internet/kubernetes.core
3
0
Fork 0
mirror of https://github.com/ansible-collections/kubernetes.core.git synced 2026-05-08 05:52:37 +00:00
Code Issues Projects Releases Wiki Activity

handle aliases for lookup and inventory plugins for authentication options (#500)

Browse Source 
Honor aliases for lookup and inventory plugins

rebase and extend the following PR #71
ISSUE TYPE


Bugfix Pull Request

Reviewed-by: Mike Graves <mgraves@redhat.com>
This commit is contained in:
Bikouo Aubin
2022-08-23 09:58:08 +02:00
committed by GitHub
parent c4c12ca2c3
commit 5ff3566f30
15 changed files with 477 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
tests/integration/targets/setup_kubeconfig/aliases Normal file
View File

@@ -0,0 +1 @@
disabled

6
tests/integration/targets/setup_kubeconfig/defaults/main.yml Normal file
View File

@@ -0,0 +1,6 @@
---
# When set to 'revert', the role will copy saved kubeconfig to the default location
# When set to 'save', the role will copy default kubeconfig to the custom location
kubeconfig_operation: "revert"
kubeconfig_default_path: "~/.kube/config"
kubeconfig_custom_path: "~/.kube/customconfig"

140
tests/integration/targets/setup_kubeconfig/library/test_inventory_read_credentials.py Normal file
View File

@@ -0,0 +1,140 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
# Copyright: (c) 2022, Aubin Bikouo <@abikouo>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = r"""
module: test_inventory_read_credentials
short_description: Generate cert_file, key_file, host and server certificate
author:
- Aubin Bikouo (@abikouo)
description:
- This module is used for integration testing only for this collection
- The module load a kube_config file and generate parameters used to authenticate the client.
options:
kube_config:
description:
- Path to a valid kube config file to test.
type: path
required: yes
dest_dir:
description:
- Path to a directory where file will be generated.
type: path
required: yes
"""
EXAMPLES = r"""
- name: Generate authentication parameters for current context
test_inventory_read_credentials:
kube_config: ~/.kube/config
dest_dir: /tmp
"""
RETURN = """
auth:
description:
- User information used to authenticate to the cluster.
returned: always
type: complex
contains:
cert_file:
description:
- Path to the generated user certificate file.
type: str
key_file:
description:
- Path to the generated user key file.
type: str
ssl_ca_cert:
description:
- Path to the generated server certificate file.
type: str
host:
description:
- Path to the file containing cluster host.
type: str
"""
import os
import shutil
from ansible.module_utils.basic import AnsibleModule, missing_required_lib
try:
from kubernetes import client, config
from kubernetes.dynamic import DynamicClient, LazyDiscoverer
HAS_KUBERNETES_MODULE = True
except ImportError:
HAS_KUBERNETES_MODULE = False
class K8SInventoryTestModule(AnsibleModule):
def __init__(self):
argument_spec = dict(
kube_config=dict(required=True, type="path"),
dest_dir=dict(required=True, type="path"),
)
super(K8SInventoryTestModule, self).__init__(argument_spec=argument_spec)
if not HAS_KUBERNETES_MODULE:
self.fail_json(msg=missing_required_lib("kubernetes"))
self.execute_module()
def execute_module(self):
dest_dir = os.path.abspath(self.params.get("dest_dir"))
kubeconfig_path = self.params.get("kube_config")
if not os.path.isdir(dest_dir):
self.fail_json(
msg="The following {0} does not exist or is not a directory.".format(
dest_dir
)
)
if not os.path.isfile(kubeconfig_path):
self.fail_json(
msg="The following {0} does not exist or is not a valid file.".format(
kubeconfig_path
)
)
client_config = type.__call__(client.Configuration)
config.load_kube_config(
config_file=kubeconfig_path, client_configuration=client_config
)
DynamicClient(client.ApiClient(client_config), discoverer=LazyDiscoverer)
result = dict(host=os.path.join(dest_dir, "host_data.txt"))
# create file containing host information
with open(result["host"], "w") as fd:
fd.write(client_config.host)
for key in ("cert_file", "key_file", "ssl_ca_cert"):
dest_file = os.path.join(dest_dir, "{0}_data.txt".format(key))
shutil.copyfile(getattr(client_config, key), dest_file)
result[key] = dest_file
self.exit_json(auth=result)
def main():
K8SInventoryTestModule()
if __name__ == "__main__":
main()

46
tests/integration/targets/setup_kubeconfig/tasks/main.yml Normal file
View File

@@ -0,0 +1,46 @@
---
- fail:
msg: "kubeconfig_operation must be one of 'revert' or 'save'"
when: kubeconfig_operation not in ["revert", "save"]
- set_fact:
src_kubeconfig: "{{ (kubeconfig_operation == 'save') | ternary(kubeconfig_default_path, kubeconfig_custom_path) }}"
dest_kubeconfig: "{{ (kubeconfig_operation == 'save') | ternary(kubeconfig_custom_path, kubeconfig_default_path) }}"
- name: check if source kubeconfig exists
stat:
path: "{{ src_kubeconfig }}"
register: _src
- name: check if destination kubeconfig exists
stat:
path: "{{ dest_kubeconfig }}"
register: _dest
- fail:
msg: "Both {{ src_kubeconfig }} and {{ dest_kubeconfig }} do not exist."
when:
- not _src.stat.exists
- not _dest.stat.exists
- name: Generate user cert_file, key_file, and hostname
block:
- name: Generate user credentials files
test_inventory_read_credentials:
kube_config: "{{ (_src.stat.exists) | ternary(src_kubeconfig, dest_kubeconfig) }}"
dest_dir: "{{ user_credentials_dir }}"
when: user_credentials_dir is defined
- block:
- name: "Copy {{ src_kubeconfig }} into {{ dest_kubeconfig }}"
copy:
remote_src: true
src: "{{ src_kubeconfig }}"
dest: "{{ dest_kubeconfig }}"
- name: "Delete {{ src_kubeconfig }}"
file:
state: absent
path: "{{ src_kubeconfig }}"
when: _src.stat.exists