add support for user impersonation for k8s modules
SUMMARY
k8s module should not allow user to perform operation using impersonation as describe here
https://kubernetes.io/docs/reference/access-authn-authz/authentication/#user-impersonation
This pull request closes#40
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
Don't wait on *List resources for info module
SUMMARY
We can't use the same wait logic on *List resources because they lack
the same metadata that other resources have. We should ensure that we
are waiting on the items in the list, but not the list itself. Waiting
on the list itself results in unexpected behavior.
This fixes the waiting logic when waiting on a list to wait until the
list being queried contains one or more items, or the wait timeout has
been reached. Each item in the list can then be waited on with the usual
wait logic.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: None <None>
Reviewed-by: Alina Buzachis <None>
Reviewed-by: None <None>
Add support for dry run
SUMMARY
Kubernetes server-side dry run will be used when the kubernetes client
version is >=18.20.0. For older versions of the client, the existing
client side speculative change implementation will be used.
The effect of this change should be mostly transparent to the end user
and is reflected in the fact the tests have not changed but should still
pass. With this change, there are a few edge cases that will be
improved. One example of these edge cases is to use check mode on an
existing Service resource. With dry run this will correctly report no
changes, while the older client side implementation will erroneously
report changes to the port spec.
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Gonéri Le Bouder <goneri@lebouder.net>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Alina Buzachis <None>
Reviewed-by: None <None>
Reviewed-by: None <None>
Remove molecule dependencies
SUMMARY
Depends-on: ansible-collections/cloud.common#92
Molecule is overwriting the cloud.common dependency installed by zuul,
which is causing issues with the CI job for turbo mode. We still need to
find a way to test against the latest released version of cloud.common.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Gonéri Le Bouder <goneri@lebouder.net>
Reviewed-by: None <None>
Increase timeout on scale test
SUMMARY
This test frequently fails with the default 20s timeout. Bumping up to
60s.
Fixes#241
Depends-on: ansible/ansible-zuul-jobs#1131
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Gonéri Le Bouder <goneri@lebouder.net>
Reviewed-by: None <None>
kustomize lookup plugin
SUMMARY
new lookup plugin to support kustomize feature for kubernetes
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
Disable turbo mode for the validate tests
Depends-On: ansible/ansible-zuul-jobs#1074
Switching virtualenvs in the test suite does not work so well with turbo
mode enabled because the module may not be executed by the virtualenv
that is specified for that task.
Reviewed-by: None <None>
Reviewed-by: Gonéri Le Bouder <goneri@lebouder.net>
Reviewed-by: None <None>
add support for in-memory kubeconfig
SUMMARY
k8s module support now authentication with kubeconfig parameter as file and dict.
Closes#139
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
Test molecule on ansible release 2.9 and 2.10
SUMMARY
Debug only
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: None <None>
Move integration tests to molecule
SUMMARY
There are only a handful of integration tests in tests/integration.
These are presumably left over from before the collection used molecule.
The only integration tests that aren't already covered by molecule are
the ones testing kubernetes-validate. I have moved these tests into
molecule so we can delete the integration test job.
ISSUE TYPE
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: None <None>
Reviewed-by: None <None>
Re-enable support for turbo mode
SUMMARY
This re-enables the ability to add turbo mode. It also adds a few more
tests to cover some cases that had been broken in turbo mode previously.
Testing with turbo mode is not currently enabled, and would fail until ansible-collections/cloud.common#69 can be merged and a new cloud.common release is done. This also does not add cloud.common to the collection dependencies until a decision has been made about how enabling/disabling turbo mode will work when cloud.common is already installed.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Gonéri Le Bouder <goneri@lebouder.net>
Reviewed-by: None <None>
k8s_drain new module
SUMMARY
new module to drain, cordon or uncordon node from k8s cluster.
#141
ISSUE TYPE
New Module Pull Request
COMPONENT NAME
k8s_drain
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
Add support for waiting on a StatefulSet.
SUMMARY
This PR implements support for waiting on StatefulSet for readiness similar to how the other waiters currently work.
ISSUE TYPE
Feature Pull Request
ADDITIONAL INFORMATION
This was designed to (mostly) mimic the behaviour of the StatefulSetStatusViewer used by kubectl rollout status -w.
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Joshua K <None>
Reviewed-by: None <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
k8s - add label_selectors options
SUMMARY
k8s now support label_selectors options same as k8s_info
Resolves#43
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
k8s
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
* support diff mode for k8s module
* Update and rename 145-k8s-add-support-diff-mode.yml to 146-k8s-add-support-diff-mode.yml
* Update 146-k8s-add-support-diff-mode.yml
* Update changelogs/fragments/146-k8s-add-support-diff-mode.yml
Co-authored-by: Mike Graves <mgraves@redhat.com>
* update k8s_scale and k8s_json_patch
* diff for k8s_scale and k8s_json_patch
Co-authored-by: Mike Graves <mgraves@redhat.com>
* Support template param in other collections
The action plugin for k8s does a collection name check for the template
param, but it's missing redhat.openshift and community.kubernetes.
* Add changelog fragment
* Fix test
* Fix apply on Ansible 2.9
For some reason the apply function can't be correctly imported in
Ansible 2.9. This just renames it to get it to import. I've also added
molecule testing on multiple Ansible versions.
* Add changelog fragment
* Account for updated pods when waiting on DaemonSet
The exising logic that's used to determine when a DaemonSet is ready
fails to account for the fact that a RollingUpdate first kills the pod
and then creates a new one. Simply checking if the
desiredNumberScheduled equals the numberReady will succeed in cases
when the old pod takes time to shut down, and would report that the new
Deployment is ready despite the fact that the old pod has not been
replaced, yet.
* Add changelog fragment
- enable the AnsibleTurboModule: Use AnsibleTurboModule when the `cloud.common` collection is available.
- Add dependency install step to molecule: Molecule won't install dependencies from galaxy.yml. We need to explicitly list them in a requirements.yml file and then enable the dependency step for molecule test.
* Fix client regression from turbo mode refactor
The turbo mode refactoring introduced a regression where the kubernetes
client can fail to find the kubeconfig. This happens because
get_api_client is called twice and the second time it is called without
the module being passed as an argument. Without this, the configuration
will use defaults. This will be a problem if the user has specified a
location for the kubeconfig that's different from default, for example.
* Add tests
* Rename from community.kubernetes to kubernetes.core
This goes through and renames community.kubernetes to kubernetes.core.
Most of this was generated from the downstream build script that was
used on the community repository, plus whatever hand edits I could find
that were needed.
The downstream build and test process has also been removed as this
repository is now the downstream repository.
* Fix CONTRIBUTING.md
