, exc.reason) + + +class K8sInventoryException(Exception): + pass + + +class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable, K8sAnsibleMixin): + NAME = 'k8s' + + transport = 'kubectl' + + def parse(self, inventory, loader, path, cache=True): + super(InventoryModule, self).parse(inventory, loader, path) + cache_key = self._get_cache_prefix(path) + config_data = self._read_config_data(path) + self.setup(config_data, cache, cache_key) + + def setup(self, config_data, cache, cache_key): + connections = config_data.get('connections') + + if not HAS_K8S_MODULE_HELPER: + raise K8sInventoryException( + "This module requires the OpenShift Python client. Try `pip install openshift`. Detail: {0}".format(k8s_import_exception) + ) + + source_data = None + if cache and cache_key in self._cache: + try: + source_data = self._cache[cache_key] + except KeyError: + pass + + if not source_data: + self.fetch_objects(connections) + + def fetch_objects(self, connections): + + if connections: + if not isinstance(connections, list): + raise K8sInventoryException("Expecting connections to be a list.") + + for connection in connections: + if not isinstance(connection, dict): + raise K8sInventoryException("Expecting connection to be a dictionary.") + client = self.get_api_client(**connection) + name = connection.get('name', self.get_default_host_name(client.configuration.host)) + if connection.get('namespaces'): + namespaces = connection['namespaces'] + else: + namespaces = self.get_available_namespaces(client) + for namespace in namespaces: + self.get_pods_for_namespace(client, name, namespace) + self.get_services_for_namespace(client, name, namespace) + else: + client = self.get_api_client() + name = self.get_default_host_name(client.configuration.host) + namespaces = self.get_available_namespaces(client) + for namespace in namespaces: + self.get_pods_for_namespace(client, name, namespace) + self.get_services_for_namespace(client, name, namespace) + + @staticmethod + def get_default_host_name(host): + return host.replace('https://', '').replace('http://', '').replace('.', '-').replace(':', '_') + + def get_available_namespaces(self, client): + v1_namespace = client.resources.get(api_version='v1', kind='Namespace') + try: + obj = v1_namespace.get() + except DynamicApiError as exc: + self.display.debug(exc) + raise K8sInventoryException('Error fetching Namespace list: %s' % format_dynamic_api_exc(exc)) + return [namespace.metadata.name for namespace in obj.items] + + def get_pods_for_namespace(self, client, name, namespace): + v1_pod = client.resources.get(api_version='v1', kind='Pod') + try: + obj = v1_pod.get(namespace=namespace) + except DynamicApiError as exc: + self.display.debug(exc) + raise K8sInventoryException('Error fetching Pod list: %s' % format_dynamic_api_exc(exc)) + + namespace_group = 'namespace_{0}'.format(namespace) + namespace_pods_group = '{0}_pods'.format(namespace_group) + + self.inventory.add_group(name) + self.inventory.add_group(namespace_group) + self.inventory.add_child(name, namespace_group) + self.inventory.add_group(namespace_pods_group) + self.inventory.add_child(namespace_group, namespace_pods_group) + + for pod in obj.items: + pod_name = pod.metadata.name + pod_groups = [] + pod_annotations = {} if not pod.metadata.annotations else dict(pod.metadata.annotations) + + if pod.metadata.labels: + # create a group for each label_value + for key, value in pod.metadata.labels: + group_name = 'label_{0}_{1}'.format(key, value) + if group_name not in pod_groups: + pod_groups.append(group_name) + self.inventory.add_group(group_name) + pod_labels = dict(pod.metadata.labels) + else: + pod_labels = {} + + if not pod.status.containerStatuses: + continue + + for container in pod.status.containerStatuses: + # add each pod_container to the namespace group, and to each label_value group + container_name = '{0}_{1}'.format(pod.metadata.name, container.name) + self.inventory.add_host(container_name) + self.inventory.add_child(namespace_pods_group, container_name) + if pod_groups: + for group in pod_groups: + self.inventory.add_child(group, container_name) + + # Add hostvars + self.inventory.set_variable(container_name, 'object_type', 'pod') + self.inventory.set_variable(container_name, 'labels', pod_labels) + self.inventory.set_variable(container_name, 'annotations', pod_annotations) + self.inventory.set_variable(container_name, 'cluster_name', pod.metadata.clusterName) + self.inventory.set_variable(container_name, 'pod_node_name', pod.spec.nodeName) + self.inventory.set_variable(container_name, 'pod_name', pod.spec.name) + self.inventory.set_variable(container_name, 'pod_host_ip', pod.status.hostIP) + self.inventory.set_variable(container_name, 'pod_phase', pod.status.phase) + self.inventory.set_variable(container_name, 'pod_ip', pod.status.podIP) + self.inventory.set_variable(container_name, 'pod_self_link', pod.metadata.selfLink) + self.inventory.set_variable(container_name, 'pod_resource_version', pod.metadata.resourceVersion) + self.inventory.set_variable(container_name, 'pod_uid', pod.metadata.uid) + self.inventory.set_variable(container_name, 'container_name', container.image) + self.inventory.set_variable(container_name, 'container_image', container.image) + if container.state.running: + self.inventory.set_variable(container_name, 'container_state', 'Running') + if container.state.terminated: + self.inventory.set_variable(container_name, 'container_state', 'Terminated') + if container.state.waiting: + self.inventory.set_variable(container_name, 'container_state', 'Waiting') + self.inventory.set_variable(container_name, 'container_ready', container.ready) + self.inventory.set_variable(container_name, 'ansible_remote_tmp', '/tmp/') + self.inventory.set_variable(container_name, 'ansible_connection', self.transport) + self.inventory.set_variable(container_name, 'ansible_{0}_pod'.format(self.transport), + pod_name) + self.inventory.set_variable(container_name, 'ansible_{0}_container'.format(self.transport), + container.name) + self.inventory.set_variable(container_name, 'ansible_{0}_namespace'.format(self.transport), + namespace) + + def get_services_for_namespace(self, client, name, namespace): + v1_service = client.resources.get(api_version='v1', kind='Service') + try: + obj = v1_service.get(namespace=namespace) + except DynamicApiError as exc: + self.display.debug(exc) + raise K8sInventoryException('Error fetching Service list: %s' % format_dynamic_api_exc(exc)) + + namespace_group = 'namespace_{0}'.format(namespace) + namespace_services_group = '{0}_services'.format(namespace_group) + + self.inventory.add_group(name) + self.inventory.add_group(namespace_group) + self.inventory.add_child(name, namespace_group) + self.inventory.add_group(namespace_services_group) + self.inventory.add_child(namespace_group, namespace_services_group) + + for service in obj.items: + service_name = service.metadata.name + service_labels = {} if not service.metadata.labels else dict(service.metadata.labels) + service_annotations = {} if not service.metadata.annotations else dict(service.metadata.annotations) + + self.inventory.add_host(service_name) + + if service.metadata.labels: + # create a group for each label_value + for key, value in service.metadata.labels: + group_name = 'label_{0}_{1}'.format(key, value) + self.inventory.add_group(group_name) + self.inventory.add_child(group_name, service_name) + + try: + self.inventory.add_child(namespace_services_group, service_name) + except AnsibleError as e: + raise + + ports = [{'name': port.name, + 'port': port.port, + 'protocol': port.protocol, + 'targetPort': port.targetPort, + 'nodePort': port.nodePort} for port in service.spec.ports or []] + + # add hostvars + self.inventory.set_variable(service_name, 'object_type', 'service') + self.inventory.set_variable(service_name, 'labels', service_labels) + self.inventory.set_variable(service_name, 'annotations', service_annotations) + self.inventory.set_variable(service_name, 'cluster_name', service.metadata.clusterName) + self.inventory.set_variable(service_name, 'ports', ports) + self.inventory.set_variable(service_name, 'type', service.spec.type) + self.inventory.set_variable(service_name, 'self_link', service.metadata.selfLink) + self.inventory.set_variable(service_name, 'resource_version', service.metadata.resourceVersion) + self.inventory.set_variable(service_name, 'uid', service.metadata.uid) + + if service.spec.externalTrafficPolicy: + self.inventory.set_variable(service_name, 'external_traffic_policy', + service.spec.externalTrafficPolicy) + if service.spec.externalIPs: + self.inventory.set_variable(service_name, 'external_ips', service.spec.externalIPs) + + if service.spec.externalName: + self.inventory.set_variable(service_name, 'external_name', service.spec.externalName) + + if service.spec.healthCheckNodePort: + self.inventory.set_variable(service_name, 'health_check_node_port', + service.spec.healthCheckNodePort) + if service.spec.loadBalancerIP: + self.inventory.set_variable(service_name, 'load_balancer_ip', + service.spec.loadBalancerIP) + if service.spec.selector: + self.inventory.set_variable(service_name, 'selector', dict(service.spec.selector)) + + if hasattr(service.status.loadBalancer, 'ingress') and service.status.loadBalancer.ingress: + load_balancer = [{'hostname': ingress.hostname, + 'ip': ingress.ip} for ingress in service.status.loadBalancer.ingress] + self.inventory.set_variable(service_name, 'load_balancer', load_balancer) diff --git a/plugins/inventory/openshift.py b/plugins/inventory/openshift.py new file mode 100644 index 00000000..db3392cd --- /dev/null +++ b/plugins/inventory/openshift.py @@ -0,0 +1,201 @@ +# Copyright (c) 2018 Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) + +__metaclass__ = type + +DOCUMENTATION = ''' + name: openshift + plugin_type: inventory + author: + - Chris Houseknecht <@chouseknecht> + + short_description: OpenShift inventory source + + description: + - Fetch containers, services and routes for one or more clusters + - Groups by cluster name, namespace, namespace_services, namespace_pods, namespace_routes, and labels + - Uses openshift.(yml|yaml) YAML configuration file to set parameter values. + + options: + plugin: + description: token that ensures this is a source file for the 'openshift' plugin. + required: True + choices: ['openshift'] + connections: + description: + - Optional list of cluster connection settings. If no connections are provided, the default + I(~/.kube/config) and active context will be used, and objects will be returned for all namespaces + the active user is authorized to access. + name: + description: + - Optional name to assign to the cluster. If not provided, a name is constructed from the server + and port. + kubeconfig: + description: + - Path to an existing Kubernetes config file. If not provided, and no other connection + options are provided, the OpenShift client will attempt to load the default + configuration file from I(~/.kube/config.json). Can also be specified via K8S_AUTH_KUBECONFIG + environment variable. + context: + description: + - The name of a context found in the config file. Can also be specified via K8S_AUTH_CONTEXT environment + variable. + host: + description: + - Provide a URL for accessing the API. Can also be specified via K8S_AUTH_HOST environment variable. + api_key: + description: + - Token used to authenticate with the API. Can also be specified via K8S_AUTH_API_KEY environment + variable. + username: + description: + - Provide a username for authenticating with the API. Can also be specified via K8S_AUTH_USERNAME + environment variable. + password: + description: + - Provide a password for authenticating with the API. Can also be specified via K8S_AUTH_PASSWORD + environment variable. + client_cert: + description: + - Path to a certificate used to authenticate with the API. Can also be specified via K8S_AUTH_CERT_FILE + environment variable. + aliases: [ cert_file ] + client_key: + description: + - Path to a key file used to authenticate with the API. Can also be specified via K8S_AUTH_KEY_FILE + environment variable. + aliases: [ key_file ] + ca_cert: + description: + - Path to a CA certificate used to authenticate with the API. Can also be specified via + K8S_AUTH_SSL_CA_CERT environment variable. + aliases: [ ssl_ca_cert ] + validate_certs: + description: + - "Whether or not to verify the API server's SSL certificates. Can also be specified via + K8S_AUTH_VERIFY_SSL environment variable." + type: bool + aliases: [ verify_ssl ] + namespaces: + description: + - List of namespaces. If not specified, will fetch all containers for all namespaces user is authorized + to access. + + requirements: + - "python >= 2.7" + - "openshift >= 0.6" + - "PyYAML >= 3.11" +''' + +EXAMPLES = ''' +# File must be named openshift.yaml or openshift.yml + +# Authenticate with token, and return all pods and services for all namespaces +plugin: openshift +connections: + - host: https://192.168.64.4:8443 + api_key: xxxxxxxxxxxxxxxx + verify_ssl: false + +# Use default config (~/.kube/config) file and active context, and return objects for a specific namespace +plugin: openshift +connections: + - namespaces: + - testing + +# Use a custom config file, and a specific context. +plugin: openshift +connections: + - kubeconfig: /path/to/config + context: 'awx/192-168-64-4:8443/developer' +''' + +from ansible.plugins.inventory.k8s import K8sInventoryException, InventoryModule as K8sInventoryModule, format_dynamic_api_exc + +try: + from openshift.dynamic.exceptions import DynamicApiError +except ImportError: + pass + + +class InventoryModule(K8sInventoryModule): + NAME = 'openshift' + + transport = 'oc' + + def fetch_objects(self, connections): + super(InventoryModule, self).fetch_objects(connections) + + if connections: + if not isinstance(connections, list): + raise K8sInventoryException("Expecting connections to be a list.") + + for connection in connections: + client = self.get_api_client(**connection) + name = connection.get('name', self.get_default_host_name(client.configuration.host)) + if connection.get('namespaces'): + namespaces = connection['namespaces'] + else: + namespaces = self.get_available_namespaces(client) + for namespace in namespaces: + self.get_routes_for_namespace(client, name, namespace) + else: + client = self.get_api_client() + name = self.get_default_host_name(client.configuration.host) + namespaces = self.get_available_namespaces(client) + for namespace in namespaces: + self.get_routes_for_namespace(client, name, namespace) + + def get_routes_for_namespace(self, client, name, namespace): + v1_route = client.resources.get(api_version='v1', kind='Route') + try: + obj = v1_route.get(namespace=namespace) + except DynamicApiError as exc: + self.display.debug(exc) + raise K8sInventoryException('Error fetching Routes list: %s' % format_dynamic_api_exc(exc)) + + namespace_group = 'namespace_{0}'.format(namespace) + namespace_routes_group = '{0}_routes'.format(namespace_group) + + self.inventory.add_group(name) + self.inventory.add_group(namespace_group) + self.inventory.add_child(name, namespace_group) + self.inventory.add_group(namespace_routes_group) + self.inventory.add_child(namespace_group, namespace_routes_group) + for route in obj.items: + route_name = route.metadata.name + route_annotations = {} if not route.metadata.annotations else dict(route.metadata.annotations) + + self.inventory.add_host(route_name) + + if route.metadata.labels: + # create a group for each label_value + for key, value in route.metadata.labels: + group_name = 'label_{0}_{1}'.format(key, value) + self.inventory.add_group(group_name) + self.inventory.add_child(group_name, route_name) + route_labels = dict(route.metadata.labels) + else: + route_labels = {} + + self.inventory.add_child(namespace_routes_group, route_name) + + # add hostvars + self.inventory.set_variable(route_name, 'labels', route_labels) + self.inventory.set_variable(route_name, 'annotations', route_annotations) + self.inventory.set_variable(route_name, 'cluster_name', route.metadata.clusterName) + self.inventory.set_variable(route_name, 'object_type', 'route') + self.inventory.set_variable(route_name, 'self_link', route.metadata.selfLink) + self.inventory.set_variable(route_name, 'resource_version', route.metadata.resourceVersion) + self.inventory.set_variable(route_name, 'uid', route.metadata.uid) + + if route.spec.host: + self.inventory.set_variable(route_name, 'host', route.spec.host) + + if route.spec.path: + self.inventory.set_variable(route_name, 'path', route.spec.path) + + if hasattr(route.spec.port, 'targetPort') and route.spec.port.targetPort: + self.inventory.set_variable(route_name, 'port', dict(route.spec.port)) diff --git a/plugins/lookup/k8s.py b/plugins/lookup/k8s.py new file mode 100644 index 00000000..be7bf91d --- /dev/null +++ b/plugins/lookup/k8s.py @@ -0,0 +1,299 @@ +# +# Copyright 2018 Red Hat | Ansible +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . + +from __future__ import (absolute_import, division, print_function) + +__metaclass__ = type + +DOCUMENTATION = """ + lookup: k8s + + version_added: "2.5" + + short_description: Query the K8s API + + description: + - Uses the OpenShift Python client to fetch a specific object by name, all matching objects within a + namespace, or all matching objects for all namespaces, as well as information about the cluster. + - Provides access the full range of K8s APIs. + - Enables authentication via config file, certificates, password or token. + + options: + cluster_info: + description: + - Use to specify the type of cluster information you are attempting to retrieve. Will take priority + over all the other options. + api_version: + description: + - Use to specify the API version. If I(resource definition) is provided, the I(apiVersion) from the + I(resource_definition) will override this option. + default: v1 + kind: + description: + - Use to specify an object model. If I(resource definition) is provided, the I(kind) from a + I(resource_definition) will override this option. + required: true + resource_name: + description: + - Fetch a specific object by name. If I(resource definition) is provided, the I(metadata.name) value + from the I(resource_definition) will override this option. + namespace: + description: + - Limit the objects returned to a specific namespace. If I(resource definition) is provided, the + I(metadata.namespace) value from the I(resource_definition) will override this option. + label_selector: + description: + - Additional labels to include in the query. Ignored when I(resource_name) is provided. + field_selector: + description: + - Specific fields on which to query. Ignored when I(resource_name) is provided. + resource_definition: + description: + - "Provide a YAML configuration for an object. NOTE: I(kind), I(api_version), I(resource_name), + and I(namespace) will be overwritten by corresponding values found in the provided I(resource_definition)." + src: + description: + - "Provide a path to a file containing a valid YAML definition of an object dated. Mutually + exclusive with I(resource_definition). NOTE: I(kind), I(api_version), I(resource_name), and I(namespace) + will be overwritten by corresponding values found in the configuration read in from the I(src) file." + - Reads from the local file system. To read from the Ansible controller's file system, use the file lookup + plugin or template lookup plugin, combined with the from_yaml filter, and pass the result to + I(resource_definition). See Examples below. + host: + description: + - Provide a URL for accessing the API. Can also be specified via K8S_AUTH_HOST environment variable. + api_key: + description: + - Token used to authenticate with the API. Can also be specified via K8S_AUTH_API_KEY environment variable. + kubeconfig: + description: + - Path to an existing Kubernetes config file. If not provided, and no other connection + options are provided, the openshift client will attempt to load the default + configuration file from I(~/.kube/config.json). Can also be specified via K8S_AUTH_KUBECONFIG environment + variable. + context: + description: + - The name of a context found in the config file. Can also be specified via K8S_AUTH_CONTEXT environment + variable. + username: + description: + - Provide a username for authenticating with the API. Can also be specified via K8S_AUTH_USERNAME environment + variable. + password: + description: + - Provide a password for authenticating with the API. Can also be specified via K8S_AUTH_PASSWORD environment + variable. + client_cert: + description: + - Path to a certificate used to authenticate with the API. Can also be specified via K8S_AUTH_CERT_FILE + environment + variable. + aliases: [ cert_file ] + client_key: + description: + - Path to a key file used to authenticate with the API. Can also be specified via K8S_AUTH_KEY_FILE environment + variable. + aliases: [ key_file ] + ca_cert: + description: + - Path to a CA certificate used to authenticate with the API. Can also be specified via K8S_AUTH_SSL_CA_CERT + environment variable. + aliases: [ ssl_ca_cert ] + validate_certs: + description: + - Whether or not to verify the API server's SSL certificates. Can also be specified via K8S_AUTH_VERIFY_SSL + environment variable. + type: bool + aliases: [ verify_ssl ] + + requirements: + - "python >= 2.7" + - "openshift >= 0.6" + - "PyYAML >= 3.11" + + notes: + - "The OpenShift Python client wraps the K8s Python client, providing full access to + all of the APIS and models available on both platforms. For API version details and + additional information visit https://github.com/openshift/openshift-restclient-python" +""" + +EXAMPLES = """ +- name: Fetch a list of namespaces + set_fact: + projects: "{{ lookup('k8s', api_version='v1', kind='Namespace') }}" + +- name: Fetch all deployments + set_fact: + deployments: "{{ lookup('k8s', kind='Deployment') }}" + +- name: Fetch all deployments in a namespace + set_fact: + deployments: "{{ lookup('k8s', kind='Deployment', namespace='testing') }}" + +- name: Fetch a specific deployment by name + set_fact: + deployments: "{{ lookup('k8s', kind='Deployment', namespace='testing', resource_name='elastic') }}" + +- name: Fetch with label selector + set_fact: + service: "{{ lookup('k8s', kind='Service', label_selector='app=galaxy') }}" + +# Use parameters from a YAML config + +- name: Load config from the Ansible controller filesystem + set_fact: + config: "{{ lookup('file', 'service.yml') | from_yaml }}" + +- name: Using the config (loaded from a file in prior task), fetch the latest version of the object + set_fact: + service: "{{ lookup('k8s', resource_definition=config) }}" + +- name: Use a config from the local filesystem + set_fact: + service: "{{ lookup('k8s', src='service.yml') }}" +""" + +RETURN = """ + _list: + description: + - One ore more object definitions returned from the API. + type: complex + contains: + api_version: + description: The versioned schema of this representation of an object. + returned: success + type: str + kind: + description: Represents the REST resource this object represents. + returned: success + type: str + metadata: + description: Standard object metadata. Includes name, namespace, annotations, labels, etc. + returned: success + type: complex + spec: + description: Specific attributes of the object. Will vary based on the I(api_version) and I(kind). + returned: success + type: complex + status: + description: Current status details for the object. + returned: success + type: complex +""" + +from ansible.plugins.lookup import LookupBase + +from ansible_collections.community.kubernetes.plugins.module_utils.common import K8sAnsibleMixin + +from ansible.errors import AnsibleError + + +try: + from openshift.dynamic import DynamicClient + from openshift.dynamic.exceptions import NotFoundError + HAS_K8S_MODULE_HELPER = True + k8s_import_exception = None +except ImportError as e: + HAS_K8S_MODULE_HELPER = False + k8s_import_exception = e + +try: + import yaml + HAS_YAML = True +except ImportError: + HAS_YAML = False + + +class KubernetesLookup(K8sAnsibleMixin): + + def __init__(self): + + if not HAS_K8S_MODULE_HELPER: + raise Exception( + "Requires the OpenShift Python client. Try `pip install openshift`. Detail: {0}".format(k8s_import_exception) + ) + + if not HAS_YAML: + raise Exception( + "Requires PyYAML. Try `pip install PyYAML`" + ) + + self.kind = None + self.name = None + self.namespace = None + self.api_version = None + self.label_selector = None + self.field_selector = None + self.include_uninitialized = None + self.resource_definition = None + self.helper = None + self.connection = {} + + def fail(self, msg=None): + raise AnsibleError(msg) + + def run(self, terms, variables=None, **kwargs): + self.params = kwargs + self.client = self.get_api_client() + + cluster_info = kwargs.get('cluster_info') + if cluster_info == 'version': + return [self.client.version] + if cluster_info == 'api_groups': + return [self.client.resources.api_groups] + + self.kind = kwargs.get('kind') + self.name = kwargs.get('resource_name') + self.namespace = kwargs.get('namespace') + self.api_version = kwargs.get('api_version', 'v1') + self.label_selector = kwargs.get('label_selector') + self.field_selector = kwargs.get('field_selector') + self.include_uninitialized = kwargs.get('include_uninitialized', False) + + resource_definition = kwargs.get('resource_definition') + src = kwargs.get('src') + if src: + resource_definition = self.load_resource_definitions(src)[0] + if resource_definition: + self.kind = resource_definition.get('kind', self.kind) + self.api_version = resource_definition.get('apiVersion', self.api_version) + self.name = resource_definition.get('metadata', {}).get('name', self.name) + self.namespace = resource_definition.get('metadata', {}).get('namespace', self.namespace) + + if not self.kind: + raise AnsibleError( + "Error: no Kind specified. Use the 'kind' parameter, or provide an object YAML configuration " + "using the 'resource_definition' parameter." + ) + + resource = self.find_resource(self.kind, self.api_version, fail=True) + try: + k8s_obj = resource.get(name=self.name, namespace=self.namespace, label_selector=self.label_selector, field_selector=self.field_selector) + except NotFoundError: + return [] + + if self.name: + return [k8s_obj.to_dict()] + + return k8s_obj.to_dict().get('items') + + +class LookupModule(LookupBase): + + def run(self, terms, variables=None, **kwargs): + return KubernetesLookup().run(terms, variables=variables, **kwargs) diff --git a/plugins/module_utils/__init__.py b/plugins/module_utils/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/plugins/module_utils/common.py b/plugins/module_utils/common.py new file mode 100644 index 00000000..6de6f478 --- /dev/null +++ b/plugins/module_utils/common.py @@ -0,0 +1,289 @@ +# Copyright 2018 Red Hat | Ansible +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + +import copy +import json +import os +import traceback + + +from ansible.module_utils.basic import AnsibleModule, missing_required_lib +from ansible.module_utils.common.dict_transformations import recursive_diff +from ansible.module_utils.six import iteritems, string_types +from ansible.module_utils._text import to_native + +K8S_IMP_ERR = None +try: + import kubernetes + import openshift + from openshift.dynamic import DynamicClient + from openshift.dynamic.exceptions import ResourceNotFoundError, ResourceNotUniqueError + HAS_K8S_MODULE_HELPER = True + k8s_import_exception = None +except ImportError as e: + HAS_K8S_MODULE_HELPER = False + k8s_import_exception = e + K8S_IMP_ERR = traceback.format_exc() + +YAML_IMP_ERR = None +try: + import yaml + HAS_YAML = True +except ImportError: + YAML_IMP_ERR = traceback.format_exc() + HAS_YAML = False + +try: + import urllib3 + urllib3.disable_warnings() +except ImportError: + pass + + +def list_dict_str(value): + if isinstance(value, list): + return value + elif isinstance(value, dict): + return value + elif isinstance(value, string_types): + return value + raise TypeError + + +ARG_ATTRIBUTES_BLACKLIST = ('property_path',) + +COMMON_ARG_SPEC = { + 'state': { + 'default': 'present', + 'choices': ['present', 'absent'], + }, + 'force': { + 'type': 'bool', + 'default': False, + }, + 'resource_definition': { + 'type': list_dict_str, + 'aliases': ['definition', 'inline'] + }, + 'src': { + 'type': 'path', + }, + 'kind': {}, + 'name': {}, + 'namespace': {}, + 'api_version': { + 'default': 'v1', + 'aliases': ['api', 'version'], + }, +} + +AUTH_ARG_SPEC = { + 'kubeconfig': { + 'type': 'path', + }, + 'context': {}, + 'host': {}, + 'api_key': { + 'no_log': True, + }, + 'username': {}, + 'password': { + 'no_log': True, + }, + 'validate_certs': { + 'type': 'bool', + 'aliases': ['verify_ssl'], + }, + 'ca_cert': { + 'type': 'path', + 'aliases': ['ssl_ca_cert'], + }, + 'client_cert': { + 'type': 'path', + 'aliases': ['cert_file'], + }, + 'client_key': { + 'type': 'path', + 'aliases': ['key_file'], + }, + 'proxy': { + 'type': 'str', + }, +} + +# Map kubernetes-client parameters to ansible parameters +AUTH_ARG_MAP = { + 'kubeconfig': 'kubeconfig', + 'context': 'context', + 'host': 'host', + 'api_key': 'api_key', + 'username': 'username', + 'password': 'password', + 'verify_ssl': 'validate_certs', + 'ssl_ca_cert': 'ca_cert', + 'cert_file': 'client_cert', + 'key_file': 'client_key', + 'proxy': 'proxy', +} + + +class K8sAnsibleMixin(object): + _argspec_cache = None + + @property + def argspec(self): + """ + Introspect the model properties, and return an Ansible module arg_spec dict. + :return: dict + """ + if self._argspec_cache: + return self._argspec_cache + argument_spec = copy.deepcopy(COMMON_ARG_SPEC) + argument_spec.update(copy.deepcopy(AUTH_ARG_SPEC)) + self._argspec_cache = argument_spec + return self._argspec_cache + + def get_api_client(self, **auth_params): + auth_params = auth_params or getattr(self, 'params', {}) + auth = {} + + # If authorization variables aren't defined, look for them in environment variables + for true_name, arg_name in AUTH_ARG_MAP.items(): + if auth_params.get(arg_name) is None: + env_value = os.getenv('K8S_AUTH_{0}'.format(arg_name.upper()), None) or os.getenv('K8S_AUTH_{0}'.format(true_name.upper()), None) + if env_value is not None: + if AUTH_ARG_SPEC[arg_name].get('type') == 'bool': + env_value = env_value.lower() not in ['0', 'false', 'no'] + auth[true_name] = env_value + else: + auth[true_name] = auth_params[arg_name] + + def auth_set(*names): + return all([auth.get(name) for name in names]) + + if auth_set('username', 'password', 'host') or auth_set('api_key', 'host'): + # We have enough in the parameters to authenticate, no need to load incluster or kubeconfig + pass + elif auth_set('kubeconfig') or auth_set('context'): + kubernetes.config.load_kube_config(auth.get('kubeconfig'), auth.get('context')) + else: + # First try to do incluster config, then kubeconfig + try: + kubernetes.config.load_incluster_config() + except kubernetes.config.ConfigException: + kubernetes.config.load_kube_config(auth.get('kubeconfig'), auth.get('context')) + + # Override any values in the default configuration with Ansible parameters + configuration = kubernetes.client.Configuration() + for key, value in iteritems(auth): + if key in AUTH_ARG_MAP.keys() and value is not None: + if key == 'api_key': + setattr(configuration, key, {'authorization': "Bearer {0}".format(value)}) + else: + setattr(configuration, key, value) + + kubernetes.client.Configuration.set_default(configuration) + return DynamicClient(kubernetes.client.ApiClient(configuration)) + + def find_resource(self, kind, api_version, fail=False): + for attribute in ['kind', 'name', 'singular_name']: + try: + return self.client.resources.get(**{'api_version': api_version, attribute: kind}) + except (ResourceNotFoundError, ResourceNotUniqueError): + pass + try: + return self.client.resources.get(api_version=api_version, short_names=[kind]) + except (ResourceNotFoundError, ResourceNotUniqueError): + if fail: + self.fail(msg='Failed to find exact match for {0}.{1} by [kind, name, singularName, shortNames]'.format(api_version, kind)) + + def kubernetes_facts(self, kind, api_version, name=None, namespace=None, label_selectors=None, field_selectors=None): + resource = self.find_resource(kind, api_version) + if not resource: + return dict(resources=[]) + try: + result = resource.get(name=name, + namespace=namespace, + label_selector=','.join(label_selectors), + field_selector=','.join(field_selectors)).to_dict() + except openshift.dynamic.exceptions.NotFoundError: + return dict(resources=[]) + + if 'items' in result: + return dict(resources=result['items']) + else: + return dict(resources=[result]) + + def remove_aliases(self): + """ + The helper doesn't know what to do with aliased keys + """ + for k, v in iteritems(self.argspec): + if 'aliases' in v: + for alias in v['aliases']: + if alias in self.params: + self.params.pop(alias) + + def load_resource_definitions(self, src): + """ Load the requested src path """ + result = None + path = os.path.normpath(src) + if not os.path.exists(path): + self.fail(msg="Error accessing {0}. Does the file exist?".format(path)) + try: + with open(path, 'r') as f: + result = list(yaml.safe_load_all(f)) + except (IOError, yaml.YAMLError) as exc: + self.fail(msg="Error loading resource_definition: {0}".format(exc)) + return result + + @staticmethod + def diff_objects(existing, new): + result = dict() + diff = recursive_diff(existing, new) + if diff: + result['before'] = diff[0] + result['after'] = diff[1] + return not diff, result + + +class KubernetesAnsibleModule(AnsibleModule, K8sAnsibleMixin): + resource_definition = None + api_version = None + kind = None + + def __init__(self, *args, **kwargs): + + kwargs['argument_spec'] = self.argspec + AnsibleModule.__init__(self, *args, **kwargs) + + if not HAS_K8S_MODULE_HELPER: + self.fail_json(msg=missing_required_lib('openshift'), exception=K8S_IMP_ERR, + error=to_native(k8s_import_exception)) + self.openshift_version = openshift.__version__ + + if not HAS_YAML: + self.fail_json(msg=missing_required_lib("PyYAML"), exception=YAML_IMP_ERR) + + def execute_module(self): + raise NotImplementedError() + + def fail(self, msg=None): + self.fail_json(msg=msg) diff --git a/plugins/module_utils/raw.py b/plugins/module_utils/raw.py new file mode 100644 index 00000000..32705282 --- /dev/null +++ b/plugins/module_utils/raw.py @@ -0,0 +1,515 @@ +# +# Copyright 2018 Red Hat | Ansible +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + +import copy +from datetime import datetime +from distutils.version import LooseVersion +import time +import sys +import traceback + +from ansible.module_utils.basic import missing_required_lib +from ansible_collections.community.kubernetes.plugins.module_utils.common import AUTH_ARG_SPEC, COMMON_ARG_SPEC +from ansible.module_utils.six import string_types +from ansible_collections.community.kubernetes.plugins.module_utils.common import KubernetesAnsibleModule +from ansible.module_utils.common.dict_transformations import dict_merge + + +try: + import yaml + from openshift.dynamic.exceptions import DynamicApiError, NotFoundError, ConflictError, ForbiddenError, KubernetesValidateMissing +except ImportError: + # Exceptions handled in common + pass + +try: + import kubernetes_validate + HAS_KUBERNETES_VALIDATE = True +except ImportError: + HAS_KUBERNETES_VALIDATE = False + +K8S_CONFIG_HASH_IMP_ERR = None +try: + from openshift.helper.hashes import generate_hash + HAS_K8S_CONFIG_HASH = True +except ImportError: + K8S_CONFIG_HASH_IMP_ERR = traceback.format_exc() + HAS_K8S_CONFIG_HASH = False + +HAS_K8S_APPLY = None +try: + from openshift.dynamic.apply import apply_object + HAS_K8S_APPLY = True +except ImportError: + HAS_K8S_APPLY = False + + +class KubernetesRawModule(KubernetesAnsibleModule): + + @property + def validate_spec(self): + return dict( + fail_on_error=dict(type='bool'), + version=dict(), + strict=dict(type='bool', default=True) + ) + + @property + def condition_spec(self): + return dict( + type=dict(), + status=dict(default=True, choices=[True, False, "Unknown"]), + reason=dict() + ) + + @property + def argspec(self): + argument_spec = copy.deepcopy(COMMON_ARG_SPEC) + argument_spec.update(copy.deepcopy(AUTH_ARG_SPEC)) + argument_spec['merge_type'] = dict(type='list', choices=['json', 'merge', 'strategic-merge']) + argument_spec['wait'] = dict(type='bool', default=False) + argument_spec['wait_sleep'] = dict(type='int', default=5) + argument_spec['wait_timeout'] = dict(type='int', default=120) + argument_spec['wait_condition'] = dict(type='dict', default=None, options=self.condition_spec) + argument_spec['validate'] = dict(type='dict', default=None, options=self.validate_spec) + argument_spec['append_hash'] = dict(type='bool', default=False) + argument_spec['apply'] = dict(type='bool', default=False) + return argument_spec + + def __init__(self, k8s_kind=None, *args, **kwargs): + self.client = None + self.warnings = [] + + mutually_exclusive = [ + ('resource_definition', 'src'), + ('merge_type', 'apply'), + ] + + KubernetesAnsibleModule.__init__(self, *args, + mutually_exclusive=mutually_exclusive, + supports_check_mode=True, + **kwargs) + self.kind = k8s_kind or self.params.get('kind') + self.api_version = self.params.get('api_version') + self.name = self.params.get('name') + self.namespace = self.params.get('namespace') + resource_definition = self.params.get('resource_definition') + validate = self.params.get('validate') + if validate: + if LooseVersion(self.openshift_version) < LooseVersion("0.8.0"): + self.fail_json(msg="openshift >= 0.8.0 is required for validate") + self.append_hash = self.params.get('append_hash') + if self.append_hash: + if not HAS_K8S_CONFIG_HASH: + self.fail_json(msg=missing_required_lib("openshift >= 0.7.2", reason="for append_hash"), + exception=K8S_CONFIG_HASH_IMP_ERR) + if self.params['merge_type']: + if LooseVersion(self.openshift_version) < LooseVersion("0.6.2"): + self.fail_json(msg=missing_required_lib("openshift >= 0.6.2", reason="for merge_type")) + self.apply = self.params.get('apply', False) + if self.apply: + if not HAS_K8S_APPLY: + self.fail_json(msg=missing_required_lib("openshift >= 0.9.2", reason="for apply")) + + if resource_definition: + if isinstance(resource_definition, string_types): + try: + self.resource_definitions = yaml.safe_load_all(resource_definition) + except (IOError, yaml.YAMLError) as exc: + self.fail(msg="Error loading resource_definition: {0}".format(exc)) + elif isinstance(resource_definition, list): + self.resource_definitions = resource_definition + else: + self.resource_definitions = [resource_definition] + src = self.params.get('src') + if src: + self.resource_definitions = self.load_resource_definitions(src) + try: + self.resource_definitions = [item for item in self.resource_definitions if item] + except AttributeError: + pass + + if not resource_definition and not src: + implicit_definition = dict( + kind=self.kind, + apiVersion=self.api_version, + metadata=dict(name=self.name) + ) + if self.namespace: + implicit_definition['metadata']['namespace'] = self.namespace + self.resource_definitions = [implicit_definition] + + def flatten_list_kind(self, list_resource, definitions): + flattened = [] + parent_api_version = list_resource.group_version if list_resource else None + parent_kind = list_resource.kind[:-4] if list_resource else None + for definition in definitions.get('items', []): + resource = self.find_resource(definition.get('kind', parent_kind), definition.get('apiVersion', parent_api_version), fail=True) + flattened.append((resource, self.set_defaults(resource, definition))) + return flattened + + def execute_module(self): + changed = False + results = [] + self.client = self.get_api_client() + + flattened_definitions = [] + for definition in self.resource_definitions: + kind = definition.get('kind', self.kind) + api_version = definition.get('apiVersion', self.api_version) + if kind.endswith('List'): + resource = self.find_resource(kind, api_version, fail=False) + flattened_definitions.extend(self.flatten_list_kind(resource, definition)) + else: + resource = self.find_resource(kind, api_version, fail=True) + flattened_definitions.append((resource, definition)) + + for (resource, definition) in flattened_definitions: + kind = definition.get('kind', self.kind) + api_version = definition.get('apiVersion', self.api_version) + definition = self.set_defaults(resource, definition) + self.warnings = [] + if self.params['validate'] is not None: + self.warnings = self.validate(definition) + result = self.perform_action(resource, definition) + result['warnings'] = self.warnings + changed = changed or result['changed'] + results.append(result) + + if len(results) == 1: + self.exit_json(**results[0]) + + self.exit_json(**{ + 'changed': changed, + 'result': { + 'results': results + } + }) + + def validate(self, resource): + def _prepend_resource_info(resource, msg): + return "%s %s: %s" % (resource['kind'], resource['metadata']['name'], msg) + + try: + warnings, errors = self.client.validate(resource, self.params['validate'].get('version'), self.params['validate'].get('strict')) + except KubernetesValidateMissing: + self.fail_json(msg="kubernetes-validate python library is required to validate resources") + + if errors and self.params['validate']['fail_on_error']: + self.fail_json(msg="\n".join([_prepend_resource_info(resource, error) for error in errors])) + else: + return [_prepend_resource_info(resource, msg) for msg in warnings + errors] + + def set_defaults(self, resource, definition): + definition['kind'] = resource.kind + definition['apiVersion'] = resource.group_version + metadata = definition.get('metadata', {}) + if self.name and not metadata.get('name'): + metadata['name'] = self.name + if resource.namespaced and self.namespace and not metadata.get('namespace'): + metadata['namespace'] = self.namespace + definition['metadata'] = metadata + return definition + + def perform_action(self, resource, definition): + result = {'changed': False, 'result': {}} + state = self.params.get('state', None) + force = self.params.get('force', False) + name = definition['metadata'].get('name') + namespace = definition['metadata'].get('namespace') + existing = None + wait = self.params.get('wait') + wait_sleep = self.params.get('wait_sleep') + wait_timeout = self.params.get('wait_timeout') + wait_condition = None + if self.params.get('wait_condition') and self.params['wait_condition'].get('type'): + wait_condition = self.params['wait_condition'] + + self.remove_aliases() + + try: + # ignore append_hash for resources other than ConfigMap and Secret + if self.append_hash and definition['kind'] in ['ConfigMap', 'Secret']: + name = '%s-%s' % (name, generate_hash(definition)) + definition['metadata']['name'] = name + params = dict(name=name) + if namespace: + params['namespace'] = namespace + existing = resource.get(**params) + except NotFoundError: + # Remove traceback so that it doesn't show up in later failures + try: + sys.exc_clear() + except AttributeError: + # no sys.exc_clear on python3 + pass + except ForbiddenError as exc: + if definition['kind'] in ['Project', 'ProjectRequest'] and state != 'absent': + return self.create_project_request(definition) + self.fail_json(msg='Failed to retrieve requested object: {0}'.format(exc.body), + error=exc.status, status=exc.status, reason=exc.reason) + except DynamicApiError as exc: + self.fail_json(msg='Failed to retrieve requested object: {0}'.format(exc.body), + error=exc.status, status=exc.status, reason=exc.reason) + + if state == 'absent': + result['method'] = "delete" + if not existing: + # The object already does not exist + return result + else: + # Delete the object + result['changed'] = True + if not self.check_mode: + try: + k8s_obj = resource.delete(**params) + result['result'] = k8s_obj.to_dict() + except DynamicApiError as exc: + self.fail_json(msg="Failed to delete object: {0}".format(exc.body), + error=exc.status, status=exc.status, reason=exc.reason) + if wait: + success, resource, duration = self.wait(resource, definition, wait_sleep, wait_timeout, 'absent') + result['duration'] = duration + if not success: + self.fail_json(msg="Resource deletion timed out", **result) + return result + else: + if self.apply: + if self.check_mode: + ignored, k8s_obj = apply_object(resource, definition) + else: + try: + k8s_obj = resource.apply(definition, namespace=namespace).to_dict() + except DynamicApiError as exc: + msg = "Failed to apply object: {0}".format(exc.body) + if self.warnings: + msg += "\n" + "\n ".join(self.warnings) + self.fail_json(msg=msg, error=exc.status, status=exc.status, reason=exc.reason) + success = True + result['result'] = k8s_obj + if wait: + success, result['result'], result['duration'] = self.wait(resource, definition, wait_sleep, wait_timeout, condition=wait_condition) + if existing: + existing = existing.to_dict() + else: + existing = {} + match, diffs = self.diff_objects(existing, result['result']) + result['changed'] = not match + result['diff'] = diffs + result['method'] = 'apply' + if not success: + self.fail_json(msg="Resource apply timed out", **result) + return result + + if not existing: + if self.check_mode: + k8s_obj = definition + else: + try: + k8s_obj = resource.create(definition, namespace=namespace).to_dict() + except ConflictError: + # Some resources, like ProjectRequests, can't be created multiple times, + # because the resources that they create don't match their kind + # In this case we'll mark it as unchanged and warn the user + self.warn("{0} was not found, but creating it returned a 409 Conflict error. This can happen \ + if the resource you are creating does not directly create a resource of the same kind.".format(name)) + return result + except DynamicApiError as exc: + msg = "Failed to create object: {0}".format(exc.body) + if self.warnings: + msg += "\n" + "\n ".join(self.warnings) + self.fail_json(msg=msg, error=exc.status, status=exc.status, reason=exc.reason) + success = True + result['result'] = k8s_obj + if wait and not self.check_mode: + success, result['result'], result['duration'] = self.wait(resource, definition, wait_sleep, wait_timeout, condition=wait_condition) + result['changed'] = True + result['method'] = 'create' + if not success: + self.fail_json(msg="Resource creation timed out", **result) + return result + + match = False + diffs = [] + + if existing and force: + if self.check_mode: + k8s_obj = definition + else: + try: + k8s_obj = resource.replace(definition, name=name, namespace=namespace, append_hash=self.append_hash).to_dict() + except DynamicApiError as exc: + msg = "Failed to replace object: {0}".format(exc.body) + if self.warnings: + msg += "\n" + "\n ".join(self.warnings) + self.fail_json(msg=msg, error=exc.status, status=exc.status, reason=exc.reason) + match, diffs = self.diff_objects(existing.to_dict(), k8s_obj) + success = True + result['result'] = k8s_obj + if wait: + success, result['result'], result['duration'] = self.wait(resource, definition, wait_sleep, wait_timeout, condition=wait_condition) + match, diffs = self.diff_objects(existing.to_dict(), result['result']) + result['changed'] = not match + result['method'] = 'replace' + result['diff'] = diffs + if not success: + self.fail_json(msg="Resource replacement timed out", **result) + return result + + # Differences exist between the existing obj and requested params + if self.check_mode: + k8s_obj = dict_merge(existing.to_dict(), definition) + else: + if LooseVersion(self.openshift_version) < LooseVersion("0.6.2"): + k8s_obj, error = self.patch_resource(resource, definition, existing, name, + namespace) + else: + for merge_type in self.params['merge_type'] or ['strategic-merge', 'merge']: + k8s_obj, error = self.patch_resource(resource, definition, existing, name, + namespace, merge_type=merge_type) + if not error: + break + if error: + self.fail_json(**error) + + success = True + result['result'] = k8s_obj + if wait: + success, result['result'], result['duration'] = self.wait(resource, definition, wait_sleep, wait_timeout, condition=wait_condition) + match, diffs = self.diff_objects(existing.to_dict(), result['result']) + result['changed'] = not match + result['method'] = 'patch' + result['diff'] = diffs + + if not success: + self.fail_json(msg="Resource update timed out", **result) + return result + + def patch_resource(self, resource, definition, existing, name, namespace, merge_type=None): + try: + params = dict(name=name, namespace=namespace) + if merge_type: + params['content_type'] = 'application/{0}-patch+json'.format(merge_type) + k8s_obj = resource.patch(definition, **params).to_dict() + match, diffs = self.diff_objects(existing.to_dict(), k8s_obj) + error = {} + return k8s_obj, {} + except DynamicApiError as exc: + msg = "Failed to patch object: {0}".format(exc.body) + if self.warnings: + msg += "\n" + "\n ".join(self.warnings) + error = dict(msg=msg, error=exc.status, status=exc.status, reason=exc.reason, warnings=self.warnings) + return None, error + + def create_project_request(self, definition): + definition['kind'] = 'ProjectRequest' + result = {'changed': False, 'result': {}} + resource = self.find_resource('ProjectRequest', definition['apiVersion'], fail=True) + if not self.check_mode: + try: + k8s_obj = resource.create(definition) + result['result'] = k8s_obj.to_dict() + except DynamicApiError as exc: + self.fail_json(msg="Failed to create object: {0}".format(exc.body), + error=exc.status, status=exc.status, reason=exc.reason) + result['changed'] = True + result['method'] = 'create' + return result + + def _wait_for(self, resource, name, namespace, predicate, sleep, timeout, state): + start = datetime.now() + + def _wait_for_elapsed(): + return (datetime.now() - start).seconds + + response = None + while _wait_for_elapsed() < timeout: + try: + response = resource.get(name=name, namespace=namespace) + if predicate(response): + if response: + return True, response.to_dict(), _wait_for_elapsed() + else: + return True, {}, _wait_for_elapsed() + time.sleep(sleep) + except NotFoundError: + if state == 'absent': + return True, {}, _wait_for_elapsed() + if response: + response = response.to_dict() + return False, response, _wait_for_elapsed() + + def wait(self, resource, definition, sleep, timeout, state='present', condition=None): + + def _deployment_ready(deployment): + # FIXME: frustratingly bool(deployment.status) is True even if status is empty + # Furthermore deployment.status.availableReplicas == deployment.status.replicas == None if status is empty + return (deployment.status and deployment.status.replicas is not None and + deployment.status.availableReplicas == deployment.status.replicas and + deployment.status.observedGeneration == deployment.metadata.generation) + + def _pod_ready(pod): + return (pod.status and pod.status.containerStatuses is not None and + all([container.ready for container in pod.status.containerStatuses])) + + def _daemonset_ready(daemonset): + return (daemonset.status and daemonset.status.desiredNumberScheduled is not None and + daemonset.status.numberReady == daemonset.status.desiredNumberScheduled and + daemonset.status.observedGeneration == daemonset.metadata.generation) + + def _custom_condition(resource): + if not resource.status or not resource.status.conditions: + return False + match = [x for x in resource.status.conditions if x.type == condition['type']] + if not match: + return False + # There should never be more than one condition of a specific type + match = match[0] + if match.status == 'Unknown': + if match.status == condition['status']: + if 'reason' not in condition: + return True + if condition['reason']: + return match.reason == condition['reason'] + return False + status = True if match.status == 'True' else False + if status == condition['status']: + if condition.get('reason'): + return match.reason == condition['reason'] + return True + return False + + def _resource_absent(resource): + return not resource + + waiter = dict( + Deployment=_deployment_ready, + DaemonSet=_daemonset_ready, + Pod=_pod_ready + ) + kind = definition['kind'] + if state == 'present' and not condition: + predicate = waiter.get(kind, lambda x: x) + elif state == 'present' and condition: + predicate = _custom_condition + else: + predicate = _resource_absent + return self._wait_for(resource, definition['metadata']['name'], definition['metadata'].get('namespace'), predicate, sleep, timeout, state) diff --git a/plugins/module_utils/scale.py b/plugins/module_utils/scale.py new file mode 100644 index 00000000..4b798bb2 --- /dev/null +++ b/plugins/module_utils/scale.py @@ -0,0 +1,244 @@ +# +# Copyright 2018 Red Hat | Ansible +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + +import copy +import math +import time + +from ansible_collections.community.kubernetes.plugins.module_utils.common import AUTH_ARG_SPEC, COMMON_ARG_SPEC +from ansible_collections.community.kubernetes.plugins.module_utils.common import KubernetesAnsibleModule +from ansible.module_utils.six import string_types + +try: + import yaml + from openshift import watch + from openshift.dynamic.client import ResourceInstance + from openshift.helper.exceptions import KubernetesException +except ImportError as exc: + class KubernetesException(Exception): + pass + + +SCALE_ARG_SPEC = { + 'replicas': {'type': 'int', 'required': True}, + 'current_replicas': {'type': 'int'}, + 'resource_version': {}, + 'wait': {'type': 'bool', 'default': True}, + 'wait_timeout': {'type': 'int', 'default': 20}, +} + + +class KubernetesAnsibleScaleModule(KubernetesAnsibleModule): + + def __init__(self, k8s_kind=None, *args, **kwargs): + self.client = None + self.warnings = [] + + mutually_exclusive = [ + ('resource_definition', 'src'), + ] + + KubernetesAnsibleModule.__init__(self, *args, + mutually_exclusive=mutually_exclusive, + supports_check_mode=True, + **kwargs) + self.kind = k8s_kind or self.params.get('kind') + self.api_version = self.params.get('api_version') + self.name = self.params.get('name') + self.namespace = self.params.get('namespace') + resource_definition = self.params.get('resource_definition') + + if resource_definition: + if isinstance(resource_definition, string_types): + try: + self.resource_definitions = yaml.safe_load_all(resource_definition) + except (IOError, yaml.YAMLError) as exc: + self.fail(msg="Error loading resource_definition: {0}".format(exc)) + elif isinstance(resource_definition, list): + self.resource_definitions = resource_definition + else: + self.resource_definitions = [resource_definition] + src = self.params.get('src') + if src: + self.resource_definitions = self.load_resource_definitions(src) + + if not resource_definition and not src: + implicit_definition = dict( + kind=self.kind, + apiVersion=self.api_version, + metadata=dict(name=self.name) + ) + if self.namespace: + implicit_definition['metadata']['namespace'] = self.namespace + self.resource_definitions = [implicit_definition] + + def execute_module(self): + definition = self.resource_definitions[0] + + self.client = self.get_api_client() + + name = definition['metadata']['name'] + namespace = definition['metadata'].get('namespace') + api_version = definition['apiVersion'] + kind = definition['kind'] + current_replicas = self.params.get('current_replicas') + replicas = self.params.get('replicas') + resource_version = self.params.get('resource_version') + + wait = self.params.get('wait') + wait_time = self.params.get('wait_timeout') + existing = None + existing_count = None + return_attributes = dict(changed=False, result=dict()) + + resource = self.find_resource(kind, api_version, fail=True) + + try: + existing = resource.get(name=name, namespace=namespace) + return_attributes['result'] = existing.to_dict() + except KubernetesException as exc: + self.fail_json(msg='Failed to retrieve requested object: {0}'.format(exc), + error=exc.value.get('status')) + + if self.kind == 'job': + existing_count = existing.spec.parallelism + elif hasattr(existing.spec, 'replicas'): + existing_count = existing.spec.replicas + + if existing_count is None: + self.fail_json(msg='Failed to retrieve the available count for the requested object.') + + if resource_version and resource_version != existing.metadata.resourceVersion: + self.exit_json(**return_attributes) + + if current_replicas is not None and existing_count != current_replicas: + self.exit_json(**return_attributes) + + if existing_count != replicas: + return_attributes['changed'] = True + if not self.check_mode: + if self.kind == 'job': + existing.spec.parallelism = replicas + k8s_obj = resource.patch(existing.to_dict()) + else: + k8s_obj = self.scale(resource, existing, replicas, wait, wait_time) + return_attributes['result'] = k8s_obj.to_dict() + + self.exit_json(**return_attributes) + + @property + def argspec(self): + args = copy.deepcopy(COMMON_ARG_SPEC) + args.pop('state') + args.pop('force') + args.update(AUTH_ARG_SPEC) + args.update(SCALE_ARG_SPEC) + return args + + def scale(self, resource, existing_object, replicas, wait, wait_time): + name = existing_object.metadata.name + namespace = existing_object.metadata.namespace + + if not hasattr(resource, 'scale'): + self.fail_json( + msg="Cannot perform scale on resource of kind {0}".format(resource.kind) + ) + + scale_obj = {'metadata': {'name': name, 'namespace': namespace}, 'spec': {'replicas': replicas}} + + return_obj = None + stream = None + + if wait: + w, stream = self._create_stream(resource, namespace, wait_time) + + try: + resource.scale.patch(body=scale_obj) + except Exception as exc: + self.fail_json( + msg="Scale request failed: {0}".format(exc) + ) + + if wait and stream is not None: + return_obj = self._read_stream(resource, w, stream, name, replicas) + + if not return_obj: + return_obj = self._wait_for_response(resource, name, namespace) + + return return_obj + + def _create_stream(self, resource, namespace, wait_time): + """ Create a stream of events for the object """ + w = None + stream = None + try: + w = watch.Watch() + w._api_client = self.client.client + if namespace: + stream = w.stream(resource.get, serialize=False, namespace=namespace, timeout_seconds=wait_time) + else: + stream = w.stream(resource.get, serialize=False, namespace=namespace, timeout_seconds=wait_time) + except KubernetesException: + pass + return w, stream + + def _read_stream(self, resource, watcher, stream, name, replicas): + """ Wait for ready_replicas to equal the requested number of replicas. """ + return_obj = None + try: + for event in stream: + if event.get('object'): + obj = ResourceInstance(resource, event['object']) + if obj.metadata.name == name and hasattr(obj, 'status'): + if replicas == 0: + if not hasattr(obj.status, 'readyReplicas') or not obj.status.readyReplicas: + return_obj = obj + watcher.stop() + break + if hasattr(obj.status, 'readyReplicas') and obj.status.readyReplicas == replicas: + return_obj = obj + watcher.stop() + break + except Exception as exc: + self.fail_json(msg="Exception reading event stream: {0}".format(exc)) + + if not return_obj: + self.fail_json(msg="Error fetching the patched object. Try a higher wait_timeout value.") + if replicas and return_obj.status.readyReplicas is None: + self.fail_json(msg="Failed to fetch the number of ready replicas. Try a higher wait_timeout value.") + if replicas and return_obj.status.readyReplicas != replicas: + self.fail_json(msg="Number of ready replicas is {0}. Failed to reach {1} ready replicas within " + "the wait_timeout period.".format(return_obj.status.ready_replicas, replicas)) + return return_obj + + def _wait_for_response(self, resource, name, namespace): + """ Wait for an API response """ + tries = 0 + half = math.ceil(20 / 2) + obj = None + + while tries <= half: + obj = resource.get(name=name, namespace=namespace) + if obj: + break + tries += 2 + time.sleep(2) + return obj diff --git a/plugins/modules/__init__.py b/plugins/modules/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/plugins/modules/k8s.py b/plugins/modules/k8s.py new file mode 100644 index 00000000..91646da2 --- /dev/null +++ b/plugins/modules/k8s.py @@ -0,0 +1,287 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# (c) 2018, Chris Houseknecht <@chouseknecht> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = ''' + +module: k8s + +short_description: Manage Kubernetes (K8s) objects + +version_added: "2.6" + +author: + - "Chris Houseknecht (@chouseknecht)" + - "Fabian von Feilitzsch (@fabianvf)" + +description: + - Use the OpenShift Python client to perform CRUD operations on K8s objects. + - Pass the object definition from a source file or inline. See examples for reading + files and using Jinja templates or vault-encrypted files. + - Access to the full range of K8s APIs. + - Use the M(k8s_info) module to obtain a list of items about an object of type C(kind) + - Authenticate using either a config file, certificates, password or token. + - Supports check mode. + +extends_documentation_fragment: + - community.kubernetes.k8s_state_options + - community.kubernetes.k8s_name_options + - community.kubernetes.k8s_resource_options + - community.kubernetes.k8s_auth_options + +notes: + - If your OpenShift Python library is not 0.9.0 or newer and you are trying to + remove an item from an associative array/dictionary, for example a label or + an annotation, you will need to explicitly set the value of the item to be + removed to `null`. Simply deleting the entry in the dictionary will not + remove it from openshift or kubernetes. + +options: + merge_type: + description: + - Whether to override the default patch merge approach with a specific type. By default, the strategic + merge will typically be used. + - For example, Custom Resource Definitions typically aren't updatable by the usual strategic merge. You may + want to use C(merge) if you see "strategic merge patch format is not supported" + - See U(https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment) + - Requires openshift >= 0.6.2 + - If more than one merge_type is given, the merge_types will be tried in order + - If openshift >= 0.6.2, this defaults to C(['strategic-merge', 'merge']), which is ideal for using the same parameters + on resource kinds that combine Custom Resources and built-in resources. For openshift < 0.6.2, the default + is simply C(strategic-merge). + - mutually exclusive with C(apply) + choices: + - json + - merge + - strategic-merge + type: list + version_added: "2.7" + wait: + description: + - Whether to wait for certain resource kinds to end up in the desired state. By default the module exits once Kubernetes has + received the request + - Implemented for C(state=present) for C(Deployment), C(DaemonSet) and C(Pod), and for C(state=absent) for all resource kinds. + - For resource kinds without an implementation, C(wait) returns immediately unless C(wait_condition) is set. + default: no + type: bool + version_added: "2.8" + wait_sleep: + description: + - Number of seconds to sleep between checks. + default: 5 + type: int + version_added: "2.9" + wait_timeout: + description: + - How long in seconds to wait for the resource to end up in the desired state. Ignored if C(wait) is not set. + default: 120 + type: int + version_added: "2.8" + wait_condition: + description: + - Specifies a custom condition on the status to wait for. Ignored if C(wait) is not set or is set to False. + suboptions: + type: + type: str + description: + - The type of condition to wait for. For example, the C(Pod) resource will set the C(Ready) condition (among others) + - Required if you are specifying a C(wait_condition). If left empty, the C(wait_condition) field will be ignored. + - The possible types for a condition are specific to each resource type in Kubernetes. See the API documentation of the status field + for a given resource to see possible choices. + status: + type: str + description: + - The value of the status field in your desired condition. + - For example, if a C(Deployment) is paused, the C(Progressing) C(type) will have the C(Unknown) status. + choices: + - True + - False + - Unknown + default: "True" + reason: + type: str + description: + - The value of the reason field in your desired condition + - For example, if a C(Deployment) is paused, The C(Progressing) c(type) will have the C(DeploymentPaused) reason. + - The possible reasons in a condition are specific to each resource type in Kubernetes. See the API documentation of the status field + for a given resource to see possible choices. + type: dict + version_added: "2.8" + validate: + description: + - how (if at all) to validate the resource definition against the kubernetes schema. + Requires the kubernetes-validate python module + suboptions: + fail_on_error: + description: whether to fail on validation errors. + type: bool + version: + description: version of Kubernetes to validate against. defaults to Kubernetes server version + type: str + strict: + description: whether to fail when passing unexpected properties + default: True + type: bool + type: dict + version_added: "2.8" + append_hash: + description: + - Whether to append a hash to a resource name for immutability purposes + - Applies only to ConfigMap and Secret resources + - The parameter will be silently ignored for other resource kinds + - The full definition of an object is needed to generate the hash - this means that deleting an object created with append_hash + will only work if the same object is passed with state=absent (alternatively, just use state=absent with the name including + the generated hash and append_hash=no) + type: bool + version_added: "2.8" + apply: + description: + - C(apply) compares the desired resource definition with the previously supplied resource definition, + ignoring properties that are automatically generated + - C(apply) works better with Services than 'force=yes' + - mutually exclusive with C(merge_type) + type: bool + version_added: "2.9" + +requirements: + - "python >= 2.7" + - "openshift >= 0.6" + - "PyYAML >= 3.11" +''' + +EXAMPLES = ''' +- name: Create a k8s namespace + k8s: + name: testing + api_version: v1 + kind: Namespace + state: present + +- name: Create a Service object from an inline definition + k8s: + state: present + definition: + apiVersion: v1 + kind: Service + metadata: + name: web + namespace: testing + labels: + app: galaxy + service: web + spec: + selector: + app: galaxy + service: web + ports: + - protocol: TCP + targetPort: 8000 + name: port-8000-tcp + port: 8000 + +- name: Create a Service object by reading the definition from a file + k8s: + state: present + src: /testing/service.yml + +- name: Remove an existing Service object + k8s: + state: absent + api_version: v1 + kind: Service + namespace: testing + name: web + +# Passing the object definition from a file + +- name: Create a Deployment by reading the definition from a local file + k8s: + state: present + src: /testing/deployment.yml + +- name: >- + Read definition file from the Ansible controller file system. + If the definition file has been encrypted with Ansible Vault it will automatically be decrypted. + k8s: + state: present + definition: "{{ lookup('file', '/testing/deployment.yml') }}" + +- name: Read definition file from the Ansible controller file system after Jinja templating + k8s: + state: present + definition: "{{ lookup('template', '/testing/deployment.yml') }}" + +- name: fail on validation errors + k8s: + state: present + definition: "{{ lookup('template', '/testing/deployment.yml') }}" + validate: + fail_on_error: yes + +- name: warn on validation errors, check for unexpected properties + k8s: + state: present + definition: "{{ lookup('template', '/testing/deployment.yml') }}" + validate: + fail_on_error: no + strict: yes +''' + +RETURN = ''' +result: + description: + - The created, patched, or otherwise present object. Will be empty in the case of a deletion. + returned: success + type: complex + contains: + api_version: + description: The versioned schema of this representation of an object. + returned: success + type: str + kind: + description: Represents the REST resource this object represents. + returned: success + type: str + metadata: + description: Standard object metadata. Includes name, namespace, annotations, labels, etc. + returned: success + type: complex + spec: + description: Specific attributes of the object. Will vary based on the I(api_version) and I(kind). + returned: success + type: complex + status: + description: Current status details for the object. + returned: success + type: complex + items: + description: Returned only when multiple yaml documents are passed to src or resource_definition + returned: when resource_definition or src contains list of objects + type: list + duration: + description: elapsed time of task in seconds + returned: when C(wait) is true + type: int + sample: 48 +''' + +from ansible_collections.community.kubernetes.plugins.module_utils.raw import KubernetesRawModule + + +def main(): + KubernetesRawModule().execute_module() + + +if __name__ == '__main__': + main() diff --git a/plugins/modules/k8s_auth.py b/plugins/modules/k8s_auth.py new file mode 100644 index 00000000..f735157b --- /dev/null +++ b/plugins/modules/k8s_auth.py @@ -0,0 +1,342 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2018, KubeVirt Team <@kubevirt> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = ''' + +module: k8s_auth + +short_description: Authenticate to Kubernetes clusters which require an explicit login step + +version_added: "2.8" + +author: KubeVirt Team (@kubevirt) + +description: + - "This module handles authenticating to Kubernetes clusters requiring I(explicit) authentication procedures, + meaning ones where a client logs in (obtains an authentication token), performs API operations using said + token and then logs out (revokes the token). An example of a Kubernetes distribution requiring this module + is OpenShift." + - "On the other hand a popular configuration for username+password authentication is one utilizing HTTP Basic + Auth, which does not involve any additional login/logout steps (instead login credentials can be attached + to each and every API call performed) and as such is handled directly by the C(k8s) module (and other + resource–specific modules) by utilizing the C(host), C(username) and C(password) parameters. Please + consult your preferred module's documentation for more details." + +options: + state: + description: + - If set to I(present) connect to the API server using the URL specified in C(host) and attempt to log in. + - If set to I(absent) attempt to log out by revoking the authentication token specified in C(api_key). + default: present + choices: + - present + - absent + type: str + host: + description: + - Provide a URL for accessing the API server. + required: true + type: str + username: + description: + - Provide a username for authenticating with the API server. + type: str + password: + description: + - Provide a password for authenticating with the API server. + type: str + ca_cert: + description: + - "Path to a CA certificate file used to verify connection to the API server. The full certificate chain + must be provided to avoid certificate validation errors." + aliases: [ ssl_ca_cert ] + type: path + validate_certs: + description: + - "Whether or not to verify the API server's SSL certificates." + type: bool + default: true + aliases: [ verify_ssl ] + api_key: + description: + - When C(state) is set to I(absent), this specifies the token to revoke. + type: str + +requirements: + - python >= 2.7 + - urllib3 + - requests + - requests-oauthlib +''' + +EXAMPLES = ''' +- hosts: localhost + module_defaults: + group/k8s: + host: https://k8s.example.com/ + ca_cert: ca.pem + tasks: + - block: + # It's good practice to store login credentials in a secure vault and not + # directly in playbooks. + - include_vars: k8s_passwords.yml + + - name: Log in (obtain access token) + k8s_auth: + username: admin + password: "{{ k8s_admin_password }}" + register: k8s_auth_results + + # Previous task provides the token/api_key, while all other parameters + # are taken from module_defaults + - name: Get a list of all pods from any namespace + k8s_info: + api_key: "{{ k8s_auth_results.k8s_auth.api_key }}" + kind: Pod + register: pod_list + + always: + - name: If login succeeded, try to log out (revoke access token) + when: k8s_auth_results.k8s_auth.api_key is defined + k8s_auth: + state: absent + api_key: "{{ k8s_auth_results.k8s_auth.api_key }}" +''' + +# Returned value names need to match k8s modules parameter names, to make it +# easy to pass returned values of k8s_auth to other k8s modules. +# Discussion: https://github.com/ansible/ansible/pull/50807#discussion_r248827899 +RETURN = ''' +k8s_auth: + description: Kubernetes authentication facts. + returned: success + type: complex + contains: + api_key: + description: Authentication token. + returned: success + type: str + host: + description: URL for accessing the API server. + returned: success + type: str + ca_cert: + description: Path to a CA certificate file used to verify connection to the API server. + returned: success + type: str + validate_certs: + description: "Whether or not to verify the API server's SSL certificates." + returned: success + type: bool + username: + description: Username for authenticating with the API server. + returned: success + type: str +''' + + +import traceback + +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.six.moves.urllib_parse import urlparse, parse_qs, urlencode + +# 3rd party imports +try: + import requests + HAS_REQUESTS = True +except ImportError: + HAS_REQUESTS = False + +try: + from requests_oauthlib import OAuth2Session + HAS_REQUESTS_OAUTH = True +except ImportError: + HAS_REQUESTS_OAUTH = False + +try: + from urllib3.util import make_headers + HAS_URLLIB3 = True +except ImportError: + HAS_URLLIB3 = False + + +K8S_AUTH_ARG_SPEC = { + 'state': { + 'default': 'present', + 'choices': ['present', 'absent'], + }, + 'host': {'required': True}, + 'username': {}, + 'password': {'no_log': True}, + 'ca_cert': {'type': 'path', 'aliases': ['ssl_ca_cert']}, + 'validate_certs': { + 'type': 'bool', + 'default': True, + 'aliases': ['verify_ssl'] + }, + 'api_key': {'no_log': True}, +} + + +class KubernetesAuthModule(AnsibleModule): + def __init__(self): + AnsibleModule.__init__( + self, + argument_spec=K8S_AUTH_ARG_SPEC, + required_if=[ + ('state', 'present', ['username', 'password']), + ('state', 'absent', ['api_key']), + ] + ) + + if not HAS_REQUESTS: + self.fail("This module requires the python 'requests' package. Try `pip install requests`.") + + if not HAS_REQUESTS_OAUTH: + self.fail("This module requires the python 'requests-oauthlib' package. Try `pip install requests-oauthlib`.") + + if not HAS_URLLIB3: + self.fail("This module requires the python 'urllib3' package. Try `pip install urllib3`.") + + def execute_module(self): + state = self.params.get('state') + verify_ssl = self.params.get('validate_certs') + ssl_ca_cert = self.params.get('ca_cert') + + self.auth_username = self.params.get('username') + self.auth_password = self.params.get('password') + self.auth_api_key = self.params.get('api_key') + self.con_host = self.params.get('host') + + # python-requests takes either a bool or a path to a ca file as the 'verify' param + if verify_ssl and ssl_ca_cert: + self.con_verify_ca = ssl_ca_cert # path + else: + self.con_verify_ca = verify_ssl # bool + + # Get needed info to access authorization APIs + self.openshift_discover() + + if state == 'present': + new_api_key = self.openshift_login() + result = dict( + host=self.con_host, + validate_certs=verify_ssl, + ca_cert=ssl_ca_cert, + api_key=new_api_key, + username=self.auth_username, + ) + else: + self.openshift_logout() + result = dict() + + self.exit_json(changed=False, k8s_auth=result) + + def openshift_discover(self): + url = '{0}/.well-known/oauth-authorization-server'.format(self.con_host) + ret = requests.get(url, verify=self.con_verify_ca) + + if ret.status_code != 200: + self.fail_request("Couldn't find OpenShift's OAuth API", method='GET', url=url, + reason=ret.reason, status_code=ret.status_code) + + try: + oauth_info = ret.json() + + self.openshift_auth_endpoint = oauth_info['authorization_endpoint'] + self.openshift_token_endpoint = oauth_info['token_endpoint'] + except Exception as e: + self.fail_json(msg="Something went wrong discovering OpenShift OAuth details.", + exception=traceback.format_exc()) + + def openshift_login(self): + os_oauth = OAuth2Session(client_id='openshift-challenging-client') + authorization_url, state = os_oauth.authorization_url(self.openshift_auth_endpoint, + state="1", code_challenge_method='S256') + auth_headers = make_headers(basic_auth='{0}:{1}'.format(self.auth_username, self.auth_password)) + + # Request authorization code using basic auth credentials + ret = os_oauth.get( + authorization_url, + headers={'X-Csrf-Token': state, 'authorization': auth_headers.get('authorization')}, + verify=self.con_verify_ca, + allow_redirects=False + ) + + if ret.status_code != 302: + self.fail_request("Authorization failed.", method='GET', url=authorization_url, + reason=ret.reason, status_code=ret.status_code) + + # In here we have `code` and `state`, I think `code` is the important one + qwargs = {} + for k, v in parse_qs(urlparse(ret.headers['Location']).query).items(): + qwargs[k] = v[0] + qwargs['grant_type'] = 'authorization_code' + + # Using authorization code given to us in the Location header of the previous request, request a token + ret = os_oauth.post( + self.openshift_token_endpoint, + headers={ + 'Accept': 'application/json', + 'Content-Type': 'application/x-www-form-urlencoded', + # This is just base64 encoded 'openshift-challenging-client:' + 'Authorization': 'Basic b3BlbnNoaWZ0LWNoYWxsZW5naW5nLWNsaWVudDo=' + }, + data=urlencode(qwargs), + verify=self.con_verify_ca + ) + + if ret.status_code != 200: + self.fail_request("Failed to obtain an authorization token.", method='POST', + url=self.openshift_token_endpoint, + reason=ret.reason, status_code=ret.status_code) + + return ret.json()['access_token'] + + def openshift_logout(self): + url = '{0}/apis/oauth.openshift.io/v1/oauthaccesstokens/{1}'.format(self.con_host, self.auth_api_key) + headers = { + 'Accept': 'application/json', + 'Content-Type': 'application/json', + 'Authorization': 'Bearer {0}'.format(self.auth_api_key) + } + json = { + "apiVersion": "oauth.openshift.io/v1", + "kind": "DeleteOptions" + } + + ret = requests.delete(url, headers=headers, json=json, verify=self.con_verify_ca) + # Ignore errors, the token will time out eventually anyway + + def fail(self, msg=None): + self.fail_json(msg=msg) + + def fail_request(self, msg, **kwargs): + req_info = {} + for k, v in kwargs.items(): + req_info['req_' + k] = v + self.fail_json(msg=msg, **req_info) + + +def main(): + module = KubernetesAuthModule() + try: + module.execute_module() + except Exception as e: + module.fail_json(msg=str(e), exception=traceback.format_exc()) + + +if __name__ == '__main__': + main() diff --git a/plugins/modules/k8s_info.py b/plugins/modules/k8s_info.py new file mode 100644 index 00000000..c7db1c5b --- /dev/null +++ b/plugins/modules/k8s_info.py @@ -0,0 +1,185 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# (c) 2018, Will Thames <@willthames> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = ''' +module: k8s_info + +short_description: Describe Kubernetes (K8s) objects + +version_added: "2.7" + +author: + - "Will Thames (@willthames)" + +description: + - Use the OpenShift Python client to perform read operations on K8s objects. + - Access to the full range of K8s APIs. + - Authenticate using either a config file, certificates, password or token. + - Supports check mode. + - This module was called C(k8s_facts) before Ansible 2.9. The usage did not change. + +options: + api_version: + description: + - Use to specify the API version. in conjunction with I(kind), I(name), and I(namespace) to identify a + specific object. + default: v1 + aliases: + - api + - version + type: str + kind: + description: + - Use to specify an object model. Use in conjunction with I(api_version), I(name), and I(namespace) to identify a + specific object. + required: yes + type: str + name: + description: + - Use to specify an object name. Use in conjunction with I(api_version), I(kind) and I(namespace) to identify a + specific object. + type: str + namespace: + description: + - Use to specify an object namespace. Use in conjunction with I(api_version), I(kind), and I(name) + to identify a specific object. + type: str + label_selectors: + description: List of label selectors to use to filter results + type: list + field_selectors: + description: List of field selectors to use to filter results + type: list + +extends_documentation_fragment: + - community.kubernetes.k8s_auth_options + +requirements: + - "python >= 2.7" + - "openshift >= 0.6" + - "PyYAML >= 3.11" +''' + +EXAMPLES = ''' +- name: Get an existing Service object + k8s_info: + api_version: v1 + kind: Service + name: web + namespace: testing + register: web_service + +- name: Get a list of all service objects + k8s_info: + api_version: v1 + kind: Service + namespace: testing + register: service_list + +- name: Get a list of all pods from any namespace + k8s_info: + kind: Pod + register: pod_list + +- name: Search for all Pods labelled app=web + k8s_info: + kind: Pod + label_selectors: + - app = web + - tier in (dev, test) + +- name: Search for all running pods + k8s_info: + kind: Pod + field_selectors: + - status.phase=Running +''' + +RETURN = ''' +resources: + description: + - The object(s) that exists + returned: success + type: complex + contains: + api_version: + description: The versioned schema of this representation of an object. + returned: success + type: str + kind: + description: Represents the REST resource this object represents. + returned: success + type: str + metadata: + description: Standard object metadata. Includes name, namespace, annotations, labels, etc. + returned: success + type: dict + spec: + description: Specific attributes of the object. Will vary based on the I(api_version) and I(kind). + returned: success + type: dict + status: + description: Current status details for the object. + returned: success + type: dict +''' + + +from ansible_collections.community.kubernetes.plugins.module_utils.common import KubernetesAnsibleModule, AUTH_ARG_SPEC +import copy + + +class KubernetesInfoModule(KubernetesAnsibleModule): + + def __init__(self, *args, **kwargs): + KubernetesAnsibleModule.__init__(self, *args, + supports_check_mode=True, + **kwargs) + if self._name == 'k8s_facts': + self.deprecate("The 'k8s_facts' module has been renamed to 'k8s_info'", version='2.13') + + def execute_module(self): + self.client = self.get_api_client() + + self.exit_json(changed=False, + **self.kubernetes_facts(self.params['kind'], + self.params['api_version'], + self.params['name'], + self.params['namespace'], + self.params['label_selectors'], + self.params['field_selectors'])) + + @property + def argspec(self): + args = copy.deepcopy(AUTH_ARG_SPEC) + args.update( + dict( + kind=dict(required=True), + api_version=dict(default='v1', aliases=['api', 'version']), + name=dict(), + namespace=dict(), + label_selectors=dict(type='list', default=[]), + field_selectors=dict(type='list', default=[]), + ) + ) + return args + + +def main(): + KubernetesInfoModule().execute_module() + + +if __name__ == '__main__': + main() diff --git a/plugins/modules/k8s_scale.py b/plugins/modules/k8s_scale.py new file mode 100644 index 00000000..81dca908 --- /dev/null +++ b/plugins/modules/k8s_scale.py @@ -0,0 +1,129 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# (c) 2018, Chris Houseknecht <@chouseknecht> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + + +__metaclass__ = type + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = ''' + +module: k8s_scale + +short_description: Set a new size for a Deployment, ReplicaSet, Replication Controller, or Job. + +version_added: "2.5" + +author: + - "Chris Houseknecht (@chouseknecht)" + - "Fabian von Feilitzsch (@fabianvf)" + +description: + - Similar to the kubectl scale command. Use to set the number of replicas for a Deployment, ReplicaSet, + or Replication Controller, or the parallelism attribute of a Job. Supports check mode. + +extends_documentation_fragment: + - community.kubernetes.k8s_name_options + - community.kubernetes.k8s_auth_options + - community.kubernetes.k8s_resource_options + - community.kubernetes.k8s_scale_options + +requirements: + - "python >= 2.7" + - "openshift >= 0.6" + - "PyYAML >= 3.11" +''' + +EXAMPLES = ''' +- name: Scale deployment up, and extend timeout + k8s_scale: + api_version: v1 + kind: Deployment + name: elastic + namespace: myproject + replicas: 3 + wait_timeout: 60 + +- name: Scale deployment down when current replicas match + k8s_scale: + api_version: v1 + kind: Deployment + name: elastic + namespace: myproject + current_replicas: 3 + replicas: 2 + +- name: Increase job parallelism + k8s_scale: + api_version: batch/v1 + kind: job + name: pi-with-timeout + namespace: testing + replicas: 2 + +# Match object using local file or inline definition + +- name: Scale deployment based on a file from the local filesystem + k8s_scale: + src: /myproject/elastic_deployment.yml + replicas: 3 + wait: no + +- name: Scale deployment based on a template output + k8s_scale: + resource_definition: "{{ lookup('template', '/myproject/elastic_deployment.yml') | from_yaml }}" + replicas: 3 + wait: no + +- name: Scale deployment based on a file from the Ansible controller filesystem + k8s_scale: + resource_definition: "{{ lookup('file', '/myproject/elastic_deployment.yml') | from_yaml }}" + replicas: 3 + wait: no +''' + +RETURN = ''' +result: + description: + - If a change was made, will return the patched object, otherwise returns the existing object. + returned: success + type: complex + contains: + api_version: + description: The versioned schema of this representation of an object. + returned: success + type: str + kind: + description: Represents the REST resource this object represents. + returned: success + type: str + metadata: + description: Standard object metadata. Includes name, namespace, annotations, labels, etc. + returned: success + type: complex + spec: + description: Specific attributes of the object. Will vary based on the I(api_version) and I(kind). + returned: success + type: complex + status: + description: Current status details for the object. + returned: success + type: complex +''' + +from ansible_collections.community.kubernetes.plugins.module_utils.scale import KubernetesAnsibleScaleModule + + +def main(): + KubernetesAnsibleScaleModule().execute_module() + + +if __name__ == '__main__': + main() diff --git a/plugins/modules/k8s_service.py b/plugins/modules/k8s_service.py new file mode 100644 index 00000000..dc580019 --- /dev/null +++ b/plugins/modules/k8s_service.py @@ -0,0 +1,269 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2018, KubeVirt Team <@kubevirt> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = ''' + +module: k8s_service + +short_description: Manage Services on Kubernetes + +version_added: "2.8" + +author: KubeVirt Team (@kubevirt) + +description: + - Use Openshift Python SDK to manage Services on Kubernetes + +extends_documentation_fragment: + - community.kubernetes.k8s_auth_options + +options: + resource_definition: + description: + - A partial YAML definition of the Service object being created/updated. Here you can define Kubernetes + Service Resource parameters not covered by this module's parameters. + - "NOTE: I(resource_definition) has lower priority than module parameters. If you try to define e.g. + I(metadata.namespace) here, that value will be ignored and I(metadata) used instead." + aliases: + - definition + - inline + type: dict + state: + description: + - Determines if an object should be created, patched, or deleted. When set to C(present), an object will be + created, if it does not already exist. If set to C(absent), an existing object will be deleted. If set to + C(present), an existing object will be patched, if its attributes differ from those specified using + module options and I(resource_definition). + default: present + choices: + - present + - absent + type: str + force: + description: + - If set to C(True), and I(state) is C(present), an existing object will be replaced. + default: false + type: bool + merge_type: + description: + - Whether to override the default patch merge approach with a specific type. By default, the strategic + merge will typically be used. + - For example, Custom Resource Definitions typically aren't updatable by the usual strategic merge. You may + want to use C(merge) if you see "strategic merge patch format is not supported" + - See U(https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment) + - Requires openshift >= 0.6.2 + - If more than one merge_type is given, the merge_types will be tried in order + - If openshift >= 0.6.2, this defaults to C(['strategic-merge', 'merge']), which is ideal for using the same parameters + on resource kinds that combine Custom Resources and built-in resources. For openshift < 0.6.2, the default + is simply C(strategic-merge). + choices: + - json + - merge + - strategic-merge + type: list + name: + description: + - Use to specify a Service object name. + required: true + type: str + namespace: + description: + - Use to specify a Service object namespace. + required: true + type: str + type: + description: + - Specifies the type of Service to create. + - See U(https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) + choices: + - NodePort + - ClusterIP + - LoadBalancer + - ExternalName + type: str + ports: + description: + - A list of ports to expose. + - U(https://kubernetes.io/docs/concepts/services-networking/service/#multi-port-services) + type: list + selector: + description: + - Label selectors identify objects this Service should apply to. + - U(https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) + type: dict + +requirements: + - python >= 2.7 + - openshift >= 0.6.2 +''' + +EXAMPLES = ''' +- name: Expose https port with ClusterIP + k8s_service: + state: present + name: test-https + namespace: default + ports: + - port: 443 + protocol: TCP + selector: + key: special + +- name: Expose https port with ClusterIP using spec + k8s_service: + state: present + name: test-https + namespace: default + inline: + spec: + ports: + - port: 443 + protocol: TCP + selector: + key: special +''' + +RETURN = ''' +result: + description: + - The created, patched, or otherwise present Service object. Will be empty in the case of a deletion. + returned: success + type: complex + contains: + api_version: + description: The versioned schema of this representation of an object. + returned: success + type: str + kind: + description: Always 'Service'. + returned: success + type: str + metadata: + description: Standard object metadata. Includes name, namespace, annotations, labels, etc. + returned: success + type: complex + spec: + description: Specific attributes of the object. Will vary based on the I(api_version) and I(kind). + returned: success + type: complex + status: + description: Current status details for the object. + returned: success + type: complex +''' + +import copy +import traceback + +from collections import defaultdict + +from ansible_collections.community.kubernetes.plugins.module_utils.common import AUTH_ARG_SPEC, COMMON_ARG_SPEC +from ansible_collections.community.kubernetes.plugins.module_utils.raw import KubernetesRawModule + + +SERVICE_ARG_SPEC = { + 'state': { + 'default': 'present', + 'choices': ['present', 'absent'], + }, + 'force': { + 'type': 'bool', + 'default': False, + }, + 'resource_definition': { + 'type': 'dict', + 'aliases': ['definition', 'inline'] + }, + 'name': {'required': True}, + 'namespace': {'required': True}, + 'merge_type': {'type': 'list', 'choices': ['json', 'merge', 'strategic-merge']}, + 'selector': {'type': 'dict'}, + 'type': { + 'type': 'str', + 'choices': [ + 'NodePort', 'ClusterIP', 'LoadBalancer', 'ExternalName' + ], + }, + 'ports': {'type': 'list'}, +} + + +class KubernetesService(KubernetesRawModule): + def __init__(self, *args, **kwargs): + super(KubernetesService, self).__init__(*args, k8s_kind='Service', **kwargs) + + @staticmethod + def merge_dicts(x, y): + for k in set(x.keys()).union(y.keys()): + if k in x and k in y: + if isinstance(x[k], dict) and isinstance(y[k], dict): + yield (k, dict(KubernetesService.merge_dicts(x[k], y[k]))) + else: + yield (k, y[k]) + elif k in x: + yield (k, x[k]) + else: + yield (k, y[k]) + + @property + def argspec(self): + """ argspec property builder """ + argument_spec = copy.deepcopy(AUTH_ARG_SPEC) + argument_spec.update(SERVICE_ARG_SPEC) + return argument_spec + + def execute_module(self): + """ Module execution """ + self.client = self.get_api_client() + + api_version = 'v1' + selector = self.params.get('selector') + service_type = self.params.get('type') + ports = self.params.get('ports') + + definition = defaultdict(defaultdict) + + definition['kind'] = 'Service' + definition['apiVersion'] = api_version + + def_spec = definition['spec'] + def_spec['type'] = service_type + def_spec['ports'] = ports + def_spec['selector'] = selector + + def_meta = definition['metadata'] + def_meta['name'] = self.params.get('name') + def_meta['namespace'] = self.params.get('namespace') + + # 'resource_definition:' has lower priority than module parameters + definition = dict(self.merge_dicts(self.resource_definitions[0], definition)) + + resource = self.find_resource('Service', api_version, fail=True) + definition = self.set_defaults(resource, definition) + result = self.perform_action(resource, definition) + + self.exit_json(**result) + + +def main(): + module = KubernetesService() + try: + module.execute_module() + except Exception as e: + module.fail_json(msg=str(e), exception=traceback.format_exc()) + + +if __name__ == '__main__': + main() diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index be9925fe..00000000 --- a/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -https://github.com/openshift/openshift-restclient-python/archive/master.tar.gz#egg=openshift diff --git a/tasks/main.yml b/tasks/main.yml deleted file mode 100644 index 55c73ccf..00000000 --- a/tasks/main.yml +++ /dev/null @@ -1,10 +0,0 @@ -# tasks/main.yml ---- - -- name: Install latest openshift client - pip: - name: https://github.com/openshift/openshift-restclient-python/archive/master.tar.gz - state: latest - virtualenv: "{{ virtualenv }}" - when: install_python_requirements - diff --git a/tests/ansible.cfg b/tests/ansible.cfg deleted file mode 100644 index 914479ca..00000000 --- a/tests/ansible.cfg +++ /dev/null @@ -1,4 +0,0 @@ -[defaults] -command_warnings = False -system_warnings = False -deprecation_warnings = False diff --git a/tests/integration/targets/kubernetes/README.md b/tests/integration/targets/kubernetes/README.md new file mode 100644 index 00000000..2a09ca17 --- /dev/null +++ b/tests/integration/targets/kubernetes/README.md @@ -0,0 +1,19 @@ +Wait tests +---------- + +wait tests require at least one node, and don't work on the normal k8s +openshift-origin container as provided by ansible-test --docker -v k8s + +minikube, Kubernetes from Docker or any other Kubernetes service will +suffice. + +If kubectl is already using the right config file and context, you can +just do + +``` +cd tests/integration/targets/k8s +./runme.sh -vv +``` + +otherwise set one or both of `K8S_AUTH_KUBECONFIG` and `K8S_AUTH_CONTEXT` +and use the same command diff --git a/tests/integration/targets/kubernetes/aliases b/tests/integration/targets/kubernetes/aliases new file mode 100644 index 00000000..326e6910 --- /dev/null +++ b/tests/integration/targets/kubernetes/aliases @@ -0,0 +1,2 @@ +cloud/openshift +shippable/cloud/group1 diff --git a/tests/integration/targets/kubernetes/defaults/main.yml b/tests/integration/targets/kubernetes/defaults/main.yml new file mode 100644 index 00000000..68fde7c4 --- /dev/null +++ b/tests/integration/targets/kubernetes/defaults/main.yml @@ -0,0 +1,32 @@ +recreate_crd_default_merge_expectation: recreate_crd is not failed + +k8s_pod_metadata: + labels: + app: "{{ k8s_pod_name }}" + +k8s_pod_spec: + containers: + - image: "{{ k8s_pod_image }}" + imagePullPolicy: Always + name: "{{ k8s_pod_name }}" + command: "{{ k8s_pod_command }}" + readinessProbe: + initialDelaySeconds: 15 + exec: + command: + - /bin/true + resources: + limits: + cpu: "100m" + memory: "100Mi" + ports: "{{ k8s_pod_ports }}" + +k8s_pod_command: [] + +k8s_pod_ports: [] + +k8s_pod_template: + metadata: "{{ k8s_pod_metadata }}" + spec: "{{ k8s_pod_spec }}" + +k8s_openshift: yes diff --git a/tests/integration/targets/kubernetes/files/crd-resource.yml b/tests/integration/targets/kubernetes/files/crd-resource.yml new file mode 100644 index 00000000..9804d4d1 --- /dev/null +++ b/tests/integration/targets/kubernetes/files/crd-resource.yml @@ -0,0 +1,20 @@ +apiVersion: certmanager.k8s.io/v1alpha1 +kind: Certificate +metadata: + name: acme-crt +spec: + secretName: acme-crt-secret + dnsNames: + - foo.example.com + - bar.example.com + acme: + config: + - ingressClass: nginx + domains: + - foo.example.com + - bar.example.com + issuerRef: + name: letsencrypt-prod + # We can reference ClusterIssuers by changing the kind here. + # The default value is Issuer (i.e. a locally namespaced Issuer) + kind: Issuer diff --git a/tests/integration/targets/kubernetes/files/kuard-extra-property.yml b/tests/integration/targets/kubernetes/files/kuard-extra-property.yml new file mode 100644 index 00000000..2d5b7994 --- /dev/null +++ b/tests/integration/targets/kubernetes/files/kuard-extra-property.yml @@ -0,0 +1,21 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: kuard + name: kuard + namespace: default +spec: + replicas: 3 + selector: + matchLabels: + app: kuard + unwanted: value + template: + metadata: + labels: + app: kuard + spec: + containers: + - image: gcr.io/kuar-demo/kuard-amd64:1 + name: kuard diff --git a/tests/integration/targets/kubernetes/files/kuard-invalid-type.yml b/tests/integration/targets/kubernetes/files/kuard-invalid-type.yml new file mode 100644 index 00000000..7a5f73d9 --- /dev/null +++ b/tests/integration/targets/kubernetes/files/kuard-invalid-type.yml @@ -0,0 +1,20 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: kuard + name: kuard + namespace: default +spec: + replicas: hello + selector: + matchLabels: + app: kuard + template: + metadata: + labels: + app: kuard + spec: + containers: + - image: gcr.io/kuar-demo/kuard-amd64:1 + name: kuard diff --git a/tests/integration/targets/kubernetes/files/setup-crd.yml b/tests/integration/targets/kubernetes/files/setup-crd.yml new file mode 100644 index 00000000..a8e2d51e --- /dev/null +++ b/tests/integration/targets/kubernetes/files/setup-crd.yml @@ -0,0 +1,14 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: certificates.certmanager.k8s.io +spec: + group: certmanager.k8s.io + version: v1alpha1 + scope: Namespaced + names: + kind: Certificate + plural: certificates + shortNames: + - cert + - certs diff --git a/tests/integration/targets/kubernetes/handlers/main.yml b/tests/integration/targets/kubernetes/handlers/main.yml new file mode 100644 index 00000000..39872d74 --- /dev/null +++ b/tests/integration/targets/kubernetes/handlers/main.yml @@ -0,0 +1,5 @@ +- name: delete temporary directory + file: + path: "{{ remote_tmp_dir }}" + state: absent + no_log: yes diff --git a/tests/integration/targets/kubernetes/library/README.md b/tests/integration/targets/kubernetes/library/README.md new file mode 100644 index 00000000..ac312297 --- /dev/null +++ b/tests/integration/targets/kubernetes/library/README.md @@ -0,0 +1,3 @@ +# README + +The `test_tempfile.py` module added here is only used for the `setup_remote_tmp_dir.yml` temporary directory setup task. It is a clone of the `tempfile.py` community-supported Ansible module, and has to be included with the tests here because it is not available in the `ansible-base` distribution against which this collection is tested. diff --git a/tests/integration/targets/kubernetes/library/test_tempfile.py b/tests/integration/targets/kubernetes/library/test_tempfile.py new file mode 100644 index 00000000..868f37b4 --- /dev/null +++ b/tests/integration/targets/kubernetes/library/test_tempfile.py @@ -0,0 +1,120 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright: (c) 2016, Krzysztof Magosa +# Copyright: (c) 2017, Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = ''' +--- +module: test_tempfile +version_added: "2.3" +short_description: Creates temporary files and directories +description: + - The C(test_tempfile) module creates temporary files and directories. C(mktemp) command takes different parameters on various systems, this module helps + to avoid troubles related to that. Files/directories created by module are accessible only by creator. In case you need to make them world-accessible + you need to use M(file) module. + - For Windows targets, use the M(win_tempfile) module instead. +options: + state: + description: + - Whether to create file or directory. + type: str + choices: [ directory, file ] + default: file + path: + description: + - Location where temporary file or directory should be created. + - If path is not specified, the default system temporary directory will be used. + type: path + prefix: + description: + - Prefix of file/directory name created by module. + type: str + default: ansible. + suffix: + description: + - Suffix of file/directory name created by module. + type: str + default: "" +seealso: +- module: file +- module: win_tempfile +author: + - Krzysztof Magosa (@krzysztof-magosa) +''' + +EXAMPLES = """ +- name: create temporary build directory + test_tempfile: + state: directory + suffix: build + +- name: create temporary file + test_tempfile: + state: file + suffix: temp + register: tempfile_1 + +- name: use the registered var and the file module to remove the temporary file + file: + path: "{{ tempfile_1.path }}" + state: absent + when: tempfile_1.path is defined +""" + +RETURN = ''' +path: + description: Path to created file or directory + returned: success + type: str + sample: "/tmp/ansible.bMlvdk" +''' + +from os import close +from tempfile import mkstemp, mkdtemp +from traceback import format_exc + +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils._text import to_native + + +def main(): + module = AnsibleModule( + argument_spec=dict( + state=dict(type='str', default='file', choices=['file', 'directory']), + path=dict(type='path'), + prefix=dict(type='str', default='ansible.'), + suffix=dict(type='str', default=''), + ), + ) + + try: + if module.params['state'] == 'file': + handle, path = mkstemp( + prefix=module.params['prefix'], + suffix=module.params['suffix'], + dir=module.params['path'], + ) + close(handle) + elif module.params['state'] == 'directory': + path = mkdtemp( + prefix=module.params['prefix'], + suffix=module.params['suffix'], + dir=module.params['path'], + ) + + module.exit_json(changed=True, path=path) + except Exception as e: + module.fail_json(msg=to_native(e), exception=format_exc()) + + +if __name__ == '__main__': + main() diff --git a/tests/integration/targets/kubernetes/meta/main.yml b/tests/integration/targets/kubernetes/meta/main.yml new file mode 100644 index 00000000..32cf5dda --- /dev/null +++ b/tests/integration/targets/kubernetes/meta/main.yml @@ -0,0 +1 @@ +dependencies: [] diff --git a/tests/integration/targets/kubernetes/tasks/append_hash.yml b/tests/integration/targets/kubernetes/tasks/append_hash.yml new file mode 100644 index 00000000..876e876a --- /dev/null +++ b/tests/integration/targets/kubernetes/tasks/append_hash.yml @@ -0,0 +1,68 @@ +- block: + - name: Ensure that append_hash namespace exists + k8s: + kind: Namespace + name: append-hash + + - name: create k8s_resource variable + set_fact: + k8s_resource: + metadata: + name: config-map-test + namespace: append-hash + apiVersion: v1 + kind: ConfigMap + data: + hello: world + + - name: Create config map + k8s: + definition: "{{ k8s_resource }}" + append_hash: yes + register: k8s_configmap1 + + - name: check configmap is created with a hash + assert: + that: + - k8s_configmap1 is changed + - k8s_configmap1.result.metadata.name != 'config-map-test' + - k8s_configmap1.result.metadata.name[:-10] == 'config-map-test-' + + - name: recreate same config map + k8s: + definition: "{{ k8s_resource }}" + append_hash: yes + register: k8s_configmap2 + + - name: check configmaps are different + assert: + that: + - k8s_configmap2 is not changed + - k8s_configmap1.result.metadata.name == k8s_configmap2.result.metadata.name + + - name: add key to config map + k8s: + definition: + metadata: + name: config-map-test + namespace: append-hash + apiVersion: v1 + kind: ConfigMap + data: + hello: world + another: value + append_hash: yes + register: k8s_configmap3 + + - name: check configmaps are different + assert: + that: + - k8s_configmap3 is changed + - k8s_configmap1.result.metadata.name != k8s_configmap3.result.metadata.name + + always: + - name: ensure that namespace is removed + k8s: + kind: Namespace + name: append-hash + state: absent diff --git a/tests/integration/targets/kubernetes/tasks/apply.yml b/tests/integration/targets/kubernetes/tasks/apply.yml new file mode 100644 index 00000000..20ecd9c8 --- /dev/null +++ b/tests/integration/targets/kubernetes/tasks/apply.yml @@ -0,0 +1,192 @@ +- block: + # TODO: Not available in ansible-base + # - python_requirements_info: + # dependencies: + # - openshift + # - kubernetes + + - set_fact: + apply_namespace: apply + + - name: ensure namespace exists + k8s: + definition: + apiVersion: v1 + kind: Namespace + metadata: + name: "{{ apply_namespace }}" + + - name: add a configmap + k8s: + name: "apply-configmap" + namespace: "{{ apply_namespace }}" + definition: + kind: ConfigMap + apiVersion: v1 + data: + one: "1" + two: "2" + three: "3" + apply: yes + register: k8s_configmap + + - name: check configmap was created + assert: + that: + - k8s_configmap is changed + - k8s_configmap.result.metadata.annotations|default(False) + + - name: add same configmap again + k8s: + definition: + kind: ConfigMap + apiVersion: v1 + metadata: + name: "apply-configmap" + namespace: "{{ apply_namespace }}" + data: + one: "1" + two: "2" + three: "3" + apply: yes + register: k8s_configmap_2 + + - name: check nothing changed + assert: + that: + - k8s_configmap_2 is not changed + + - name: add same configmap again with check mode on + k8s: + definition: + kind: ConfigMap + apiVersion: v1 + metadata: + name: "apply-configmap" + namespace: "{{ apply_namespace }}" + data: + one: "1" + two: "2" + three: "3" + apply: yes + check_mode: yes + register: k8s_configmap_check + + - name: check nothing changed + assert: + that: + - k8s_configmap_check is not changed + + - name: add same configmap again but using name and namespace args + k8s: + name: "apply-configmap" + namespace: "{{ apply_namespace }}" + definition: + kind: ConfigMap + apiVersion: v1 + data: + one: "1" + two: "2" + three: "3" + apply: yes + register: k8s_configmap_2a + + - name: check nothing changed + assert: + that: + - k8s_configmap_2a is not changed + + - name: update configmap + k8s: + definition: + kind: ConfigMap + apiVersion: v1 + metadata: + name: "apply-configmap" + namespace: "{{ apply_namespace }}" + data: + one: "1" + three: "3" + four: "4" + apply: yes + register: k8s_configmap_3 + + - name: ensure that configmap has been correctly updated + assert: + that: + - k8s_configmap_3 is changed + - "'four' in k8s_configmap_3.result.data" + - "'two' not in k8s_configmap_3.result.data" + + - name: add a service + k8s: + definition: + apiVersion: v1 + kind: Service + metadata: + name: apply-svc + namespace: "{{ apply_namespace }}" + spec: + selector: + app: whatever + ports: + - name: http + port: 8080 + targetPort: 8080 + apply: yes + register: k8s_service + + - name: add exactly same service + k8s: + definition: + apiVersion: v1 + kind: Service + metadata: + name: apply-svc + namespace: "{{ apply_namespace }}" + spec: + selector: + app: whatever + ports: + - name: http + port: 8080 + targetPort: 8080 + apply: yes + register: k8s_service_2 + + - name: check nothing changed + assert: + that: + - k8s_service_2 is not changed + + - name: change service ports + k8s: + definition: + apiVersion: v1 + kind: Service + metadata: + name: apply-svc + namespace: "{{ apply_namespace }}" + spec: + selector: + app: whatever + ports: + - name: http + port: 8081 + targetPort: 8081 + apply: yes + register: k8s_service_3 + + - name: check ports are correct + assert: + that: + - k8s_service_3 is changed + - k8s_service_3.result.spec.ports | length == 1 + - k8s_service_3.result.spec.ports[0].port == 8081 + + always: + - name: remove namespace + k8s: + kind: Namespace + name: "{{ apply_namespace }}" + state: absent diff --git a/tests/integration/targets/kubernetes/tasks/crd.yml b/tests/integration/targets/kubernetes/tasks/crd.yml new file mode 100644 index 00000000..c9e47632 --- /dev/null +++ b/tests/integration/targets/kubernetes/tasks/crd.yml @@ -0,0 +1,71 @@ +# TODO: This is the only way I could get the kubeconfig, I don't know why. Running the lookup outside of debug seems to return an empty string +#- debug: msg={{ lookup('env', 'K8S_AUTH_KUBECONFIG') }} +# register: kubeconfig + +# Kubernetes resources + +- block: + - name: Create a namespace + k8s: + name: crd + kind: Namespace + + - name: install custom resource definitions + k8s: + definition: "{{ lookup('file', role_path + '/files/setup-crd.yml') }}" + + - name: pause 5 seconds to avoid race condition + pause: + seconds: 5 + + - name: create custom resource definition + k8s: + definition: "{{ lookup('file', role_path + '/files/crd-resource.yml') }}" + namespace: crd + apply: "{{ create_crd_with_apply | default(omit) }}" + register: create_crd + + - name: patch custom resource definition + k8s: + definition: "{{ lookup('file', role_path + '/files/crd-resource.yml') }}" + namespace: crd + register: recreate_crd + ignore_errors: yes + + - name: assert that recreating crd is as expected + assert: + that: + - recreate_crd_default_merge_expectation + + - block: + - name: recreate custom resource definition with merge_type + k8s: + definition: "{{ lookup('file', role_path + '/files/crd-resource.yml') }}" + merge_type: merge + namespace: crd + register: recreate_crd_with_merge + + - name: recreate custom resource definition with merge_type list + k8s: + definition: "{{ lookup('file', role_path + '/files/crd-resource.yml') }}" + merge_type: + - strategic-merge + - merge + namespace: crd + register: recreate_crd_with_merge_list + when: recreate_crd is successful + + + - name: remove crd + k8s: + definition: "{{ lookup('file', role_path + '/files/crd-resource.yml') }}" + namespace: crd + state: absent + + always: + - name: remove crd namespace + k8s: + kind: Namespace + name: crd + state: absent + ignore_errors: yes diff --git a/tests/integration/targets/kubernetes/tasks/delete.yml b/tests/integration/targets/kubernetes/tasks/delete.yml new file mode 100644 index 00000000..fef6e5e9 --- /dev/null +++ b/tests/integration/targets/kubernetes/tasks/delete.yml @@ -0,0 +1,101 @@ +- name: ensure that there are actually some nodes + k8s_info: + kind: Node + register: nodes + +- block: + - set_fact: + delete_namespace: delete + + - name: ensure namespace exists + k8s: + definition: + apiVersion: v1 + kind: Namespace + metadata: + name: "{{ delete_namespace }}" + + - name: add a daemonset + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: DaemonSet + metadata: + name: delete-daemonset + namespace: "{{ delete_namespace }}" + spec: + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + template: "{{ k8s_pod_template }}" + wait: yes + wait_timeout: 180 + vars: + k8s_pod_name: delete-ds + k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:1 + register: ds + + - name: check that daemonset wait worked + assert: + that: + - ds.result.status.currentNumberScheduled == ds.result.status.desiredNumberScheduled + + - name: check if pods exist + k8s_info: + namespace: "{{ delete_namespace }}" + kind: Pod + label_selectors: + - "app={{ k8s_pod_name }}" + vars: + k8s_pod_name: delete-ds + register: pods_create + + - name: assert that there are pods + assert: + that: + - pods_create.resources + + - name: remove the daemonset + k8s: + kind: DaemonSet + name: delete-daemonset + namespace: "{{ delete_namespace }}" + state: absent + wait: yes + + - name: show status of pods + k8s_info: + namespace: "{{ delete_namespace }}" + kind: Pod + label_selectors: + - "app={{ k8s_pod_name }}" + vars: + k8s_pod_name: delete-ds + + - name: wait for background deletion + pause: + seconds: 30 + + - name: check if pods still exist + k8s_info: + namespace: "{{ delete_namespace }}" + kind: Pod + label_selectors: + - "app={{ k8s_pod_name }}" + vars: + k8s_pod_name: delete-ds + register: pods_delete + + - name: assert that deleting the daemonset deleted the pods + assert: + that: + - not pods_delete.resources + + always: + - name: remove namespace + k8s: + kind: Namespace + name: "{{ delete_namespace }}" + state: absent + + when: (nodes.resources | length) > 0 diff --git a/tests/integration/targets/kubernetes/tasks/full_test.yml b/tests/integration/targets/kubernetes/tasks/full_test.yml new file mode 100644 index 00000000..fdf3d700 --- /dev/null +++ b/tests/integration/targets/kubernetes/tasks/full_test.yml @@ -0,0 +1,375 @@ +# TODO: This is the only way I could get the kubeconfig, I don't know why. Running the lookup outside of debug seems to return an empty string +#- debug: msg={{ lookup('env', 'K8S_AUTH_KUBECONFIG') }} +# register: kubeconfig + +# Kubernetes resources + +- include_tasks: delete.yml +- include_tasks: apply.yml +- include_tasks: waiter.yml + +- block: + - name: Create a namespace + k8s: + name: testing + kind: Namespace + register: output + + - name: show output + debug: + var: output + + - name: Setting validate_certs to true causes a failure + k8s: + name: testing + kind: Namespace + validate_certs: yes + ignore_errors: yes + register: output + + - name: assert that validate_certs caused a failure (and therefore was correctly translated to verify_ssl) + assert: + that: + - output is failed + + - name: k8s_info works with empty resources + k8s_info: + kind: Deployment + namespace: testing + api_version: extensions/v1beta1 + register: k8s_info + + - name: assert that k8s_info is in correct format + assert: + that: + - "'resources' in k8s_info" + - not k8s_info.resources + + - name: Create a service + k8s: + state: present + resource_definition: &svc + apiVersion: v1 + kind: Service + metadata: + name: web + namespace: testing + labels: + app: galaxy + service: web + spec: + selector: + app: galaxy + service: web + ports: + - protocol: TCP + targetPort: 8000 + name: port-8000-tcp + port: 8000 + register: output + + - name: show output + debug: + var: output + + - name: Create the service again + k8s: + state: present + resource_definition: *svc + register: output + + - name: Service creation should be idempotent + assert: + that: not output.changed + + - name: Create a ConfigMap + k8s: + kind: ConfigMap + name: test-force-update + namespace: testing + definition: + data: + key: value + + - name: Force update ConfigMap + k8s: + kind: ConfigMap + name: test-force-update + namespace: testing + definition: + data: + key: newvalue + force: yes + + - name: Create PVC + k8s: + state: present + inline: &pvc + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: elastic-volume + namespace: testing + spec: + resources: + requests: + storage: 5Gi + accessModes: + - ReadWriteOnce + + - name: Show output + debug: + var: output + + - name: Create the PVC again + k8s: + state: present + inline: *pvc + + - name: PVC creation should be idempotent + assert: + that: not output.changed + + - name: Create deployment + k8s: + state: present + inline: &deployment + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: elastic + labels: + app: galaxy + service: elastic + namespace: testing + spec: + template: + metadata: + labels: + app: galaxy + service: elastic + spec: + containers: + - name: elastic + volumeMounts: + - mountPath: /usr/share/elasticsearch/data + name: elastic-volume + command: ['elasticsearch'] + image: 'ansible/galaxy-elasticsearch:2.4.6' + volumes: + - name: elastic-volume + persistentVolumeClaim: + claimName: elastic-volume + replicas: 1 + strategy: + type: RollingUpdate + register: output + + - name: Show output + debug: + var: output + + - name: Create deployment again + k8s: + state: present + inline: *deployment + register: output + + - name: Deployment creation should be idempotent + assert: + that: not output.changed + + - debug: + var: k8s_openshift + + - include: openshift.yml + when: k8s_openshift | bool + + ### Type tests + - name: Create a namespace from a string + k8s: + definition: |+ + --- + kind: Namespace + apiVersion: v1 + metadata: + name: testing1 + + - name: Namespace should exist + k8s_info: + kind: Namespace + api_version: v1 + name: testing1 + register: k8s_info_testing1 + failed_when: not k8s_info_testing1.resources or k8s_info_testing1.resources[0].status.phase != "Active" + + - name: Create resources from a multidocument yaml string + k8s: + definition: |+ + --- + kind: Namespace + apiVersion: v1 + metadata: + name: testing2 + --- + kind: Namespace + apiVersion: v1 + metadata: + name: testing3 + + - name: Lookup namespaces + k8s_info: + api_version: v1 + kind: Namespace + name: "{{ item }}" + loop: + - testing2 + - testing3 + register: k8s_namespaces + + - name: Resources should exist + assert: + that: item.resources[0].status.phase == 'Active' + loop: "{{ k8s_namespaces.results }}" + + - name: Delete resources from a multidocument yaml string + k8s: + state: absent + definition: |+ + --- + kind: Namespace + apiVersion: v1 + metadata: + name: testing2 + --- + kind: Namespace + apiVersion: v1 + metadata: + name: testing3 + + - name: Lookup namespaces + k8s_info: + api_version: v1 + kind: Namespace + name: "{{ item }}" + loop: + - testing2 + - testing3 + register: k8s_namespaces + + - name: Resources should not exist + assert: + that: + - not item.resources or item.resources[0].status.phase == "Terminating" + loop: "{{ k8s_namespaces.results }}" + + - name: Create resources from a list + k8s: + definition: + - kind: Namespace + apiVersion: v1 + metadata: + name: testing4 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing5 + + - name: Lookup namespaces + k8s_info: + api_version: v1 + kind: Namespace + name: "{{ item }}" + loop: + - testing4 + - testing5 + register: k8s_namespaces + + - name: Resources should exist + assert: + that: item.resources[0].status.phase == 'Active' + loop: "{{ k8s_namespaces.results }}" + + - name: Delete resources from a list + k8s: + state: absent + definition: + - kind: Namespace + apiVersion: v1 + metadata: + name: testing4 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing5 + + - k8s_info: + api_version: v1 + kind: Namespace + name: "{{ item }}" + loop: + - testing4 + - testing5 + register: k8s_info + + - name: Resources are terminating if still in results + assert: + that: not item.resources or item.resources[0].status.phase == "Terminating" + loop: "{{ k8s_info.results }}" + + - name: Create resources from a yaml string ending with --- + k8s: + definition: |+ + --- + kind: Namespace + apiVersion: v1 + metadata: + name: testing6 + --- + + - name: Namespace should exist + k8s_info: + kind: Namespace + api_version: v1 + name: testing6 + register: k8s_info_testing6 + failed_when: not k8s_info_testing6.resources or k8s_info_testing6.resources[0].status.phase != "Active" + + - include_tasks: crd.yml + - include_tasks: lists.yml + - include_tasks: append_hash.yml + + always: + - name: Delete all namespaces + k8s: + state: absent + definition: + - kind: Namespace + apiVersion: v1 + metadata: + name: testing + - kind: Namespace + apiVersion: v1 + metadata: + name: testing1 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing2 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing3 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing4 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing5 + - kind: Namespace + apiVersion: v1 + metadata: + name: testing6 + ignore_errors: yes diff --git a/tests/integration/targets/kubernetes/tasks/lists.yml b/tests/integration/targets/kubernetes/tasks/lists.yml new file mode 100644 index 00000000..4d464df7 --- /dev/null +++ b/tests/integration/targets/kubernetes/tasks/lists.yml @@ -0,0 +1,140 @@ +--- + +- name: Ensure testing1 namespace exists + k8s: + api_version: v1 + kind: Namespace + name: testing1 + +- block: + - name: Create configmaps + k8s: + namespace: testing1 + definition: + apiVersion: v1 + kind: ConfigMapList + items: '{{ configmaps }}' + + - name: Get ConfigMaps + k8s_info: + api_version: v1 + kind: ConfigMap + namespace: testing1 + label_selectors: + - app=test + register: cms + + - name: All three configmaps should exist + assert: + that: item.data.a is defined + with_items: '{{ cms.resources }}' + + - name: Delete configmaps + k8s: + state: absent + namespace: testing1 + definition: + apiVersion: v1 + kind: ConfigMapList + items: '{{ configmaps }}' + + - name: Get ConfigMaps + k8s_info: + api_version: v1 + kind: ConfigMap + namespace: testing1 + label_selectors: + - app=test + register: cms + + - name: All three configmaps should not exist + assert: + that: not cms.resources + vars: + configmaps: + - metadata: + name: list-example-1 + labels: + app: test + data: + a: first + - metadata: + name: list-example-2 + labels: + app: test + data: + a: second + - metadata: + name: list-example-3 + labels: + app: test + data: + a: third + +- block: + - name: Create list of arbitrary resources + k8s: + namespace: testing1 + definition: + apiVersion: v1 + kind: List + namespace: testing1 + items: '{{ resources }}' + + - name: Get the created resources + k8s_info: + api_version: '{{ item.apiVersion }}' + kind: '{{ item.kind }}' + namespace: testing1 + name: '{{ item.metadata.name }}' + register: list_resources + with_items: '{{ resources }}' + + - name: All resources should exist + assert: + that: ((list_resources.results | sum(attribute="resources", start=[])) | length) == (resources | length) + + - name: Delete list of arbitrary resources + k8s: + state: absent + namespace: testing1 + definition: + apiVersion: v1 + kind: List + namespace: testing1 + items: '{{ resources }}' + + - name: Get the resources + k8s_info: + api_version: '{{ item.apiVersion }}' + kind: '{{ item.kind }}' + namespace: testing1 + name: '{{ item.metadata.name }}' + register: list_resources + with_items: '{{ resources }}' + + - name: The resources should not exist + assert: + that: not ((list_resources.results | sum(attribute="resources", start=[])) | length) + vars: + resources: + - apiVersion: v1 + kind: ConfigMap + metadata: + name: list-example-4 + data: + key: value + - apiVersion: v1 + kind: Service + metadata: + name: list-example-svc + labels: + app: test + spec: + selector: + app: test + ports: + - protocol: TCP + targetPort: 8000 + name: port-8000-tcp + port: 8000 diff --git a/tests/integration/targets/kubernetes/tasks/main.yml b/tests/integration/targets/kubernetes/tasks/main.yml new file mode 100644 index 00000000..706cb4dd --- /dev/null +++ b/tests/integration/targets/kubernetes/tasks/main.yml @@ -0,0 +1,94 @@ +- include_tasks: setup_remote_tmp_dir.yml + +- set_fact: + virtualenv: "{{ remote_tmp_dir }}/virtualenv" + virtualenv_command: "{{ ansible_python_interpreter }} -m virtualenv" + +- set_fact: + virtualenv_interpreter: "{{ virtualenv }}/bin/python" + +- pip: + name: virtualenv + +# Test graceful failure for missing kubernetes-validate + +- pip: + name: + - openshift>=0.9.2 + - coverage + virtualenv: "{{ virtualenv }}" + virtualenv_command: "{{ virtualenv_command }}" + virtualenv_site_packages: no + +- include_tasks: validate_not_installed.yml + vars: + ansible_python_interpreter: "{{ virtualenv_interpreter }}" + +- file: + path: "{{ virtualenv }}" + state: absent + no_log: yes + +# Test validate with kubernetes-validate + +- pip: + name: + - kubernetes-validate==1.12.0 + - openshift>=0.9.2 + - coverage + virtualenv: "{{ virtualenv }}" + virtualenv_command: "{{ virtualenv_command }}" + virtualenv_site_packages: no + +- include_tasks: validate_installed.yml + vars: + ansible_python_interpreter: "{{ virtualenv_interpreter }}" + playbook_namespace: ansible-test-k8s-validate + +- file: + path: "{{ virtualenv }}" + state: absent + no_log: yes + +# Test graceful failure for older versions of openshift + +- pip: + name: + - openshift==0.6.0 + - kubernetes==6.0.0 + - coverage + virtualenv: "{{ virtualenv }}" + virtualenv_command: "{{ virtualenv_command }}" + virtualenv_site_packages: no + +- include_tasks: older_openshift_fail.yml + vars: + ansible_python_interpreter: "{{ virtualenv_interpreter }}" + recreate_crd_default_merge_expectation: recreate_crd is failed + playbook_namespace: ansible-test-k8s-older-openshift + +- file: + path: "{{ virtualenv }}" + state: absent + no_log: yes + +# Run full test suite + +- pip: + name: + - openshift>=0.9.2 + - coverage + virtualenv: "{{ virtualenv }}" + virtualenv_command: "{{ virtualenv_command }}" + virtualenv_site_packages: no + +- include_tasks: full_test.yml + vars: + ansible_python_interpreter: "{{ virtualenv_interpreter }}" + create_crd_with_apply: no + playbook_namespace: ansible-test-k8s-full + +- file: + path: "{{ virtualenv }}" + state: absent + no_log: yes diff --git a/tests/integration/targets/kubernetes/tasks/older_openshift_fail.yml b/tests/integration/targets/kubernetes/tasks/older_openshift_fail.yml new file mode 100644 index 00000000..8ba8a12c --- /dev/null +++ b/tests/integration/targets/kubernetes/tasks/older_openshift_fail.yml @@ -0,0 +1,70 @@ + # TODO: Not available in ansible-base + # - python_requirements_info: + # dependencies: + # - openshift==0.6.0 + # - kubernetes==6.0.0 + + # append_hash + - name: use append_hash with ConfigMap + k8s: + definition: + metadata: + name: config-map-test + namespace: "{{ playbook_namespace }}" + apiVersion: v1 + kind: ConfigMap + data: + hello: world + append_hash: yes + ignore_errors: yes + register: k8s_append_hash + + - name: assert that append_hash fails gracefully + assert: + that: + - k8s_append_hash is failed + - "'Failed to import the required Python library (openshift >= 0.7.2)' in k8s_append_hash.msg" + - "'. This is required for append_hash.' in k8s_append_hash.msg" + + # validate + - name: attempt to use validate with older openshift + k8s: + definition: + metadata: + name: config-map-test + namespace: "{{ playbook_namespace }}" + apiVersion: v1 + kind: ConfigMap + data: + hello: world + validate: + fail_on_error: yes + ignore_errors: yes + register: k8s_validate + + - name: assert that validate fails gracefully + assert: + that: + - k8s_validate is failed + - "k8s_validate.msg == 'openshift >= 0.8.0 is required for validate'" + + # apply + - name: attempt to use apply with older openshift + k8s: + definition: + metadata: + name: config-map-test + namespace: "{{ playbook_namespace }}" + apiVersion: v1 + kind: ConfigMap + data: + hello: world + apply: yes + ignore_errors: yes + register: k8s_apply + + - name: assert that apply fails gracefully + assert: + that: + - k8s_apply is failed + - "k8s_apply.msg.startswith('Failed to import the required Python library (openshift >= 0.9.2)')" diff --git a/tests/integration/targets/kubernetes/tasks/openshift.yml b/tests/integration/targets/kubernetes/tasks/openshift.yml new file mode 100644 index 00000000..f4a90061 --- /dev/null +++ b/tests/integration/targets/kubernetes/tasks/openshift.yml @@ -0,0 +1,61 @@ +# OpenShift Resources +- name: Create a project + k8s: + name: testing + kind: Project + api_version: v1 + apply: no + register: output + +- name: show output + debug: + var: output + +- name: Create deployment config + k8s: + state: present + inline: &dc + apiVersion: v1 + kind: DeploymentConfig + metadata: + name: elastic + labels: + app: galaxy + service: elastic + namespace: testing + spec: + template: + metadata: + labels: + app: galaxy + service: elastic + spec: + containers: + - name: elastic + volumeMounts: + - mountPath: /usr/share/elasticsearch/data + name: elastic-volume + command: ['elasticsearch'] + image: 'ansible/galaxy-elasticsearch:2.4.6' + volumes: + - name: elastic-volume + persistentVolumeClaim: + claimName: elastic-volume + replicas: 1 + strategy: + type: Rolling + register: output + +- name: Show output + debug: + var: output + +- name: Create deployment config again + k8s: + state: present + inline: *dc + register: output + +- name: DC creation should be idempotent + assert: + that: not output.changed diff --git a/tests/integration/targets/kubernetes/tasks/setup_remote_tmp_dir.yml b/tests/integration/targets/kubernetes/tasks/setup_remote_tmp_dir.yml new file mode 100644 index 00000000..e04f5053 --- /dev/null +++ b/tests/integration/targets/kubernetes/tasks/setup_remote_tmp_dir.yml @@ -0,0 +1,11 @@ +- name: create temporary directory + test_tempfile: + state: directory + suffix: .test + register: remote_tmp_dir + notify: + - delete temporary directory + +- name: record temporary directory + set_fact: + remote_tmp_dir: "{{ remote_tmp_dir.path }}" diff --git a/tests/integration/targets/kubernetes/tasks/validate_installed.yml b/tests/integration/targets/kubernetes/tasks/validate_installed.yml new file mode 100644 index 00000000..224bd2eb --- /dev/null +++ b/tests/integration/targets/kubernetes/tasks/validate_installed.yml @@ -0,0 +1,125 @@ +- block: + - name: Create a namespace + k8s: + name: "{{ playbook_namespace }}" + kind: Namespace + + - copy: + src: files + dest: "{{ remote_tmp_dir }}" + + - name: incredibly simple ConfigMap + k8s: + definition: + apiVersion: v1 + kind: ConfigMap + metadata: + name: hello + namespace: "{{ playbook_namespace }}" + validate: + fail_on_error: yes + register: k8s_with_validate + + - name: assert that k8s_with_validate succeeds + assert: + that: + - k8s_with_validate is successful + + - name: extra property does not fail without strict + k8s: + src: "{{ remote_tmp_dir }}/files/kuard-extra-property.yml" + namespace: "{{ playbook_namespace }}" + validate: + fail_on_error: yes + strict: no + + - name: extra property fails with strict + k8s: + src: "{{ remote_tmp_dir }}/files/kuard-extra-property.yml" + namespace: "{{ playbook_namespace }}" + validate: + fail_on_error: yes + strict: yes + ignore_errors: yes + register: extra_property + + - name: check that extra property fails with strict + assert: + that: + - extra_property is failed + + - name: invalid type fails at validation stage + k8s: + src: "{{ remote_tmp_dir }}/files/kuard-invalid-type.yml" + namespace: "{{ playbook_namespace }}" + validate: + fail_on_error: yes + strict: no + ignore_errors: yes + register: invalid_type + + - name: check that invalid type fails + assert: + that: + - invalid_type is failed + + - name: invalid type fails with warnings when fail_on_error is False + k8s: + src: "{{ remote_tmp_dir }}/files/kuard-invalid-type.yml" + namespace: "{{ playbook_namespace }}" + validate: + fail_on_error: no + strict: no + ignore_errors: yes + register: invalid_type_no_fail + + - name: check that invalid type fails + assert: + that: + - invalid_type_no_fail is failed + + - name: setup custom resource definition + k8s: + src: "{{ remote_tmp_dir }}/files/setup-crd.yml" + + - name: wait a few seconds + pause: + seconds: 5 + + - name: add custom resource definition + k8s: + src: "{{ remote_tmp_dir }}/files/crd-resource.yml" + namespace: "{{ playbook_namespace }}" + validate: + fail_on_error: yes + strict: yes + register: unknown_kind + + - name: check that unknown kind warns + assert: + that: + - unknown_kind is successful + - "'warnings' in unknown_kind" + + always: + - name: remove custom resource + k8s: + definition: "{{ lookup('file', role_path + '/files/crd-resource.yml') }}" + namespace: "{{ playbook_namespace }}" + state: absent + ignore_errors: yes + + - name: remove custom resource definitions + k8s: + definition: "{{ lookup('file', role_path + '/files/setup-crd.yml') }}" + state: absent + + - name: Delete namespace + k8s: + state: absent + definition: + - kind: Namespace + apiVersion: v1 + metadata: + name: "{{ playbook_namespace }}" + ignore_errors: yes diff --git a/tests/integration/targets/kubernetes/tasks/validate_not_installed.yml b/tests/integration/targets/kubernetes/tasks/validate_not_installed.yml new file mode 100644 index 00000000..58401d4a --- /dev/null +++ b/tests/integration/targets/kubernetes/tasks/validate_not_installed.yml @@ -0,0 +1,24 @@ + # TODO: Not available in ansible-base + # - python_requirements_info: + # dependencies: + # - openshift + # - kubernetes + # - kubernetes-validate + + - k8s: + definition: + apiVersion: v1 + kind: ConfigMap + metadata: + name: hello + namespace: default + validate: + fail_on_error: yes + ignore_errors: yes + register: k8s_no_validate + + - name: assert that k8s_no_validate fails gracefully + assert: + that: + - k8s_no_validate is failed + - "k8s_no_validate.msg == 'kubernetes-validate python library is required to validate resources'" diff --git a/tests/integration/targets/kubernetes/tasks/waiter.yml b/tests/integration/targets/kubernetes/tasks/waiter.yml new file mode 100644 index 00000000..757d7899 --- /dev/null +++ b/tests/integration/targets/kubernetes/tasks/waiter.yml @@ -0,0 +1,355 @@ +- name: ensure that there are actually some nodes + k8s_info: + kind: Node + register: nodes + +- block: + - set_fact: + wait_namespace: wait + + - name: ensure namespace exists + k8s: + definition: + apiVersion: v1 + kind: Namespace + metadata: + name: "{{ wait_namespace }}" + + - name: add a simple pod + k8s: + definition: + apiVersion: v1 + kind: Pod + metadata: + name: "{{ k8s_pod_name }}" + namespace: "{{ wait_namespace }}" + spec: "{{ k8s_pod_spec }}" + wait: yes + vars: + k8s_pod_name: wait-pod + k8s_pod_image: alpine:3.8 + k8s_pod_command: + - sleep + - "10000" + register: wait_pod + ignore_errors: yes + + - name: assert that pod creation succeeded + assert: + that: + - wait_pod is successful + + - name: add a daemonset + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: DaemonSet + metadata: + name: wait-daemonset + namespace: "{{ wait_namespace }}" + spec: + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + template: "{{ k8s_pod_template }}" + wait: yes + wait_sleep: 3 + wait_timeout: 180 + vars: + k8s_pod_name: wait-ds + k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:1 + register: ds + + - name: check that daemonset wait worked + assert: + that: + - ds.result.status.currentNumberScheduled == ds.result.status.desiredNumberScheduled + + - name: update a daemonset in check_mode + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: DaemonSet + metadata: + name: wait-daemonset + namespace: "{{ wait_namespace }}" + spec: + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + updateStrategy: + type: RollingUpdate + template: "{{ k8s_pod_template }}" + wait: yes + wait_sleep: 3 + wait_timeout: 180 + vars: + k8s_pod_name: wait-ds + k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:2 + register: update_ds_check_mode + + - name: check that check_mode returned changed + assert: + that: + - update_ds_check_mode is changed + + - name: update a daemonset + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: DaemonSet + metadata: + name: wait-daemonset + namespace: "{{ wait_namespace }}" + spec: + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + updateStrategy: + type: RollingUpdate + template: "{{ k8s_pod_template }}" + wait: yes + wait_sleep: 3 + wait_timeout: 180 + vars: + k8s_pod_name: wait-ds + k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:3 + register: ds + + - name: get updated pods + k8s_info: + api_version: v1 + kind: Pod + namespace: "{{ wait_namespace }}" + label_selectors: + - app=wait-ds + register: updated_ds_pods + + - name: check that daemonset wait worked + assert: + that: + - ds.result.status.currentNumberScheduled == ds.result.status.desiredNumberScheduled + - updated_ds_pods.resources[0].spec.containers[0].image.endswith(":3") + + - name: add a crashing pod + k8s: + definition: + apiVersion: v1 + kind: Pod + metadata: + name: "{{ k8s_pod_name }}" + namespace: "{{ wait_namespace }}" + spec: "{{ k8s_pod_spec }}" + wait: yes + wait_sleep: 1 + wait_timeout: 30 + vars: + k8s_pod_name: wait-crash-pod + k8s_pod_image: alpine:3.8 + k8s_pod_command: + - /bin/false + register: crash_pod + ignore_errors: yes + + - name: check that task failed + assert: + that: + - crash_pod is failed + + - name: use a non-existent image + k8s: + definition: + apiVersion: v1 + kind: Pod + metadata: + name: "{{ k8s_pod_name }}" + namespace: "{{ wait_namespace }}" + spec: "{{ k8s_pod_spec }}" + wait: yes + wait_sleep: 1 + wait_timeout: 30 + vars: + k8s_pod_name: wait-no-image-pod + k8s_pod_image: i_made_this_up:and_this_too + register: no_image_pod + ignore_errors: yes + + - name: check that task failed + assert: + that: + - no_image_pod is failed + + - name: add a deployment + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: wait-deploy + namespace: "{{ wait_namespace }}" + spec: + replicas: 3 + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + template: "{{ k8s_pod_template }}" + wait: yes + vars: + k8s_pod_name: wait-deploy + k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:1 + k8s_pod_ports: + - containerPort: 8080 + name: http + protocol: TCP + + register: deploy + + - name: check that deployment wait worked + assert: + that: + - deploy.result.status.availableReplicas == deploy.result.status.replicas + + - name: update a deployment + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: wait-deploy + namespace: "{{ wait_namespace }}" + spec: + replicas: 3 + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + template: "{{ k8s_pod_template }}" + wait: yes + vars: + k8s_pod_name: wait-deploy + k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:2 + k8s_pod_ports: + - containerPort: 8080 + name: http + protocol: TCP + register: update_deploy + + - name: get updated pods + k8s_info: + api_version: v1 + kind: Pod + namespace: "{{ wait_namespace }}" + label_selectors: + - app=wait-deploy + register: updated_deploy_pods + + - name: check that deployment wait worked + assert: + that: + - deploy.result.status.availableReplicas == deploy.result.status.replicas + - updated_deploy_pods.resources[0].spec.containers[0].image.endswith(":2") + + - name: pause a deployment + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: wait-deploy + namespace: "{{ wait_namespace }}" + spec: + paused: True + apply: no + wait: yes + wait_condition: + type: Progressing + status: Unknown + reason: DeploymentPaused + register: pause_deploy + + - name: check that paused deployment wait worked + assert: + that: + - condition.reason == "DeploymentPaused" + - condition.status == "Unknown" + vars: + condition: '{{ pause_deploy.result.status.conditions | json_query("[?type==`Progressing`]") | first }}' + + - name: add a service based on the deployment + k8s: + definition: + apiVersion: v1 + kind: Service + metadata: + name: wait-svc + namespace: "{{ wait_namespace }}" + spec: + selector: + app: "{{ k8s_pod_name }}" + ports: + - port: 8080 + targetPort: 8080 + protocol: TCP + wait: yes + vars: + k8s_pod_name: wait-deploy + register: service + + - name: assert that waiting for service works + assert: + that: + - service is successful + + - name: add a crashing deployment + k8s: + definition: + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: wait-crash-deploy + namespace: "{{ wait_namespace }}" + spec: + replicas: 3 + selector: + matchLabels: + app: "{{ k8s_pod_name }}" + template: "{{ k8s_pod_template }}" + wait: yes + vars: + k8s_pod_name: wait-crash-deploy + k8s_pod_image: alpine:3.8 + k8s_pod_command: + - /bin/false + register: wait_crash_deploy + ignore_errors: yes + + - name: check that task failed + assert: + that: + - wait_crash_deploy is failed + + - name: remove Pod with very short timeout + k8s: + api_version: v1 + kind: Pod + name: wait-pod + namespace: "{{ wait_namespace }}" + state: absent + wait: yes + wait_sleep: 2 + wait_timeout: 5 + ignore_errors: yes + register: short_wait_remove_pod + + - name: check that task failed + assert: + that: + - short_wait_remove_pod is failed + + always: + - name: remove namespace + k8s: + kind: Namespace + name: "{{ wait_namespace }}" + state: absent + + when: (nodes.resources | length) > 0 diff --git a/tests/inventory b/tests/inventory deleted file mode 100644 index 2302edae..00000000 --- a/tests/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost ansible_connection=local diff --git a/tests/roles/hello-templates/files/deployment.yml b/tests/roles/hello-templates/files/deployment.yml deleted file mode 100644 index 80ab1075..00000000 --- a/tests/roles/hello-templates/files/deployment.yml +++ /dev/null @@ -1,43 +0,0 @@ -apiVersion: v1 -kind: DeploymentConfig -metadata: - name: hello-depoy - namespace: hello - labels: - app: hello -spec: - strategy: - type: Rolling - rollingParams: - updatePeriodSeconds: 1 - intervalSeconds: 1 - timeoutSeconds: 600 - maxUnavailable: 25% - maxSurge: 25% - resources: {} - triggers: - - type: ConfigChange - replicas: 1 - test: false - selector: - app: hello - template: - metadata: - name: hello-pod - labels: - app: hello - spec: - containers: - - name: hello - image: openshift/busybox-http-app - ports: - - name: web-8100-tcp - containerPort: 8080 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - imagePullPolicy: Always - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst - securityContext: {} diff --git a/tests/roles/hello-templates/tasks/main.yml b/tests/roles/hello-templates/tasks/main.yml deleted file mode 100644 index 0e8490e7..00000000 --- a/tests/roles/hello-templates/tasks/main.yml +++ /dev/null @@ -1,60 +0,0 @@ -- name: Create project - openshift_v1_project: - name: test-resource-defn - display_name: Resource Defn - description: Load resources - debug: no - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: create_project - -- debug: var=create_project - -# Create service from unaltered YAML copied from console -- name: Create service from resource definition - k8s_v1_service: - state: present - debug: yes - resource_definition: - apiVersion: v1 - kind: Service - metadata: - name: hello-service - namespace: test-resource-defn - selfLink: /api/v1/namespaces/hello/services/hello-service - uid: fd228ddb-0f38-11e7-840c-a2a3304da08d - resourceVersion: '42303' - creationTimestamp: '2017-03-22T19:51:49Z' - labels: - app: hello - spec: - ports: - - name: web-tcp - protocol: TCP - port: 8080 - targetPort: 8080 - selector: - app: hello - type: ClusterIP - sessionAffinity: None - status: - loadBalancer: {} - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: create_service - -- debug: var=create_service - -- name: Create deployment from resource file - openshift_v1_deployment_config: - state: present - debug: yes - src: "{{ role_path }}/files/deployment.yml" - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: deployment_create - -- debug: var=deployment_create diff --git a/tests/roles/hello-world/tasks/main.yml b/tests/roles/hello-world/tasks/main.yml deleted file mode 100644 index 1409e033..00000000 --- a/tests/roles/hello-world/tasks/main.yml +++ /dev/null @@ -1,96 +0,0 @@ -- name: Delete project - openshift_v1_project: - name: hello - state: absent - debug: yes - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: delete_project - -- debug: var=delete_project - -- name: Create project - openshift_v1_project: - name: hello - state: present - display_name: Hello World - description: Hello. - debug: yes - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: create_project - -- debug: var=create_project - -- name: Create service - k8s_v1_service: - name: hello-service - namespace: hello - state: present - ports: - - port: 8080 - target_port: 8080 - name: web-tcp - selector: - app: hello - labels: - app: hello - debug: yes - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: create_service - -- debug: var=create_service - -- name: Create deployment config - openshift_v1_deployment_config: - name: hello-deploy - namespace: hello - state: present - debug: yes - labels: - app: hello - spec_template_metadata_name: hello-pod - spec_template_metadata_labels: - app: hello - containers: - - name: hello - image: openshift/busybox-http-app - ports: - - container_port: 8080 - protocol: TCP - name: web-8080-tcp - - container_port: 8100 - protocol: TCP - name: web-8100-tcp - replicas: 1 - selector: - app: hello - strategy_type: Rolling - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: create_deployment - -- debug: var=create_deployment - -- name: Create route - openshift_v1_route: - name: hello-route - namespace: hello - state: present - to_kind: Service - to_name: hello-service - to_weight: 100 - port_target_port: web-tcp - tls_termination: edge - kubeconfig: '{{ os_kubeconfig }}' - host: '{{ os_host }}' - verify_ssl: '{{ os_verify_ssl }}' - register: create_route - -- debug: var=create_route - diff --git a/tests/sanity/ignore-2.10.txt b/tests/sanity/ignore-2.10.txt new file mode 100644 index 00000000..0fa8c1c3 --- /dev/null +++ b/tests/sanity/ignore-2.10.txt @@ -0,0 +1,5 @@ +plugins/modules/k8s.py validate-modules:parameter-type-not-in-doc +plugins/modules/k8s.py validate-modules:return-syntax-error +plugins/modules/k8s_scale.py validate-modules:parameter-type-not-in-doc +plugins/modules/k8s_scale.py validate-modules:return-syntax-error +plugins/modules/k8s_service.py validate-modules:return-syntax-error diff --git a/tests/sanity/ignore-2.9.txt b/tests/sanity/ignore-2.9.txt new file mode 100644 index 00000000..bbd327f7 --- /dev/null +++ b/tests/sanity/ignore-2.9.txt @@ -0,0 +1,2 @@ +plugins/modules/k8s.py validate-modules:parameter-type-not-in-doc +plugins/modules/k8s_scale.py validate-modules:parameter-type-not-in-doc diff --git a/tests/test.yml b/tests/test.yml deleted file mode 100644 index 46fcaf8d..00000000 --- a/tests/test.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Load the modules - hosts: all - gather_facts: no - vars: - os_kubeconfig: konfig.json - os_host: localhost:8443 - os_verify_ssl: False - roles: - - role: ansible-kubernetes-modules - - role: hello-world - - role: hello-templates