internet/kubernetes.core
3
0
Fork 0
mirror of https://github.com/ansible-collections/kubernetes.core.git synced 2026-05-08 22:12:44 +00:00
Code Issues Projects Releases Wiki Activity

Add configmap/secret hash functionality (#48)

Browse Source 
* * * Add configmap/secret hash functionality

Signed-off-by: Alina Buzachis <abuzachis@redhat.com>

* * Add changelog fragment

Signed-off-by: Alina Buzachis <abuzachis@redhat.com>
This commit is contained in:
Alina Buzachis
2021-04-20 14:27:25 +02:00
committed by GitHub
parent cc10268adf
commit edc48ee577
5 changed files with 248 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
changelogs/fragments/48_hash-configmap-secret.yml Normal file
View File

@@ -0,0 +1,3 @@
---
minor_changes:
- Add configmap and secret hash functionality (https://github.com/ansible-collections/kubernetes.core/pull/48).

2
plugins/module_utils/common.py
View File

@@ -27,6 +27,7 @@ from datetime import datetime
from distutils.version import LooseVersion from distutils.version import LooseVersion
from ansible_collections.kubernetes.core.plugins.module_utils.args_common import (AUTH_ARG_MAP, AUTH_ARG_SPEC) from ansible_collections.kubernetes.core.plugins.module_utils.args_common import (AUTH_ARG_MAP, AUTH_ARG_SPEC)
from ansible_collections.kubernetes.core.plugins.module_utils.hashes import generate_hash
from ansible.module_utils.basic import AnsibleModule, missing_required_lib from ansible.module_utils.basic import AnsibleModule, missing_required_lib
from ansible.module_utils.six import iteritems, string_types from ansible.module_utils.six import iteritems, string_types
@@ -60,7 +61,6 @@ except ImportError:
K8S_CONFIG_HASH_IMP_ERR = None K8S_CONFIG_HASH_IMP_ERR = None
try: try:
from openshift.helper.hashes import generate_hash
from openshift.dynamic.exceptions import KubernetesValidateMissing from openshift.dynamic.exceptions import KubernetesValidateMissing
HAS_K8S_CONFIG_HASH = True HAS_K8S_CONFIG_HASH = True
except ImportError: except ImportError:

67
plugins/module_utils/hashes.py Normal file
View File

@@ -0,0 +1,67 @@
# Copyright [2017] [Red Hat, Inc.]
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Implement ConfigMapHash and SecretHash equivalents
# Based on https://github.com/kubernetes/kubernetes/pull/49961
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
import json
import hashlib
try:
import string
maketrans = string.maketrans
except AttributeError:
maketrans = str.maketrans
try:
from collections import OrderedDict
except ImportError:
from orderreddict import OrderedDict
def sorted_dict(unsorted_dict):
result = OrderedDict()
for (k, v) in sorted(unsorted_dict.items()):
if isinstance(v, dict):
v = sorted_dict(v)
result[k] = v
return result
def generate_hash(resource):
# Get name from metadata
resource['name'] = resource.get('metadata', {}).get('name', '')
if resource['kind'] == 'ConfigMap':
marshalled = marshal(sorted_dict(resource), ['data', 'kind', 'name'])
del(resource['name'])
return encode(marshalled)
if resource['kind'] == 'Secret':
marshalled = marshal(sorted_dict(resource), ['data', 'kind', 'name', 'type'])
del(resource['name'])
return encode(marshalled)
raise NotImplementedError
def marshal(data, keys):
ordered = OrderedDict()
for key in keys:
ordered[key] = data.get(key, "")
return json.dumps(ordered, separators=(',', ':')).encode('utf-8')
def encode(resource):
return hashlib.sha256(resource).hexdigest()[:10].translate(maketrans("013ae", "ghkmt"))

85
tests/unit/module_utils/test_hashes.py Normal file
View File

@@ -0,0 +1,85 @@
# Copyright [2017] [Red Hat, Inc.]
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Test ConfigMapHash and SecretHash equivalents
# tests based on https://github.com/kubernetes/kubernetes/pull/49961
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
from ansible_collections.kubernetes.core.plugins.module_utils.hashes import generate_hash
tests = [
dict(
resource=dict(
kind="ConfigMap",
metadata=dict(name="foo"),
data=dict()
),
expected="867km9574f",
),
dict(
resource=dict(
kind="ConfigMap",
metadata=dict(name="foo"),
type="my-type",
data=dict()
),
expected="867km9574f",
),
dict(
resource=dict(
kind="ConfigMap",
metadata=dict(name="foo"),
data=dict(
key1="value1",
key2="value2")
),
expected="gcb75dd9gb",
),
dict(
resource=dict(
kind="Secret",
metadata=dict(name="foo"),
data=dict()
),
expected="949tdgdkgg",
),
dict(
resource=dict(
kind="Secret",
metadata=dict(name="foo"),
type="my-type",
data=dict()
),
expected="dg474f9t76",
),
dict(
resource=dict(
kind="Secret",
metadata=dict(name="foo"),
data=dict(
key1="dmFsdWUx",
key2="dmFsdWUy")
),
expected="tf72c228m4",
)
]
def test_hashes():
for test in tests:
assert(generate_hash(test['resource']) == test['expected'])

92
tests/unit/module_utils/test_marshal.py Normal file
View File

@@ -0,0 +1,92 @@
# Copyright [2017] [Red Hat, Inc.]
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Test ConfigMap and Secret marshalling
# tests based on https://github.com/kubernetes/kubernetes/pull/49961
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
from ansible_collections.kubernetes.core.plugins.module_utils.hashes import marshal, sorted_dict
tests = [
dict(
resource=dict(
kind="ConfigMap",
name="",
data=dict(),
),
expected=b'{"data":{},"kind":"ConfigMap","name":""}'
),
dict(
resource=dict(
kind="ConfigMap",
name="",
data=dict(
one=""
),
),
expected=b'{"data":{"one":""},"kind":"ConfigMap","name":""}'
),
dict(
resource=dict(
kind="ConfigMap",
name="",
data=dict(
two="2",
one="",
three="3",
),
),
expected=b'{"data":{"one":"","three":"3","two":"2"},"kind":"ConfigMap","name":""}'
),
dict(
resource=dict(
kind="Secret",
type="my-type",
name="",
data=dict(),
),
expected=b'{"data":{},"kind":"Secret","name":"","type":"my-type"}'
),
dict(
resource=dict(
kind="Secret",
type="my-type",
name="",
data=dict(
one=""
),
),
expected=b'{"data":{"one":""},"kind":"Secret","name":"","type":"my-type"}'
),
dict(
resource=dict(
kind="Secret",
type="my-type",
name="",
data=dict(
two="Mg==",
one="",
three="Mw==",
),
),
expected=b'{"data":{"one":"","three":"Mw==","two":"Mg=="},"kind":"Secret","name":"","type":"my-type"}'
),
]
def test_marshal():
for test in tests:
assert(marshal(sorted_dict(test['resource']), sorted(list(test['resource'].keys()))) == test['expected'])