internet/kubernetes.core
3
0
Fork 0
mirror of https://github.com/ansible-collections/kubernetes.core.git synced 2026-05-12 20:42:08 +00:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: internet:stable-2.4
Branches Tags
internet:main internet:stable-5 internet:stable-6 internet:stable-3 internet:stable-4 internet:stable-2.4 internet:stable-2.3 internet:stable-2.2 internet:stable-2.1 internet:stable-1.2
internet:6.4.0 internet:6.3.0 internet:5.4.2 internet:6.2.0 internet:5.4.1 internet:6.1.0 internet:5.4.0 internet:6.0.0 internet:5.3.0 internet:5.2.0 internet:3.3.1 internet:5.1.0 internet:3.3.0 internet:3.2.0 internet:5.0.0 internet:4.0.0 internet:3.1.0 internet:3.0.1 internet:2.4.2 internet:2.4.1 internet:3.0.0 internet:2.4.0 internet:2.3.2 internet:2.3.1 internet:2.3.0 internet:2.2.3 internet:2.2.2 internet:2.2.1 internet:2.2.0 internet:2.1.1 internet:2.1.0 internet:2.0.2 internet:2.0.1 internet:2.0.0 internet:1.2.1
..
compare: internet:5.4.0
Branches Tags
internet:stable-5 internet:stable-6 internet:main internet:stable-3 internet:stable-4 internet:stable-2.4 internet:stable-2.3 internet:stable-2.2 internet:stable-2.1 internet:stable-1.2
internet:6.4.0 internet:6.3.0 internet:5.4.2 internet:6.2.0 internet:5.4.1 internet:6.1.0 internet:5.4.0 internet:6.0.0 internet:5.3.0 internet:5.2.0 internet:3.3.1 internet:5.1.0 internet:3.3.0 internet:3.2.0 internet:5.0.0 internet:4.0.0 internet:3.1.0 internet:3.0.1 internet:2.4.2 internet:2.4.1 internet:3.0.0 internet:2.4.0 internet:2.3.2 internet:2.3.1 internet:2.3.0 internet:2.2.3 internet:2.2.2 internet:2.2.1 internet:2.2.0 internet:2.1.1 internet:2.1.0 internet:2.0.2 internet:2.0.1 internet:2.0.0 internet:1.2.1

107 Commits
stable-2.4 ... 5.4.0

Author SHA1 Message Date
Bianca Henderson
dcbe52e722 Prep kubernetes.core 5.4.0 release (#970) 
SUMMARY

Prep kubernetes.core 5.4.0 release

COMPONENT NAME
Multiple

Reviewed-by: Bianca Henderson <beeankha@gmail.com>
Reviewed-by: Alina Buzachis
Reviewed-by: GomathiselviS <gomathiselvi@gmail.com>
 2025-08-12 16:56:58 +00:00
patchback[bot]
1e711d4da8 CI fix for 976 (#982) (#984) 
This is a backport of PR #982 as merged into main (a861079).
SUMMARY
Exclude plugins/connection/kubectl.py from ansible-lint, as this file contains only examples that is simplificated and may not be accordingally to linter rules.
resolves #976
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
CI
ADDITIONAL INFORMATION

Reviewed-by: Alina Buzachis
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
 2025-08-12 15:41:03 +00:00
Bianca Henderson
4b2dc4f974 Reapply "Remove kubeconfig value from module invocation log (#826)" (#899) (#965) (#980) 
This reverts commit eb0aeeb from stable-5 (i.e., reapplies the changes from #965); this is a temporary fix for #782 as it will re-introduce #870.

Reviewed-by: Alina Buzachis
Reviewed-by: GomathiselviS <gomathiselvi@gmail.com>
 2025-08-11 16:48:07 +00:00
patchback[bot]
eb0aeeb318 Revert "Remove kubeconfig value from module invocation log (#826)" (#899) (#965) 
This is a backport of PR #899 as merged into main (1705ced).
This reverts commit 6efabd3.
SUMMARY

Fixes #870
A better solution is necessary to address #782. The current code makes getting manifests practically unusable. We need to revert this commit until a better solution is found.

ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

kubeconfig

Reviewed-by: Bianca Henderson <beeankha@gmail.com>
 2025-07-22 21:28:48 +00:00
patchback[bot]
f3d3696093 Fix the integration test for helm_registry_auth with helm >= 3.18.0 and clarify idempotency. (#946) (#961) 
This is a backport of PR #946 as merged into main (642eb93).
SUMMARY
Fix the integration test for helm_registry_auth with helm >= 3.18.0 and clarify idempotency.
Fixes #944
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
helm_registry_auth
ADDITIONAL INFORMATION
Caused by the changes in helm starting from 3.18.0

Reviewed-by: Bianca Henderson <beeankha@gmail.com>
 2025-07-15 16:01:23 +00:00
patchback[bot]
e3da2f28fd Fix integration test with ansibe-core 2.20 (#951) (#959) 
This is a backport of PR #951 as merged into main (f568c9d).
SUMMARY
Now that ansible-core 2.19.0rc1 has been released, ansible-core’s devel branch has been bumped from 2.19.0.dev0 to 2.20.0.dev0. This potentially requires collection CIs to be updated which rely on devel using tests/sanity/ignore-2.19.txt, for example. Also it’s now time to add stable-2.19 to CI if you relied on devel to cover 2.19 so far. Note that milestone has also been updated to 2.20.0dev0.
During testing, I noticed that the failed test tasks/test_helm_not_installed.yml due to the new error message with ansible 2.20, please find here and following comments.
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
test/CI (tasks/test_helm_not_installed.yml)
ADDITIONAL INFORMATION
to be cherry-picked to the stable-6 and stable-5

Reviewed-by: Bianca Henderson <beeankha@gmail.com>
 2025-07-15 15:34:36 +00:00
Yuriy Novostavskiy
bb599542e8 add sanity/ignore for 2.20 and remove 2.16 and 2.14 (#954) 
SUMMARY
Now that ansible-core 2.19.0rc1 has been released, ansible-core’s devel branch has been bumped from 2.19.0.dev0 to 2.20.0.dev0. This  requires collection CI to be updated with using tests/sanity/ignore-2.20.txt. In the same time, ignore-2.14.txt ignore-2.15.txt is not required anymore as they are excluded from the matrix.
This PR is precific to stable-5 (and probably to be cherry-picked to stable-3) and is not required to main and stable-6 and such changes is already here.
ISSUE TYPE

CI Pull Request

COMPONENT NAME
CI
ADDITIONAL INFORMATION
It's required to have passed CI for #952

Reviewed-by: Bianca Henderson <beeankha@gmail.com>
Reviewed-by: Alina Buzachis
 2025-07-15 13:53:17 +00:00
patchback[bot]
6560fb1c53 Fix unit tests (#939) (#940) 
This is a backport of PR #939 as merged into main (34fd40d).
Some unit tests are broken with ansible-core 2.19, this PR aims to fix them.

Reviewed-by: Bianca Henderson <beeankha@gmail.com>
 2025-07-11 02:23:06 +00:00
patchback[bot]
20084d119e Push changes from 3.3.1 into main branch (#893) (#894) 
This is a backport of PR #893 as merged into main (0e7229c).
Release 3.3.1 is out; push changes to main branch

Reviewed-by: Bikouo Aubin
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
 2025-05-16 18:31:00 +00:00
Bikouo Aubin
c47343d7b6 Prepare release 5.3.0 (#929) 
Release 5.3.0

Update galaxy.yml and README.md
Update release files using antsibull-changelog

Reviewed-by: Alina Buzachis
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
Reviewed-by: Yuriy Novostavskiy
 2025-05-16 08:16:23 +00:00
Bianca Henderson
c213b51741 Add info to the README about stable-4 branch no longer being maintained (#931) 
SUMMARY

Resolves ACA-2383 and #918.
Adjusting the changes made in #926 per #930.

ISSUE TYPE


Docs Pull Request

COMPONENT NAME

README.md
ADDITIONAL INFORMATION
Also made some minor capitalization edits.

Reviewed-by: Bikouo Aubin
 2025-05-15 15:11:28 +00:00
patchback[bot]
60b53b9dc9 Add helm insecure skip tls verify (#901) (#925) 
This is a backport of PR #901 as merged into main (914a16e).
SUMMARY
Added the option insecure_skip_tls_verify  to the following helm modules:

helm_repository
helm
Unified the option with alias in helm_pull

For helm, added the option to the helm diff call, as it got fixed upstream.
Upstream Issue: databus23/helm-diff#503
Fixed with: helm/helm#12856
Fixes #694
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME

kubernetes.core.helm
kubernetes.core.helm_repository
kubernetes.core.helm_pull

ADDITIONAL INFORMATION
Basically the option was added in the parameters set in the ansible job, in the docs and then injected in the helm and helm diff binary calls if set. Defaults to False.
Example
---
- name: Test helm modules
  tasks:
    - name: Test helm repository insecure
      kubernetes.core.helm_repository:
        name: insecure
        repo_url: "<helm-repo-with-self-signed-tls>"
        state: present
        insecure_skip_tls_verify: true
    - name: Test helm pull insecure
      kubernetes.core.helm_pull:
        chart_ref: "oci://<helm-repo-with-self-signed-tls>/ptroject"
        destination: /tmp
        insecure_skip_tls_verify: true
    - name: Test helm insecure
      kubernetes.core.helm:
        name: insecure
        chart_ref: "oci://<helm-repo-with-self-signed-tls>/project"
        namespace: helm-insecure-test
        state: present
        insecure_skip_tls_verify: true
Note
Might need an alias for telm_template, as the option is called insecure_registry, in the manual and docs of helm it would be --insecure-skip-tls-verify as well though.
Not included, as it was recently merged with #805

Reviewed-by: Bianca Henderson <beeankha@gmail.com>
Reviewed-by: Mike Graves <mgraves@redhat.com>
 2025-05-06 23:32:56 +00:00
patchback[bot]
d531368d64 Update ansible-lint version to 25.1.2 (#919) (#921) 
This is a backport of PR #919 as merged into main (b594d35).
Update ansible-lint version to 25.1.2

Reviewed-by: Bianca Henderson <beeankha@gmail.com>
 2025-04-29 18:03:42 +00:00
patchback[bot]
c3bf5cc47f add reset_then_reuse_values support to helm module (#802) (#917) 
This is a backport of PR #802 as merged into main (00699ac).
SUMMARY
Starting with version 3.14.0, Helm supports --reset-then-reuse-values. As discussed on the original PR. This greatly improves on --reuse-values as it allows to avoid templates errors when new features are added to an upgraded chart.
Closes #803
ISSUE TYPE

Feature Pull Request

COMPONENT NAME
helm
ADDITIONAL INFORMATION
This PR is greatly 'inspired' by #575 and because I wasn't sure how I could provide additional tests for it, I actually copied those build previously for --reuse-values (as it is an improvement on this feature.

Reviewed-by: Bianca Henderson <beeankha@gmail.com>
 2025-04-29 17:54:15 +00:00
patchback[bot]
349534b85b Rebase PR #898 (#905) (#913) 
This is a backport of PR #905 as merged into main (d329e7e).
This PR is a rebase of #898 for CI to pass
Thanks @efussi for your collaboration.
Closes #892

Reviewed-by: Bikouo Aubin
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
 2025-04-25 15:59:21 +00:00
patchback[bot]
92e3f98a20 Bugfix: fix unit-source for pre-release of ansible-core 2.20 (devel and milestone branch) (#903) (#909) 
SUMMARY
CI fix for #904
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
tests/unit
ADDITIONAL INFORMATION

Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
(cherry picked from commit d4fc22c74e)

Co-authored-by: Yuriy Novostavskiy <yuriy@novostavskiy.kiev.ua>
 2025-04-25 11:01:13 -04:00
patchback[bot]
d2dcb9e55f Run integration tests using ansible-core 2.19 (#888) (#895) 
* fix integration test ``k8s_full`` running with ansible-core 2.19

* Fix templating issues

* fix test on current ansible version

* fix tests cases

* Fix additional tests

* fix the templating mechanism

* consider using variable_[start/end]_string while parsing template

* Remove support for omit into template option

* Remove unnecessary unit tests

(cherry picked from commit 2cb5d6c316)

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
 2025-04-25 16:49:10 +02:00
Mike Graves
0eff03dd19 Prep 5.2.0 release (#891) 
SUMMARY

Prep 5.2.0 release

ISSUE TYPE

COMPONENT NAME

ADDITIONAL INFORMATION

Reviewed-by: Yuriy Novostavskiy
Reviewed-by: Bikouo Aubin
Reviewed-by: Alina Buzachis
 2025-03-31 17:20:25 +00:00
patchback[bot]
81fb8662da waiter.py Add ClusterOperator Test (#879) (#882) 
This is a backport of PR #879 as merged into main (7cdf0d0).
SUMMARY
Fixes #869
During an OpenShift installation, one of the checks to see that the cluster is ready to proceed with configuration is to check to ensure that the Cluster Operators are in an Available: True Degraded: False Progressing: False state. While you can currently use the k8s_info module to get a json response, the resulting json needs to be iterated over several times to get the appropriate status.
This PR adds functionality into waiter.py which loops over all resource instances of the cluster operators. If any of them is not ready, waiter returns False and the task false. If the task returns, you can assume that all the cluster operators are healthy.


ISSUE TYPE


Feature Pull Request

COMPONENT NAME

waiter.py
ADDITIONAL INFORMATION



A simple playbook will trigger the waiter.py to watch the ClusterOperator object

---
- name: get operators
  hosts: localhost
  gather_facts: false
  tasks:
    - name: Get cluster operators
      kubernetes.core.k8s_info:
        api_version: v1
        kind: ClusterOperator
        kubeconfig: "/home/ocp/one/auth/kubeconfig"
        wait: true
        wait_timeout: 30
      register: cluster_operators


This will produce the simple response if everything is functioning properly:
PLAY [get operators] *************************************************************************************************

TASK [Get cluster operators] *****************************************************************************************
ok: [localhost]

PLAY RECAP ***********************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

If the timeout is reached:
PLAY [get operators] *************************************************************************************************

TASK [Get cluster operators] *****************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions.CoreException: Failed to gather information about ClusterOperator(s) even after waiting for 30 seconds
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to gather information about ClusterOperator(s) even after waiting for 30 seconds"}

PLAY RECAP ***********************************************************************************************************
localhost                  : ok=0    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0   

UNSOLVED: How to know which Operators are failing

Reviewed-by: Bikouo Aubin
 2025-03-26 15:50:36 +00:00
patchback[bot]
f74ee14d71 Extend hidden_fields to allow more complicated field definitions (#872) (#887) 
This is a backport of PR #872 as merged into main (9ec6912).
SUMMARY
This allows us to ignore e.g. the last-applied-configuration annotation by specifying
metadata.annotations[kubectl.kubernetes.io/last-applied-configuration]
ISSUE TYPE

Feature Pull Request

COMPONENT NAME
hidden_fields
This replaces #643 as I no longer have permissions to push to branches in this repo

Reviewed-by: Bikouo Aubin
 2025-03-25 13:36:12 +00:00
patchback[bot]
6f75d86954 Fix linters in CI (#873) (#876) 
This is a backport of PR #873 as merged into main (91df2f1).
SUMMARY
It seems that recent updates in linters break CI. Closes #874
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
CI
ADDITIONAL INFORMATION

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2025-02-06 15:45:54 +00:00
Yuriy Novostavskiy
c93a7e2459 prepare release 5.1.0 (#865) 
SUMMARY
This release came with new module helm_registry_auth, and improvements to the error messages in the k8s_drain module, new parameter insecure_registry for helm_template module and several bug fixes.
ISSUE TYPE

New release pull request

Changelog
Minor Changes

Bump version of ansible-lint to minimum 24.7.0 (#765).
Parameter insecure_registry added to helm_template as equivalent of insecure-skip-tls-verify (#805).
connection/kubectl.py - Added an example of using the kubectl connection plugin to the documentation (#741).
k8s_drain - Improve error message for pod disruption budget when draining a node (#797).

Bugfixes

helm - Helm version checks did not support RC versions. They now accept any version tags. (#745).
helm_pull - Apply no_log=True to pass_credentials to silence false positive warning.. (#796).
k8s_drain - Fix k8s_drain does not wait for single pod (#769).
k8s_drain - Fix k8s_drain runs into a timeout when evicting a pod which is part of a stateful set  (#792).
kubeconfig option should not appear in module invocation log (#782).
kustomize - kustomize plugin fails with deprecation warnings (#639).
waiter - Fix waiting for daemonset when desired number of pods is 0. (#756).

New Modules

helm_registry_auth - Helm registry authentication module

ADDITIONAL INFORMATION
Collection kubernets.core version 3.1.0 is compatible with ansible-core>=2.15.0

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2025-01-20 15:23:54 +00:00
patchback[bot]
2d68a37a52 trivial doc: replace 2.5.0 with 3.0.0 (#831) (#856) 
This is a backport of PR #831 as merged into main (bc0de24).
SUMMARY
Some parameters were added to the master in time where the latest version was 2.4.0 with version_added: 2.5.0, however the next version after 2.4.0 was a 3.0.0.
So, with this trivial doc PR (that most probably doesn't require a changelog fragment and including to changelog) I replacing  version_added: 2.5.0 to  version_added: 3.0.0 for:

reuse_values in kubernetes.core.helm module
reset_values in kubernetes.core.helm module
delete_all in  kubernetes.core.k8s module
hidden_fields  in  kubernetes.core.k8s module
hidden_fields   in  kubernetes.core.k8s_info module

All of them are introduced in kubernetes.core 3.0.0
ISSUE TYPE

Docs Pull Request

COMPONENT NAME

helm
k8s
8s_info


ADDITIONAL INFORMATION
PR to be backported to stable-3 and stable-5
 2025-01-17 19:01:57 +00:00
patchback[bot]
c5f5398e9e Remove deprecated .github/stale.yml to address #837 (#838) (#860) 
SUMMARY
I noticed that even config for probot/stale is present in the repo, but the old issues and PRs weren't marked as stale and not closed by the bot. Investigated and found that this bot was added to community.kubernetes as ansible-collections/community.kubernetes#53 but wasn't moved to kubernetes.core and never worked here.
Moreover, this bot is completely deprecated and down, ref: probot/stale#430
So, the config to be removed.
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
.github/stale.yml
ADDITIONAL INFORMATION
Closes #837
Trivial change that not require changelog

Reviewed-by: Mike Graves <mgraves@redhat.com>
(cherry picked from commit eb731cd3a5)

Co-authored-by: Yuriy Novostavskiy <yuriy@novostavskiy.kiev.ua>
 2025-01-17 11:53:31 -05:00
patchback[bot]
05aea7727d helm_pull: Silence false no_log warning (#796) (#858) 
This is a backport of PR #796 as merged into main (ecc64ca).
SUMMARY
Apply no_log=True to pass_credentials to silence false positive warning.
Fixes similar issue to: #423
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
changelog/fragements/796-false-positive-helmull.yaml
plugins/modules/helm_pull.py
 2025-01-17 16:21:23 +00:00
patchback[bot]
d3f6dd186c fix linters in github actions (#848) (#849) 
This is a backport of PR #848 as merged into main (159a63a).
SUMMARY
After the release 25.0.0 of ansible-compat the linters in CI become failing. In the ansible-lint issue already created
COMPONENT NAME
.github/workflows/linters.yaml
ADDITIONAL INFORMATION
Fix bug #846
within this commit ansible/ansible-lint is updated to 24.12.2 and the ansible-lint config moved to the .config folder
 2025-01-17 15:52:51 +00:00
patchback[bot]
8cee9fddbe Clean up test namespace (#852) (#854) 
This is a backport of PR #852 as merged into main (9f60b15).
SUMMARY

The helm_set_values test target did not clean up its namespace which is leading to unstable tests in the k8s_drain target.

ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

ADDITIONAL INFORMATION
 2025-01-17 15:29:22 +00:00
patchback[bot]
05a942e41e helm_registry_auth module to authenticate in OCI registry (#800) (#836) 
* new module helm_registry_auth

* Initial integration tests

* final update copyright and integration test before pr

* update link to pr in changelog fragment

* reformat plugins/module_utils/helm.py with black

to fix linters in actions

* attempt to fix unit test

unit test was missing initially

* fix https://pycqa.github.io/isort/ linter

* next attemp to fix unit-test

* remove unused and unsupported helm_args_common

* remove unused imports and fix other linters errors

* another fix for unit test

* fix issue introducied by commit ff02893a12a31f9c44b5c48f9a8bf85057295961

* add binary_path to arg_spec

* return helm_cmd in the output of check mode

remove changlog fragment

* description suggestion from reviewer/maintainer

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* description suggestion from reviewer/maintainer

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* description suggestion from reviewer/maintainer

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* description suggestion from reviewer/maintainer

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* description suggestion from reviewer/maintainer

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* description suggestion from reviewer/maintainer

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* description suggestion from reviewer/maintainer

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* description suggestion from reviewer/maintainer

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* remove changed from module return

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* remove redundant code

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* Update plugins/modules/helm_registry_auth.py

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* consider support of logout when user is not logged in

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* consider support helm < 3.0.0

* Revert "consider support helm < 3.0.0"

This reverts commit f20004d196.

* reintroduce support of helm version less than 3.8.0

reference: https://helm.sh/docs/topics/registries/#enabling-oci-support-prior-to-v380

* revert reintroducing support of helm < 3.8.0

reason: didn't find a quick way to deal with tests

* update documentation with the recent module updates

* Update plugins/modules/helm_registry_auth.py

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* add test of logout impendency

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>

* fix linters

* fix intendations in the integration tests

* create tests/integration/targets/helm_registry_auth/aliases

* fix integration test (typo)

* fix integration tests (test wrong cred)

* add stderr when module fail

* another attempt to fix integration test

* fix assertion in integration test to be not affceted by the #830

---------

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
(cherry picked from commit aee847431a)

Co-authored-by: Yuriy Novostavskiy <yuriy@novostavskiy.kiev.ua>
 2024-12-17 18:33:15 +01:00
patchback[bot]
fcd47ca995 Remove kubeconfig value from module invocation log (#826) (#840) 
(cherry picked from commit 6efabd3418)

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
 2024-12-17 18:32:59 +01:00
patchback[bot]
f1729ce186 fix: typo (#804) (#834) 
* fix: typo

replaces https://github.com/ansible-collections/kubernetes.core/pull/799

* doc: add changelog fragment

* Delete changelogs/fragments/804-drain-typo.yaml

---------

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
(cherry picked from commit 219c747a24)

Co-authored-by: Pierre Ozoux <pierre@ozoux.net>
 2024-12-17 17:49:56 +01:00
patchback[bot]
c37dc5b566 Parameter insecure_registry added to helm_template (#805) (#835) 
* Parameter insecure_registry added to helm_template as equivalent of insecure-skip-tls-verify

(cherry picked from commit 6609abdd5a)

Co-authored-by: Yuriy Novostavskiy <yuriy@novostavskiy.kiev.ua>
 2024-12-17 17:47:35 +01:00
patchback[bot]
410855cd36 Fix helm integration tests (#830) (#833) 
SUMMARY
Fix charts ref on integration tests targets
ISSUE TYPE

Bugfix Pull Request

Reviewed-by: Yuriy Novostavskiy
Reviewed-by: Alina Buzachis
(cherry picked from commit 7559b65946)

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
 2024-12-17 12:16:41 +01:00
patchback[bot]
e1f52ddbee Fix helm tests (#827) (#828) 
This is a backport of PR #827 as merged into main (c8a33c7).
SUMMARY

Some of the charts we've used for testing are no longer available at the old helm repository urls, as they've been moved to oci registries. This updates those charts.
In the longer term, we should find a better way to handle these kinds of test fixtures, probably by switching to local charts as much as possible.

ISSUE TYPE


Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request

COMPONENT NAME

ADDITIONAL INFORMATION

Reviewed-by: Bikouo Aubin
 2024-12-16 08:32:45 +00:00
patchback[bot]
5d038db848 Update README.md with removing outdated communication channels (#790) (#825) 
This is a backport of PR #790 as merged into main (b8e9873).
SUMMARY
As part of the consolidating Ansible discussion platforms and communication channels was decided to use the Ansible forum as the main place for questions and discussion.
Reference: https://forum.ansible.com/t/proposal-consolidating-ansible-discussion-platforms/6812
As part of this change, the IRC channel was removed by the PRs #778 and #774.
However, the README.md file wasn't fully cleaned up from the outdated information.
The #ansible-kubernetes channel on libera.chat IRC isn't used by maintainers and contributors anymore.
The Wiki page on the https://github.com/ansible/community/ was deprecated a long time ago
ISSUE TYPE

Docs Pull Request

COMPONENT NAME
README.md
 2024-12-11 20:35:22 +00:00
patchback[bot]
9d3195641e CONTRIBUTING.md remove IRC (#778) (#824) 
This is a backport of PR #778 as merged into main (c8a9326).
SUMMARY
As a part of https://forum.ansible.com/t/proposal-consolidating-ansible-discussion-platforms/6812
ISSUE TYPE

Docs Pull Request

COMPONENT NAME
CONTRIBUTING.md
 2024-12-11 20:35:19 +00:00
Yuriy Novostavskiy
dac1448b9c README: Add Communication section with Forum information (#774) (#823) 
SUMMARY


ISSUE TYPE


Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request

COMPONENT NAME

ADDITIONAL INFORMATION

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-12-11 18:54:13 +00:00
patchback[bot]
4bdff5d672 Make k8s_drain work when only one pod is present (#770) (#820) 
This is a backport of PR #770 as merged into main (4c305e7).
SUMMARY
Fixes #769 .
k8s_drain was not checking if a pod has been deleted when there was only one pod on the node to be drained.
The list of pods, pods, was being "popped" before the first iteration of the while loop:
        pod = pods.pop()
        while (_elapsed_time() < wait_timeout or wait_timeout == 0) and pods:
When pods contains only one element, the while loop is skipped.


ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

k8s_drain
 2024-12-11 16:23:41 +00:00
patchback[bot]
19a71c82ba Update Readme to match the template (#767) (#819) 
This is a backport of PR #767 as merged into main (fdb8af7).
SUMMARY


Refer: https://issues.redhat.com/browse/ACA-1749
This PR updates the README doc to match the template
ISSUE TYPE


Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request

COMPONENT NAME

ADDITIONAL INFORMATION
 2024-12-11 16:17:45 +00:00
patchback[bot]
c73f3e3f75 Bump the ansible-lint version to 24.7.0 (#765) (#818) 
This is a backport of PR #765 as merged into main (a89f19b).
SUMMARY

Bump the ansible-lint version to 24.7.0

ISSUE TYPE

COMPONENT NAME

ADDITIONAL INFORMATION
 2024-12-11 15:58:13 +00:00
patchback[bot]
2cdcc195e6 fix shields.io badges in README.md (#749) (#817) 
This is a backport of PR #749 as merged into main (0afd257).
SUMMARY
This PR fixes shields.io badges in README.md. It's just cosmetic bugfix
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
README.md
ADDITIONAL INFORMATION
Current README.md:

This PR:
 2024-12-11 15:26:43 +00:00
patchback[bot]
e98605eb16 Improve error message for pod disruption budget when draining a node (#798) (#816) 
This is a backport of PR #798 as merged into main (52f2cb5).
SUMMARY
Closes #797 .
The error message "Too Many Requests" is confusing and is changed to a more meaningful message:
TASK [Drain node] *************************************************************************
Montag 25 November 2024  09:20:28 +0100 (0:00:00.014)       0:00:00.014 ******* 
fatal: [host -> localhost]: FAILED! => {"changed": false, "msg": "Failed to delete pod kube-public/draintest-6b84677b99-9jf7m due to: Cannot evict pod as it would violate the pod's disruption budget."}


The new task output would allow to deal with a pod disruption budget with the retries/until logic in a more controlled way:
---
- hosts: "{{ target }}"
  serial: 1
  gather_facts: false
  tasks:
    - name: Drain node
      kubernetes.core.k8s_drain:
        kubeconfig: "{{ kubeconfig_path }}"
        name: "{{ inventory_hostname }}"
        delete_options:
          ignore_daemonsets: true
          delete_emptydir_data: true
          wait_timeout: 100
          disable_eviction: false
          wait_sleep: 1
      delegate_to: localhost
      retries: 10
      delay: 5
      until: drain_result is success or 'disruption budget' not in drain_result.msg
      register: drain_result

ISSUE TYPE


Feature Pull Request

COMPONENT NAME
k8s_drain
 2024-12-11 15:14:49 +00:00
patchback[bot]
e13a7fd0c6 update changelog with release 3.2.0 (#750) (#814) 
This is a backport of PR #750 as merged into main (d192157).
SUMMARY
Minor/cosmetic documentation change with adding release 3.2.0 to changelog for master as the release is from stable-3 branch
ISSUE TYPE

Docs Pull Request

COMPONENT NAME
CHANGELOG.md
ADDITIONAL INFORMATION
Most probably this PR should be backported to the stable-5 branch after the merge to the main and should be with a skip-changelog tag.
 2024-12-11 15:14:44 +00:00
patchback[bot]
2098dfea5e Fix k8s_drain runs into timeout with pods from stateful sets. (#793) (#808) 
This is a backport of PR #793 as merged into main (fca0dc0).
SUMMARY
Fixes #792 .
The function wait_for_pod_deletion in k8s_drain never checks on which node a pod is actually running:
            try:
                response = self._api_instance.read_namespaced_pod(
                    namespace=pod[0], name=pod[1]
                )
                if not response:
                    pod = None
                time.sleep(wait_sleep)
This means that if a pod is successfully evicted and restarted with the same name on a new node, k8s_drain does not notice and thinks that the original pod is still running. This is the case for pods which are part of a stateful set.

ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME
k8s_drain
 2024-12-11 14:12:35 +00:00
patchback[bot]
10a9b9e811 Remove kubevirt integration test workflow (#806) (#810) 
This is a backport of PR #806 as merged into main (513ff66).
SUMMARY

This removes the kubevirt integration tests. We don't maintain that collection or have any permissions on that repo, so there's no reason for these tests to be here.

ISSUE TYPE


Bugfix Pull Request


COMPONENT NAME

ADDITIONAL INFORMATION

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-12-10 18:22:42 +00:00
patchback[bot]
67868442f3 [ci] fix github actions post 2.18 (#789) (#812) 
This is a backport of PR #789 as merged into main (cd68631).
This PR includes a trivial fix for the GitHub Actions issue #788 and related to switching milestone and devel branches of ansible/ansible to version 2.19 and prepare repo to be ready to include test with Python 3.13 when ansible-network/github_actions/pull/162 is merged.
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
GitHub actions/test

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-12-10 17:13:53 +00:00
patchback[bot]
5eefa9c308 fix: kustomize plugin fails with deprecation warnings (#728) (#764) 
This is a backport of PR #728 as merged into main (5bc53db).
SUMMARY

error judgments are based on the exit codes of command execution, where 0 represents success and non-zero represents failure.
Optimize the run_command function to return a tuple like the run_command method of AnsibleModule.

Fixes #639
ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

kustomize lookup plugin
ADDITIONAL INFORMATION

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-07-15 13:56:34 +00:00
patchback[bot]
4ed9105797 Fix waiting for daemonset when desired number of pods is 0 (#756) (#762) 
This is a backport of PR #756 as merged into main (b07fbd6).
Fixes #755
SUMMARY
Because we don't have any node with non_exisiting_label (see code below) desired number of Pods will be 0. Kubernetes won't create .status.updatedNumberScheduled field (at least on version v1.27), because we still are not going to create any Pods. So that if .status.updatedNumberScheduled doesn't exist we should assume that number is 0
Code to reproduce:
- name: Create daemonset
  kubernetes.core.k8s:
    state: present
    wait: true
    definition:
      apiVersion: apps/v1
      kind: DaemonSet
      metadata:
        name: my-daemonset
        namespace: default
      spec:
        selector:
          matchLabels:
            app: my-app
        template:
          metadata:
            labels:
              app: my-app
          spec:
            containers:
              - name: my-container
                image: nginx
            nodeSelector:
              non_exisiting_label: 1
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
kubernetes.core.plugins.module_utils.k8s.waiter
ADDITIONAL INFORMATION



TASK [Create daemonset] **********************************************************************************************************************************
changed: [controlplane] => {"changed": true, "duration": 5, "method": "create", "result": {"apiVersion": "apps/v1", "kind": "DaemonSet", "metadata": {"annotations": {"deprecated.daemonset.template.generation": "1"}, "creationTimestamp": "2024-06-28T08:23:41Z", "generation": 1, "managedFields": [{"apiVersion": "apps/v1", "fieldsType": "FieldsV1", "fieldsV1": {"f:metadata": {"f:annotations": {".": {}, "f:deprecated.daemonset.template.generation": {}}}, "f:spec": {"f:revisionHistoryLimit": {}, "f:selector": {}, "f:template": {"f:metadata": {"f:labels": {".": {}, "f:app": {}}}, "f:spec": {"f:containers": {"k:{\"name\":\"my-container\"}": {".": {}, "f:image": {}, "f:imagePullPolicy": {}, "f:name": {}, "f:resources": {}, "f:terminationMessagePath": {}, "f:terminationMessagePolicy": {}}}, "f:dnsPolicy": {}, "f:nodeSelector": {}, "f:restartPolicy": {}, "f:schedulerName": {}, "f:securityContext": {}, "f:terminationGracePeriodSeconds": {}}}, "f:updateStrategy": {"f:rollingUpdate": {".": {}, "f:maxSurge": {}, "f:maxUnavailable": {}}, "f:type": {}}}}, "manager": "OpenAPI-Generator", "operation": "Update", "time": "2024-06-28T08:23:41Z"}, {"apiVersion": "apps/v1", "fieldsType": "FieldsV1", "fieldsV1": {"f:status": {"f:observedGeneration": {}}}, "manager": "kube-controller-manager", "operation": "Update", "subresource": "status", "time": "2024-06-28T08:23:41Z"}], "name": "my-daemonset", "namespace": "default", "resourceVersion": "1088421", "uid": "faafdbf7-4388-4cec-88d5-84657966312d"}, "spec": {"revisionHistoryLimit": 10, "selector": {"matchLabels": {"app": "my-app"}}, "template": {"metadata": {"creationTimestamp": null, "labels": {"app": "my-app"}}, "spec": {"containers": [{"image": "nginx", "imagePullPolicy": "Always", "name": "my-container", "resources": {}, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File"}], "dnsPolicy": "ClusterFirst", "nodeSelector": {"non_exisiting_label": "1"}, "restartPolicy": "Always", "schedulerName": "default-scheduler", "securityContext": {}, "terminationGracePeriodSeconds": 30}}, "updateStrategy": {"rollingUpdate": {"maxSurge": 0, "maxUnavailable": 1}, "type": "RollingUpdate"}}, "status": {"currentNumberScheduled": 0, "desiredNumberScheduled": 0, "numberMisscheduled": 0, "numberReady": 0, "observedGeneration": 1}}}

~$ kubectl get ds
NAME           DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR           AGE
my-daemonset   0         0         0       0            0           non_exisiting_label=1   30s

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-07-10 14:32:11 +00:00
patchback[bot]
46f8e4adfb [PR #731/c0666a51 backport][stable-5] kubevirt.core collection cross testing (#760) 
This is a backport of PR #731 as merged into main (c0666a5).
SUMMARY

The kubevirt.core collection has dependency with this collection. We define new workflows to ensure that nothing is broken on that collection when pushing new changes on this collection.

ISSUE TYPE


Feature Pull Request

COMPONENT NAME

CI

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-07-10 13:57:49 +00:00
patchback[bot]
5761205513 helm: Accept release candidate versions for compatibility checks (#745) (#754) 
This is a backport of PR #745 as merged into main (6a04f42).
SUMMARY

If the helm CLI version includes -rc.1 for example, the version checks fails due to an incomplete regex.
The error can be triggered if you use helm v3.15.0-rc.1 for example, and apply a helm chart with wait: true 
ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME
helm
helm_pull
ADDITIONAL INFORMATION

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-06-18 13:05:55 +00:00
Bikouo Aubin
7b0190f8d5 Prepare release 5.0.0 (#733) 2024-06-10 15:39:42 +02:00
patchback[bot]
c47e691101 Doc: add example of using kubectl connection plugin (#741) (#744) 
[PR #741/fb80d973 backport][stable-5] Doc: add example of using kubectl connection plugin

This is a backport of PR #741 as merged into main (fb80d97).
SUMMARY
Currently documentation for collection don't include any examples of using kubenrenes.core.kubectl connection plugin and it's hard to start using that plugin.
ISSUE TYPE

Docs Pull Request

COMPONENT NAME
kubenrenes.core.kubectl connection plugin
ADDITIONAL INFORMATION
This PR was inspired by #288 and based on feedback on that PR and my own experience. Thanks @tpo for his try and @geerlingguy for his Ansible for DevOps book

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-06-06 14:34:01 +00:00
patchback[bot]
8ae6469696 Defer removal of inventory/k8s to 6.0.0 (#734) (#740) 
Defer removal of inventory/k8s to 6.0.0

SUMMARY
Defer removal of inventory plugin k8s to release 6.0.0.

ISSUE TYPE

Feature Pull Request

Reviewed-by: Alina Buzachis
Reviewed-by: Mike Graves <mgraves@redhat.com>
(cherry picked from commit 0c5233a650)

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
 2024-05-31 10:09:39 +02:00
patchback[bot]
1174fee5c9 Remove support for ansible-core<2.15 (#737) (#739) 
Drop support for ansible-core<2.15

SUMMARY

Remove support for ansible-core<2.15

ISSUE TYPE

Feature Pull Request

Reviewed-by: Mike Graves <mgraves@redhat.com>
(cherry picked from commit 8363a4debf)

Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
 2024-05-31 10:06:48 +02:00
Bikouo Aubin
f22ffcab18 Prepare release 4.0.0 (#727) 
* Prepare release 4.0.0

* update documentation
 2024-05-28 11:37:32 +02:00
Bikouo Aubin
072a08091b Remove deprecated function from module_utils/common.py (#726) 
Remove deprecated function from module_utils/common.py

SUMMARY

Remove deprecated functions and class from module_utils/common.py in order to prepare release 4.0.0

ISSUE TYPE


Feature Pull Request

COMPONENT NAME

module_utils/common.py

Reviewed-by: Alina Buzachis
 2024-05-24 05:29:46 +00:00
Alina Buzachis
cbadbe32f9 Defer removal of k8s inventory plugin to version 5.0. (#723) 
Defer removal of k8s inventory plugin to version 5.0.

SUMMARY

Defer removal of k8s inventory plugin to version 5.0.

ISSUE TYPE


Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request

COMPONENT NAME

inventory/k8s.py
ADDITIONAL INFORMATION

Reviewed-by: Bikouo Aubin
Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-05-22 10:13:50 +00:00
Alina Buzachis
966fa7e906 k8s - remove support for merge_type=json (#722) 
k8s - remove support for merge_type=json

SUMMARY

Support for merge_type=json has been removed in version 4.0.0. Please use kubernetes.core.k8s_json_patch instead.

ISSUE TYPE


Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request

COMPONENT NAME

k8s.py
ADDITIONAL INFORMATION

Reviewed-by: Bikouo Aubin
Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-05-22 10:13:47 +00:00
Mike Graves
485eae3b10 Release 3.1.0 (#719) (#720) 
Sync stable-3 to main branch (#719)

Release 3.1.0
SUMMARY
Release prep for 3.1.0
ISSUE TYPE
Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Alina Buzachis
Reviewed-by: Helen Bailey hebailey@redhat.com
(cherry picked from commit ef829b8)

Reviewed-by: Alina Buzachis
 2024-05-16 18:43:34 +00:00
Conner Crosby
a4c1bd8541 Update deprecation version for merge_type=json (#700) 
Update deprecation version for merge_type=json

SUMMARY
When looking at the parts of plugins/module_utils/common.py and plugins/module_utils/k8s/service.py during the post 3.0.0 release (see https://github.com/ansible-collections/kubernetes.core/pull/663/files#diff-9ee2d0860a5643da4e1f35136e9e7c3a41c5f2fd2952c197e7e32b941e5a301c) that affect merge_type when set to json, I don't believe merge_type=json was deprecated for (and removed from) the k8s module, and instead the deprecation version has moved to 4.0.0. Hence, the documentation update.
ISSUE TYPE

Docs Pull Request

COMPONENT NAME
k8s module

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-05-15 18:02:55 +00:00
Mike Graves
8858b19121 Fix unsafe text assertion in tests (#716) 
Fix unsafe text assertion in tests

SUMMARY

This fixes a problem with unsafe text in an assertion.

ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

ADDITIONAL INFORMATION

Reviewed-by: GomathiselviS
Reviewed-by: Bikouo Aubin
 2024-05-15 06:50:26 +00:00
Yuriy Novostavskiy
6360763098 minor: doc: use the same style of version_added across repo (#703) 
minor(doc): use the same style of version_added across repo

SUMMARY
Currently is no single style of version_added, in some places it's unquoted, somewhere single quote is used, in another places it's double quoted. Moreover, some file had different styles in one single file.
The aim of this PR is to update whole repo to single style for version_added
ISSUE TYPE

Docs Pull Request

COMPONENT NAME
kustomize
helm
helm_info
helm_plugin
helm_plugin_info
helm_pull
helm_repository
helm_template
k8s_cluster_info
k8s_cp
k8s_drain
k8s_exec
k8s_log
k8s_rollback
k8s_taint
ADDITIONAL INFORMATION
The same style is proposed as used in amazon.aws collections

Reviewed-by: Kelv Gooding
Reviewed-by: Alina Buzachis
Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-05-14 15:50:12 +00:00
Dennis Ochocki
ac943e9890 fixed typo in filename of 'k8s_json_patch'-action (#652) 
fixed typo in filename of 'k8s_json_patch'-action 

SUMMARY

The filename/symlink of the action for the 'k8s_json_patch'-module was wrong. Renamed file from 'ks8_json_patch.py' to ' k8s_json_patch.py'

ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME

k8s_json_patch
ADDITIONAL INFORMATION


Because of the wrong filename things like unvaulting kubeconfig files did not worked.

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-05-14 15:48:01 +00:00
John Lathouwers
0408aa9328 Update kustomize.py add --enable-helm support (#592) 
Update kustomize.py add --enable-helm support

Add --enable-helm support
SUMMARY
Fixes #568
ISSUE TYPE

Feature Pull Request

COMPONENT NAME
Lookup plugin: kubernetes.core.kustomize
ADDITIONAL INFORMATION
Current and maintained arg:
lookup('kubernetes.core.kustomize', dir=item)

Additional feature args:
lookup('kubernetes.core.kustomize', dir=item, enable_helm=false)
lookup('kubernetes.core.kustomize', dir=item, enable_helm=true)

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-05-13 17:16:16 +00:00
Mike Graves
874fbfedd5 Merge pull request #707 from gravesm/linting-fix 
Update ansible-lint GHA
 2024-05-08 11:09:30 -04:00
Mike Graves
d8d9133912 Update ansible-lint GHA 
There seems to be a bug in older versions of ansible-lint where pinning
to a version for the GHA still installs the main branch.
 2024-05-07 12:35:35 -04:00
Alina Buzachis
86d9a3f45f Add tests/sanity/ignore-2.18.txt (#704) 
Add tests/sanity/ignore-2.18.txt

SUMMARY

Add tests/sanity/ignore-2.18.txt

ISSUE TYPE


Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request

COMPONENT NAME

ADDITIONAL INFORMATION

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-05-07 15:27:13 +00:00
Yuriy Novostavskiy
fb25ff44f1 add support of kubectl_local_env_vars (#698) (#702) 
add support of kubectl_local_env_vars (#698)

SUMMARY
Support of local environmental variable that may be required to be set on Ansible Controller before the connection is set and may be used for kubectl command. This PR addressed for #698
The main idea is to have the support of  additional/extra local environmental variable that may be required for kubectl itself, i.e. for authorization in case of public clouds
ISSUE TYPE

Feature Pull Request

COMPONENT NAME
kubernetes.core.kubectl connection plugin
ADDITIONAL INFORMATION
This PR attempts to implement local env support for the kubectl connection plugin that may be useful in case of using kubectl against public cloud kubernetes environment that uses some authorization (i.e. aws cli) additionally to kubeconfig file. More detail in #698
The output that shows that the connection plugin can use local environment variable for kubectl command (with some debug that used during development but removed then):
root@ubuntu-shell:/# cat test.yaml
- hosts: localhost
  gather_facts: no
  any_errors_fatal: yes
  vars:
    ansible_connection: "kubectl"
    ansible_kubectl_namespace: "test"
    ansible_kubectl_config: "/.kube/config"
    ansible_kubectl_pod: "ubuntu"
    ansible_kubectl_container: "ubuntu"
    ansible_kubectl_local_env_vars:
      TESTVAR1: "test"
      TESTVAR2: "test"
      TESTVAR3: "test"
  environment:
    TEST_ENV1: value1
    TEST_ENV2: value2

  tasks:
  - name: test
    ansible.builtin.shell: env
    register: result
  - debug:
      var: result.stdout_lines
root@ubuntu-shell:/# ansible-playbook test.yaml
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [localhost] **************************************************************************************************************************************

TASK [test] *******************************************************************************************************************************************
changed: [localhost]

TASK [debug] ******************************************************************************************************************************************
ok: [localhost] => {
    "result.stdout_lines": [
        "KUBERNETES_PORT=tcp://10.96.0.1:443",
        "KUBERNETES_SERVICE_PORT=443",
        "HOSTNAME=ubuntu",
        "HOME=/root",
        "LC_CTYPE=C.UTF-8",
        "TEST_ENV1=value1",
        "TEST_ENV2=value2",
        "TERM=xterm",
        "KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1",
        "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
        "KUBERNETES_PORT_443_TCP_PORT=443",
        "KUBERNETES_PORT_443_TCP_PROTO=tcp",
        "KUBERNETES_SERVICE_PORT_HTTPS=443",
        "KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443",
        "KUBERNETES_SERVICE_HOST=10.96.0.1",
        "PWD=/"
    ]
}

PLAY RECAP ********************************************************************************************************************************************
localhost                  : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

root@ubuntu-shell:/# ansible-playbook test.yaml -vvv
ansible-playbook [core 2.14.5]
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.10/dist-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible-playbook
  python version = 3.10.12 (main, Nov 20 2023, 15:14:05) [GCC 11.4.0] (/usr/bin/python3)
  jinja version = 3.1.3
  libyaml = True
No config file found; using defaults
host_list declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
script declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
yaml declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
ini declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
toml declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.

PLAYBOOK: test.yaml ***********************************************************************************************************************************
1 plays in test.yaml

PLAY [localhost] **************************************************************************************************************************************

TASK [test] *******************************************************************************************************************************************
task path: /test.yaml:19
redirecting (type: connection) ansible.builtin.kubectl to kubernetes.core.kubectl
<127.0.0.1> ESTABLISH kubectl CONNECTION
<127.0.0.1> ENV: KUBERNETES_SERVICE_PORT_HTTPS=443
<127.0.0.1> ENV: KUBERNETES_SERVICE_PORT=443
<127.0.0.1> ENV: HOSTNAME=ubuntu-shell
<127.0.0.1> ENV: PWD=/
<127.0.0.1> ENV: HOME=/root
<127.0.0.1> ENV: KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
<127.0.0.1> ENV: LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.webp=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:
<127.0.0.1> ENV: TERM=xterm
<127.0.0.1> ENV: SHLVL=1
<127.0.0.1> ENV: KUBERNETES_PORT_443_TCP_PROTO=tcp
<127.0.0.1> ENV: KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
<127.0.0.1> ENV: KUBERNETES_SERVICE_HOST=10.96.0.1
<127.0.0.1> ENV: KUBERNETES_PORT=tcp://10.96.0.1:443
<127.0.0.1> ENV: KUBERNETES_PORT_443_TCP_PORT=443
<127.0.0.1> ENV: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
<127.0.0.1> ENV: _=/usr/local/bin/ansible-playbook
<127.0.0.1> ENV: LC_CTYPE=C.UTF-8
<127.0.0.1> ENV: TESTVAR1=test
<127.0.0.1> ENV: TESTVAR2=test
<127.0.0.1> ENV: TESTVAR3=test
<127.0.0.1> EXEC ['/usr/local/bin/kubectl', '-n', 'test', '--kubeconfig', '/.kube/config', 'exec', '-i', 'ubuntu', '-c', 'ubuntu', '--', '/bin/sh', '-c', "/bin/sh -c 'echo ~ && sleep 0'"]
<127.0.0.1> EXEC ['/usr/local/bin/kubectl', '-n', 'test', '--kubeconfig', '/.kube/config', 'exec', '-i', 'ubuntu', '-c', 'ubuntu', '--', '/bin/sh', '-c', '/bin/sh -c \'( umask 77 && mkdir -p "` echo /root/.ansible/tmp `"&& mkdir "` echo /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133 `" && echo ansible-tmp-1713785852.548581-6866-69007595335133="` echo /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133 `" ) && sleep 0\'']
Using module file /usr/local/lib/python3.10/dist-packages/ansible/modules/command.py
<127.0.0.1> PUT /root/.ansible/tmp/ansible-local-6862s5_lr_wb/tmpxwmx0qeh TO /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133/AnsiballZ_command.py
<127.0.0.1> EXEC ['/usr/local/bin/kubectl', '-n', 'test', '--kubeconfig', '/.kube/config', 'exec', '-i', 'ubuntu', '-c', 'ubuntu', '--', '/bin/sh', '-c', "/bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133/ /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133/AnsiballZ_command.py && sleep 0'"]
<127.0.0.1> EXEC ['/usr/local/bin/kubectl', '-n', 'test', '--kubeconfig', '/.kube/config', 'exec', '-i', 'ubuntu', '-c', 'ubuntu', '--', '/bin/sh', '-c', "/bin/sh -c 'TEST_ENV1=value1 TEST_ENV2=value2 /usr/bin/python3 /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133/AnsiballZ_command.py && sleep 0'"]
<127.0.0.1> EXEC ['/usr/local/bin/kubectl', '-n', 'test', '--kubeconfig', '/.kube/config', 'exec', '-i', 'ubuntu', '-c', 'ubuntu', '--', '/bin/sh', '-c', "/bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133/ > /dev/null 2>&1 && sleep 0'"]
changed: [localhost] => {
    "changed": true,
    "cmd": "env",
    "delta": "0:00:00.005088",
    "end": "2024-04-22 11:37:33.655340",
    "invocation": {
        "module_args": {
            "_raw_params": "env",
            "_uses_shell": true,
            "argv": null,
            "chdir": null,
            "creates": null,
            "executable": null,
            "removes": null,
            "stdin": null,
            "stdin_add_newline": true,
            "strip_empty_ends": true
        }
    },
    "msg": "",
    "rc": 0,
    "start": "2024-04-22 11:37:33.650252",
    "stderr": "",
    "stderr_lines": [],
    "stdout": "KUBERNETES_PORT=tcp://10.96.0.1:443\nKUBERNETES_SERVICE_PORT=443\nHOSTNAME=ubuntu\nHOME=/root\nLC_CTYPE=C.UTF-8\nTEST_ENV1=value1\nTEST_ENV2=value2\nTERM=xterm\nKUBERNETES_PORT_443_TCP_ADDR=10.96.0.1\nPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\nKUBERNETES_PORT_443_TCP_PORT=443\nKUBERNETES_PORT_443_TCP_PROTO=tcp\nKUBERNETES_SERVICE_PORT_HTTPS=443\nKUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443\nKUBERNETES_SERVICE_HOST=10.96.0.1\nPWD=/",
    "stdout_lines": [
        "KUBERNETES_PORT=tcp://10.96.0.1:443",
        "KUBERNETES_SERVICE_PORT=443",
        "HOSTNAME=ubuntu",
        "HOME=/root",
        "LC_CTYPE=C.UTF-8",
        "TEST_ENV1=value1",
        "TEST_ENV2=value2",
        "TERM=xterm",
        "KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1",
        "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
        "KUBERNETES_PORT_443_TCP_PORT=443",
        "KUBERNETES_PORT_443_TCP_PROTO=tcp",
        "KUBERNETES_SERVICE_PORT_HTTPS=443",
        "KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443",
        "KUBERNETES_SERVICE_HOST=10.96.0.1",
        "PWD=/"
    ]
}

TASK [debug] ******************************************************************************************************************************************
task path: /test.yaml:22
redirecting (type: connection) ansible.builtin.kubectl to kubernetes.core.kubectl
ok: [localhost] => {
    "result.stdout_lines": [
        "KUBERNETES_PORT=tcp://10.96.0.1:443",
        "KUBERNETES_SERVICE_PORT=443",
        "HOSTNAME=ubuntu",
        "HOME=/root",
        "LC_CTYPE=C.UTF-8",
        "TEST_ENV1=value1",
        "TEST_ENV2=value2",
        "TERM=xterm",
        "KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1",
        "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
        "KUBERNETES_PORT_443_TCP_PORT=443",
        "KUBERNETES_PORT_443_TCP_PROTO=tcp",
        "KUBERNETES_SERVICE_PORT_HTTPS=443",
        "KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443",
        "KUBERNETES_SERVICE_HOST=10.96.0.1",
        "PWD=/"
    ]
}

PLAY RECAP ********************************************************************************************************************************************
localhost                  : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

root@ubuntu-shell:/#

Reviewed-by: Bikouo Aubin
Reviewed-by: Yuriy Novostavskiy
Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-05-07 15:27:09 +00:00
Felix Matouschek
600c10dffb k8s: Display warnings to users (#701) 
k8s: Display warnings to users

SUMMARY
This changes K8sService and the k8s module so warnings returned by the K8S API are displayed to the user.
Fixes kubevirt/kubevirt.core#30
Fixes kubevirt/kubevirt.core#31
ISSUE TYPE


Feature Pull Request

COMPONENT NAME


k8s module
K8sService

ADDITIONAL INFORMATION



Before:
TASK [Create VM] **********************************************************************************************************************************************
ok: [localhost]

After:
TASK [Create VM] **********************************************************************************************************************************************
[WARNING]: unknown field "spec.template.spec.disk"
[WARNING]: unknown field "spec.template.spec.domain.bogus"
ok: [localhost]

Reviewed-by: Adam Miller <admiller@redhat.com>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Felix Matouschek <felix@matouschek.org>
 2024-05-06 13:35:52 +00:00
Wout Van De Wiel
9f7c865c9c helm - expand kubeconfig path with user's home dir (#654) 
helm - expand kubeconfig path with user's home dir

SUMMARY

Currently the helm module fails when providing the default kubeconfig path explicitly, while the same path is fine for the k8s module.

ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

helm
ADDITIONAL INFORMATION



- name: Deploy kubelet-csr-approver
  delegate_to: client
  run_once: true
  kubernetes.core.helm:
    update_repo_cache: true
    kubeconfig: "~/.kube/config"
    state: present
    name: kubelet-csr-approver
    namespace: kubelet-csr-approver
    create_namespace: true
    chart_ref: kubelet-csr-approver/kubelet-csr-approver
    chart_version: 1.0.5
    values: "{{ lookup('template', 'values.yaml.j2') | from_yaml }}"
    atomic: true

Before change:
TASK [kubernetes/kubelet_csr_approver : Deploy kubelet-csr-approver] ***
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: FileNotFoundError: [Errno 2] No such file or directory: '~/.kube/config'
fatal: [node-1 -> client(192.168.121.56)]: FAILED! => {"changed": false, "module_stderr": "", "module_stdout": "Traceback (most recent call last):\r\n  File \"/home/vagrant/.ansible/tmp/ansible-tmp-1697293347.7135417-118207-9805169252135/AnsiballZ_helm.py\", line 107, in <module>\r\n    _ansiballz_main()\r\n  File \"/home/vagrant/.ansible/tmp/ansible-tmp-1697293347.7135417-118207-9805169252135/AnsiballZ_helm.py\", line 99, in _ansiballz_main\r\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n  File \"/home/vagrant/.ansible/tmp/ansible-tmp-1697293347.7135417-118207-9805169252135/AnsiballZ_helm.py\", line 47, in invoke_module\r\n    runpy.run_module(mod_name='ansible_collections.kubernetes.core.plugins.modules.helm', init_globals=dict(_module_fqn='ansible_collections.kubernetes.core.plugins.modules.helm', _modlib_path=modlib_path),\r\n  File \"/usr/lib/python3.10/runpy.py\", line 224, in run_module\r\n    return _run_module_code(code, init_globals, run_name, mod_spec)\r\n  File \"/usr/lib/python3.10/runpy.py\", line 96, in _run_module_code\r\n    _run_code(code, mod_globals, init_globals,\r\n  File \"/usr/lib/python3.10/runpy.py\", line 86, in _run_code\r\n    exec(code, run_globals)\r\n  File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/modules/helm.py\", line 924, in <module>\r\n  File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/modules/helm.py\", line 737, in main\r\n  File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/modules/helm.py\", line 435, in run_repo_update\r\n  File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/module_utils/helm.py\", line 169, in run_helm_command\r\n  File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/module_utils/helm.py\", line 162, in env_update\r\n  File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/module_utils/helm.py\", line 120, in _prepare_helm_environment\r\nFileNotFoundError: [Errno 2] No such file or directory: '~/.kube/config'\r\n", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

After change:
TASK [kubernetes/kubelet_csr_approver : Deploy kubelet-csr-approver] ***
changed: [node-1 -> client(192.168.121.56)]

Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Bikouo Aubin
 2024-03-13 13:16:38 +00:00
Bikouo Aubin
23e94b60c1 helm - Add reuse-values when running helm diff (#683) 
helm - Add reuse-values when running helm diff

SUMMARY

closes #680

ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

helm

Reviewed-by: GomathiselviS
Reviewed-by: Alina Buzachis
 2024-03-01 16:15:11 +00:00
bastienbosser
1955989278 fix(Collection's util resource discovery fails when complex subresources present #659) (#676) 
* fix(Collection's util resource discovery fails when complex subresources present #659)

* fix(add changelog fragment)

* update node image

* Create discovery.yml

* Update main.yml

---------

Co-authored-by: Bastien Bosser <bastien.bosser@eviden.com>
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
 2024-02-29 14:38:45 +01:00
psmolkin
7c4ec3b982 Align helmdiff_check behavior with the deploy function (#670) 
Align `helmdiff_check` behavior with the `deploy` function

SUMMARY
Align helmdiff_check behavior with the deploy function

Fixes #638
helmdiff_check respects set_values parameter
Fixes #669
helmdiff_check command line parameters sequence aligned to the deploy function

ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
kubernetes.core.helm

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2024-02-19 17:01:23 +00:00
Alina Buzachis
8d15489ec2 Remove ignore files and entries which are not useful anymore (#667) 
Remove ignore files and entries which are not useful anymore

SUMMARY

Remove ignore files and entries which are not useful anymore

ISSUE TYPE


Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request

COMPONENT NAME

ADDITIONAL INFORMATION

Reviewed-by: Helen Bailey <hebailey@redhat.com>
Reviewed-by: Mike Graves <mgraves@redhat.com>
 2023-12-12 16:09:14 +00:00
Bikouo Aubin
3dcdcbc85d avoid unsafe condition in integration (#665) 
avoid unsafe condition in integration

SUMMARY


ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

integration tests

Reviewed-by: Helen Bailey <hebailey@redhat.com>
Reviewed-by: Alina Buzachis
 2023-12-12 07:23:09 +00:00
GomathiselviS
fe9c12326d Update main branch post 3.0.0 release (#663) 
Update main branch post 3.0.0 release

SUMMARY


ISSUE TYPE


Docs Pull Request

COMPONENT NAME

ADDITIONAL INFORMATION

Reviewed-by: Bikouo Aubin
 2023-11-21 17:23:25 +00:00
Mike Graves
1a601213eb Merge pull request #660 from GomathiselviS/doc_update 
Update python kubernetes library to 24.2.0 , helm/kind-action to 1.8.0
 2023-11-16 11:51:48 -05:00
GomathiselviS
abb9e0b6d5 Change changelog type 2023-11-16 09:29:44 -05:00
GomathiselviS
bdd429981c Update version in ut 2023-11-15 15:56:13 -05:00
GomathiselviS
6956a77f8c Add changelog 2023-11-15 15:47:59 -05:00
GomathiselviS
1670e35cd8 Update python kubernetes library to 24.2.0 , helm/kind-action to 1.8.0 2023-11-15 15:43:15 -05:00
Bikouo Aubin
b44fdd3f05 helm - fix issue for helm command when chart contains space into its name (#657) 
* fix issue for helm command when chart contains space into its name
 2023-11-13 11:48:13 +01:00
GomathiselviS
b066a2dda3 Cleanup GitHub workflows (#655) 
* Cleanup gha

* test by removing matrix excludes

* Rename sanity tests

* trigger integration tests

* Fix ansible-lint workflow

* Fix concurrency

* Add ansible-lint config

* Add ansible-lint config

* Fix integration and lint issues

* integration wf

* fix yamllint issues

* fix yamllint issues

* update readme and add ignore-2.16.txt

* fix ansible-doc

* Add version

* Use /dev/random to generate random data

The GHA environment has difficultly generating entropy. Trying to read
from /dev/urandom just blocks forever. We don't care if the random data
is cryptographically secure; it's just garbage data for the test. Read
from /dev/random, instead. This is only used during the k8s_copy test
target.

This also removes the custom test module that was being used to generate
the files. It's not worth maintaining this for two task that can be
replaced with some simple command/shell tasks.

* Fix saniry errors

* test github_action fix

* Address review comments

* Remove default types

* review comments

* isort fixes

* remove tags

* Add setuptools to venv

* Test gh changes

* update changelog

* update ignore-2.16

* Fix indentation in inventory plugin example

* Update .github/workflows/integration-tests.yaml

* Update integration-tests.yaml

---------

Co-authored-by: Mike Graves <mgraves@redhat.com>
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
 2023-11-10 16:33:40 +01:00
Will Thames
9e9962bc6c Provide a mechanism to hide fields from output (#629) 
Provide a mechanism to hide fields from output

SUMMARY
The k8s and k8s_info modules can be a little noisy in verbose mode, and most of that is due to managedFields.
If we can provide a mechanism to hide managedFields, the output is a lot more useful.
ISSUE TYPE

Feature Pull Request

COMPONENT NAME
k8s, k8s_info
ADDITIONAL INFORMATION
Before
ANSIBLE_COLLECTIONS_PATH=../../.. ansible -m k8s_info -a 'kind=ConfigMap name=hide-fields-cm namespace=hide-fields' localhost 
[WARNING]: No inventory was parsed, only implicit localhost is available
localhost | SUCCESS => {
    "api_found": true,
    "changed": false,
    "resources": [
        {
            "apiVersion": "v1",
            "data": {
                "another": "value",
                "hello": "world"
            },
            "kind": "ConfigMap",
            "metadata": {
                "annotations": {
                    "kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"v1\",\"data\":{\"another\":\"value\",\"hello\":\"world\"},\"kind\":\"ConfigMap\",\"metadata\":{\"annotations\":{},\"name\":\"hide-fields-cm\",\"namespace\":\"hide-fields\"}}\n"
                },
                "creationTimestamp": "2023-06-13T01:47:47Z",
                "managedFields": [
                    {
                        "apiVersion": "v1",
                        "fieldsType": "FieldsV1",
                        "fieldsV1": {
                            "f:data": {
                                ".": {},
                                "f:another": {},
                                "f:hello": {}
                            },
                            "f:metadata": {
                                "f:annotations": {
                                    ".": {},
                                    "f:kubectl.kubernetes.io/last-applied-configuration": {}
                                }
                            }
                        },
                        "manager": "kubectl-client-side-apply",
                        "operation": "Update",
                        "time": "2023-06-13T01:47:47Z"
                    }
                ],
                "name": "hide-fields-cm",
                "namespace": "hide-fields",
                "resourceVersion": "2557394",
                "uid": "f233da63-6374-4079-9825-3562c0ed123c"
            }
        }
    ]
}

After
ANSIBLE_COLLECTIONS_PATH=../../.. ansible -m k8s_info -a 'kind=ConfigMap name=hide-fields-cm namespace=hide-fields hidden_fields=metadata.managedFields' localhost
[WARNING]: No inventory was parsed, only implicit localhost is available
localhost | SUCCESS => {
    "api_found": true,
    "changed": false,
    "resources": [
        {
            "apiVersion": "v1",
            "data": {
                "another": "value",
                "hello": "world"
            },
            "kind": "ConfigMap",
            "metadata": {
                "annotations": {
                    "kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"v1\",\"data\":{\"another\":\"value\",\"hello\":\"world\"},\"kind\":\"ConfigMap\",\"metadata\":{\"annotations\":{},\"name\":\"hide-fields-cm\",\"namespace\":\"hide-fields\"}}\n"
                },
                "creationTimestamp": "2023-06-13T01:47:47Z",
                "name": "hide-fields-cm",
                "namespace": "hide-fields",
                "resourceVersion": "2557394",
                "uid": "f233da63-6374-4079-9825-3562c0ed123c"
            }
        }
    ]
}

Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Will Thames
 2023-06-21 07:57:53 +00:00
Bikouo Aubin
9ca13c3799 Remove black auto formatting workflow (#632) 
Remove black auto formatting workflow

SUMMARY
We don't have a proper tool to help trigger CI when a commit is pushed on a pull request.
Remove the black/format workflow until we found a token with valid perms
ISSUE TYPE


CI

Reviewed-by: Alina Buzachis
Reviewed-by: Mike Graves <mgraves@redhat.com>
 2023-06-14 16:37:56 +00:00
Bikouo Aubin
318529abaa remove references to personnal repo and add galaxy importer job (#626) 2023-06-01 13:29:15 +02:00
Bikouo Aubin
6d0a3af311 add ability to filter the list of pods to be drained by a pod label selector (#606) 
* add ability to filter the list of pods to be drained by a label selector
 2023-05-31 09:12:09 +02:00
GomathiselviS
54d8193972 Add unit and sanity tests to GHA (#614) 
* Add unit and sanity tests to GHA

Signed-off-by: GomathiselviS <gomathiselvi@gmail.com>

* Fix sanity issues

* Add sanity non voting

* Add changelog

* Fix typo

* Fix typo

* Use pytest-ansible

* Add support for pytest-ansible

---------

Signed-off-by: GomathiselviS <gomathiselvi@gmail.com>
 2023-05-17 18:47:11 +02:00
Bikouo Aubin
a624251bba CI - increase the number of integration workflow (#620) 
enable profile_tasks callback plugin for integration tests targets
 2023-05-02 19:01:04 +02:00
Mark D
869f06f1e4 Update kubernetes.core.k8s_drain_module.rst for issue #615 (#616) 
Update kubernetes.core.k8s_drain_module.rst for issue #615

SUMMARY
Quick documentation fix to the example section of the k8s_drain_module documentation to make the "force" option work. I also updated the formatting of the "grace_period" example to follow the two space formatting in the rest of the examples.
Fixes #615
ISSUE TYPE

Docs Pull Request

COMPONENT NAME
k8s_drain_module.rst
ADDITIONAL INFORMATION
I have tested that the example works based on running ansible as shown:
# ansible --version
ansible [core 2.14.4]
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.11/site-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.11.3 (main, Apr  5 2023, 00:00:00) [GCC 12.2.1 20221121 (Red Hat 12.2.1-4)] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True

Reviewed-by: Bikouo Aubin
 2023-04-21 14:06:44 +00:00
Bikouo Aubin
7919231df1 add linters github action (#613) 2023-04-17 17:44:50 +02:00
Bikouo Aubin
ea28cbaa59 CI - changelog and ansible test splitter jobs (#612) 
* ansible test splitter + changelog

* fix action name

* add integration tests

* fix tests

* add changelog

* fix ansible_test_integration action version

* add exclude for matrix

* fix step id

* remove additional libs to install

* minor updates on how splitter is called
 2023-04-17 12:25:17 +02:00
Bikouo Aubin
560e0e3d40 automated changes for black formatting (#611) 2023-04-11 14:30:36 +02:00
Bikouo Aubin
ed09047699 remove changelog auto update (#610) 
remove changelog auto update

Revert workflow
 2023-04-07 14:57:14 +00:00
Paul Voss
2d1ec22405 use post_renderer when checking 'changed' status for a helm release (#588) 
use post_renderer when checking 'changed' status for a helm release

SUMMARY

helmdiff_check needs to use --post-renderer if configured in order to detect changes correctly
idempotency still seems to work
ISSUE TYPE


Bugfix Pull Request (50%)
Feature Pull Request (50%)

COMPONENT NAME

kubernetes.core.helm
ADDITIONAL INFORMATION



- /snap/bin/helm diff upgrade myrelease some/chart --version=1.2.3 --reset-values -f=/tmp/tmpnn0rr50h.yml
+ /snap/bin/helm diff upgrade myrelease some/chart --version=1.2.3 --reset-values --post-renderer=/tmp/somescript.sh -f=/tmp/tmpnn0rr50h.yml

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2023-04-05 13:50:36 +00:00
Bikouo Aubin
71599e2fde Rename Github actions (#605) 2023-04-04 15:43:30 +02:00
Bikouo Aubin
8687994e9f auto push changes 
push changes on black formating or changelog
 2023-04-04 12:30:42 +02:00
Paul Voss
8640c16cd4 fix post_renderer argument breaking the helm deploy_command (#586) 
fix post_renderer arguments breaking the helm deploy_command

SUMMARY

The post_renderer setting is broken and resets the deploy_command instead of appending an argument. Diff should be self explanatory.
ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

kubernetes.core.helm
ADDITIONAL INFORMATION

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2023-04-03 18:46:03 +00:00
Bikouo Aubin
deb4859f19 update github action (#602) 
update github action

Update github action
 2023-03-29 10:17:44 +00:00
Bikouo Aubin
fb2af07583 PR AutoFixing via GHA (#600) 
auto commit changelog and black formatting fixes
 2023-03-29 07:55:53 +02:00
Bikouo Aubin
151ed8245f make name optional to delete all resources for the specified resource type (#517) 
make name optional to delete all resources for the specified resource type

SUMMARY

closes #504
k8s module should allow deleting all namespace resources for the specified resource type.

ISSUE TYPE


Feature Pull Request

COMPONENT NAME

k8s
ADDITIONAL INFORMATION


Delete all Pods from namespace test

- k8s:
    namespace: test
    kind: Pod
    api_version: v1
    delete_all: true
    state: absent

Reviewed-by: Gonéri Le Bouder <goneri@lebouder.net>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Bikouo Aubin
 2023-03-23 15:43:22 +00:00
Bikouo Aubin
09a3c837c3 [helm] add the ability for the module to uninstall pending-install releases (#589) 
[helm] add the ability for the module to uninstall pending-install releases

SUMMARY

closes #319

ISSUE TYPE


Feature Pull Request

COMPONENT NAME

helm

Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Bikouo Aubin
 2023-03-06 17:07:52 +00:00
Alina Buzachis
31c1ccf962 Deprecate inventory plugin (#582) 
Deprecate inventory plugin

SUMMARY

Deprecate inventory plugin

ISSUE TYPE


Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request

COMPONENT NAME

ADDITIONAL INFORMATION

Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Bikouo Aubin
 2023-02-16 14:57:38 +00:00
Bikouo Aubin
031cc7c40d add reuse_values and reset_values support to helm module (#575) 
helm - add reuse_values and reset_values support

SUMMARY

closes #394

ISSUE TYPE


Feature Pull Request

COMPONENT NAME

helm
ADDITIONAL INFORMATION

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2023-02-16 07:47:33 +00:00
schwadim
22764492d2 Pass right amount of args to ResourceTimeout (#585) 
Pass right amount of args to ResourceTimeout

SUMMARY
Pass right amount of args to ResourceTimeout
Fixes #583
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
k8s_scale
ADDITIONAL INFORMATION
ResourceTimeout constuructor does not accept variable argument length.
The passed result dict seems not to be used currently. One could also pass result["result"] or not pass result at all.

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2023-02-15 08:38:16 +00:00
Bikouo Aubin
3d313cf837 helm fix with release_values option set (#573) 
helm - delete temporary file created when using option release_values

SUMMARY

closes #530

ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

helm
 2023-02-07 14:55:14 +00:00
Mandar Kulkarni
deaf8ee4f3 k8s_scale - handle scaling StatefulSets with 'updateStrategy=OnDelete' (#579) 
k8s_scale - handle scaling StatefulSets with 'updateStrategy=OnDelete'

SUMMARY

Likely Fixes #503

Handle scaling StatefulSets with 'updateStrategy=OnDelete'
ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

k8s_scale
ADDITIONAL INFORMATION

Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Bikouo Aubin <None>
 2023-02-06 20:04:41 +00:00
Bikouo Aubin
0f7963beb9 Release 2.4.0 (#572) (#580) 
Release 2.4.0 over main branch

SUMMARY


ISSUE TYPE


Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request

COMPONENT NAME

ADDITIONAL INFORMATION

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2023-02-03 13:52:08 +00:00
272 changed files with 6999 additions and 4959 deletions
Expand all files Collapse all files

6
.ansible-lint
View File

@@ -1,7 +1,9 @@
--- ---
profile: production profile: production
skip_list:
- meta-runtime[unsupported-version]
exclude_paths: exclude_paths:
- .ansible/
- .github/
- tests/integration - tests/integration
- tests/unit
- tests/sanity - tests/sanity

6
.ansible-lint-ignore Normal file
View File

@@ -0,0 +1,6 @@
# https://docs.ansible.com/ansible-lint/docs/rules/
# no-changed-when is not requried for examples
plugins/connection/kubectl.py no-changed-when
# false positive result
plugins/connection/kubectl.py var-naming[no-reserved]
plugins/connection/kubectl.py jinja[invalid]

59
.github/stale.yml vendored
View File

@@ -1,59 +0,0 @@
---
# Configuration for probot-stale - https://github.com/probot/stale
# Number of days of inactivity before an Issue or Pull Request becomes stale
daysUntilStale: 90
# Number of days of inactivity before an Issue or Pull Request with the stale
# label is closed. Set to false to disable. If disabled, issues still need to be
# closed manually, but will remain marked as stale.
daysUntilClose: 30
# Only issues or pull requests with all of these labels are check if stale.
# Defaults to `[]` (disabled)
onlyLabels: []
# Issues or Pull Requests with these labels will never be considered stale. Set
# to `[]` to disable
exemptLabels:
- security
- planned
- priority/critical
- lifecycle/frozen
- verified
# Set to true to ignore issues in a project (defaults to false)
exemptProjects: false
# Set to true to ignore issues in a milestone (defaults to false)
exemptMilestones: true
# Set to true to ignore issues with an assignee (defaults to false)
exemptAssignees: false
# Label to use when marking as stale
staleLabel: lifecycle/stale
# Limit the number of actions per hour, from 1-30. Default is 30
limitPerRun: 30
pulls:
markComment: |-
PRs go stale after 90 days of inactivity.
If there is no further activity, the PR will be closed in another 30 days.
unmarkComment: >-
This pull request is no longer stale.
closeComment: >-
This pull request has been closed due to inactivity.
issues:
markComment: |-
Issues go stale after 90 days of inactivity.
If there is no further activity, the issue will be closed in another 30 days.
unmarkComment: >-
This issue is no longer stale.
closeComment: >-
This issue has been closed due to inactivity.

16
.github/workflows/integration-tests.yaml vendored
View File

@@ -50,6 +50,7 @@ jobs:
source: "./source" source: "./source"
cloud_common: "./cloudcommon" cloud_common: "./cloudcommon"
ansible_posix: "./ansible_posix" ansible_posix: "./ansible_posix"
community_general: "./community_general"
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@@ -61,7 +62,7 @@ jobs:
- true - true
- false - false
workflow-id: ${{ fromJson(needs.splitter.outputs.test_jobs) }} workflow-id: ${{ fromJson(needs.splitter.outputs.test_jobs) }}
name: "integration-py${{ matrix.python-version }}-${{ matrix.ansible-version }}-${{ matrix.workflow-id }}" name: "integration-py${{ matrix.python-version }}-${{ matrix.ansible-version }}-${{ matrix.workflow-id }}-enable_turbo=${{ matrix.enable-turbo-mode }}"
steps: steps:
- name: Read target - name: Read target
id: read-targets id: read-targets
@@ -118,6 +119,13 @@ jobs:
path: ${{ env.ansible_posix }} path: ${{ env.ansible_posix }}
ref: main ref: main
- name: checkout ansible-collections/community.general
uses: ansible-network/github_actions/.github/actions/checkout_dependency@main
with:
repository: ansible-collections/community.general
path: ${{ env.community_general }}
ref: main
- name: install cloud.common collection - name: install cloud.common collection
uses: ansible-network/github_actions/.github/actions/build_install_collection@main uses: ansible-network/github_actions/.github/actions/build_install_collection@main
with: with:
@@ -130,6 +138,12 @@ jobs:
install_python_dependencies: true install_python_dependencies: true
source_path: ${{ env.ansible_posix }} source_path: ${{ env.ansible_posix }}
- name: install community.general collection
uses: ansible-network/github_actions/.github/actions/build_install_collection@main
with:
install_python_dependencies: false
source_path: ${{ env.community_general }}
- name: create kubernetes cluster - name: create kubernetes cluster
uses: helm/kind-action@v1.8.0 uses: helm/kind-action@v1.8.0
with: with:

9
.github/workflows/linters.yaml vendored
View File

@@ -10,7 +10,7 @@ on:
- main - main
- stable-* - stable-*
tags: tags:
- "*" - '*'
jobs: jobs:
linters: linters:
@@ -19,6 +19,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: run-ansible-lint
- name: Run ansible-lint uses: ansible/ansible-lint@main
uses: ansible/ansible-lint@v6.21.0 with:
gh_action_ref: "v25.5.0"

1
.github/workflows/unit-tests.yaml vendored
View File

@@ -1,4 +1,3 @@
---
name: Unit tests name: Unit tests
concurrency: concurrency:
group: ${{ github.workflow }}-${{ github.ref }} group: ${{ github.workflow }}-${{ github.ref }}

1
.gitignore vendored
View File

@@ -13,6 +13,7 @@ changelogs/.plugin-cache.yaml
tests/output tests/output
tests/integration/cloud-config-* tests/integration/cloud-config-*
.cache .cache
.ansible
# Helm charts # Helm charts
tests/integration/*-chart-*.tgz tests/integration/*-chart-*.tgz

9
.yamllint
View File

@@ -5,16 +5,25 @@ rules:
braces: braces:
max-spaces-inside: 1 max-spaces-inside: 1
level: error level: error
brackets: brackets:
max-spaces-inside: 1 max-spaces-inside: 1
level: error level: error
comments:
min-spaces-from-content: 1
comments-indentation: false
document-start: disable document-start: disable
line-length: disable line-length: disable
truthy: disable truthy: disable
indentation: indentation:
spaces: 2 spaces: 2
indent-sequences: consistent indent-sequences: consistent
octal-values:
forbid-implicit-octal: true
forbid-explicit-octal: true
ignore: | ignore: |
.cache .cache
.tox .tox
.ansible
tests/output tests/output
plugins/connection/kubectl.py

242
CHANGELOG.rst
View File

@@ -4,26 +4,258 @@ Kubernetes Collection Release Notes
.. contents:: Topics .. contents:: Topics
v2.4.2 v5.4.0
====== ======
Release Summary Release Summary
--------------- ---------------
fix resource discovery when complex subresources present This release updates the ``helm_registry_auth`` module to match the behavior of ``helm >= 3.18.0`` which reports a successful logout regardless of the current state (i.e., no idempotency).
Minor Changes
-------------
- Module ``helm_registry_auth`` does not support idempotency with ``helm >= 3.18.0`` (https://github.com/ansible-collections/kubernetes.core/pull/946)
v5.3.0
======
Release Summary
---------------
This release includes minor changes, bug fixes and also bumps ``ansible-lint`` version to ``25.1.2``.
Minor Changes
-------------
- kubernetes.core - Bump version of ``ansible-lint`` to ``25.1.2`` (https://github.com/ansible-collections/kubernetes.core/pull/919).
- action/k8s_info - update templating mechanism with changes from ``ansible-core 2.19`` (https://github.com/ansible-collections/kubernetes.core/pull/888).
- helm - add ``reset_then_reuse_values`` support to helm module (https://github.com/ansible-collections/kubernetes.core/issues/803).
- helm - add support for ``insecure_skip_tls_verify`` option to helm and ``helm_repository`` (https://github.com/ansible-collections/kubernetes.core/issues/694).
Bugfixes
--------
- module_utils/k8s/service - Fix issue when trying to delete resource using ``delete_options`` and ``check_mode=true`` (https://github.com/ansible-collections/kubernetes.core/issues/892).
v5.2.0
======
Release Summary
---------------
This release adds more functionality to the hidden_fields option and support for waiting on ClusterOperators to reach a ready state.
Minor Changes
-------------
- k8s - Extend hidden_fields to allow the expression of more complex field types to be hidden (https://github.com/ansible-collections/kubernetes.core/pull/872)
- k8s_info - Extend hidden_fields to allow the expression of more complex field types to be hidden (https://github.com/ansible-collections/kubernetes.core/pull/872)
- waiter.py - add ClusterOperator support. The module can now check OpenShift cluster health by verifying ClusterOperator status requiring 'Available: True', 'Degraded: False', and 'Progressing: False' for success. (https://github.com/ansible-collections/kubernetes.core/issues/869)
v5.1.0
======
Release Summary
---------------
This release came with new module ``helm_registry_auth``, improvements to the error messages in the k8s_drain module, new parameter ``insecure_registry`` for ``helm_template`` module and several bug fixes.
Minor Changes
-------------
- Bump version of ansible-lint to minimum 24.7.0 (https://github.com/ansible-collections/kubernetes.core/pull/765).
- Parameter insecure_registry added to helm_template as equivalent of insecure-skip-tls-verify (https://github.com/ansible-collections/kubernetes.core/pull/805).
- k8s_drain - Improve error message for pod disruption budget when draining a node (https://github.com/ansible-collections/kubernetes.core/issues/797).
Bugfixes
--------
- helm - Helm version checks did not support RC versions. They now accept any version tags. (https://github.com/ansible-collections/kubernetes.core/pull/745).
- helm_pull - Apply no_log=True to pass_credentials to silence false positive warning. (https://github.com/ansible-collections/kubernetes.core/pull/796).
- k8s_drain - Fix k8s_drain does not wait for single pod (https://github.com/ansible-collections/kubernetes.core/issues/769).
- k8s_drain - Fix k8s_drain runs into a timeout when evicting a pod which is part of a stateful set (https://github.com/ansible-collections/kubernetes.core/issues/792).
- kubeconfig option should not appear in module invocation log (https://github.com/ansible-collections/kubernetes.core/issues/782).
- kustomize - kustomize plugin fails with deprecation warnings (https://github.com/ansible-collections/kubernetes.core/issues/639).
- waiter - Fix waiting for daemonset when desired number of pods is 0. (https://github.com/ansible-collections/kubernetes.core/pull/756).
New Modules
-----------
- helm_registry_auth - Helm registry authentication module
v5.0.0
======
Release Summary
---------------
This major release drops support for ``ansible-core<2.15``.
Minor Changes
-------------
- connection/kubectl.py - Added an example of using the kubectl connection plugin to the documentation (https://github.com/ansible-collections/kubernetes.core/pull/741).
- inventory/k8s.py - Defer removal of k8s inventory plugin to version 6.0.0 (https://github.com/ansible-collections/kubernetes.core/pull/734).
Breaking Changes / Porting Guide
--------------------------------
- Remove support for ``ansible-core<2.15`` (https://github.com/ansible-collections/kubernetes.core/pull/737).
v4.0.0
======
Release Summary
---------------
This major release brings several bug fixes. We have also removed support for ``ansible-core<2.15`` and deprecated functions and class from ``module_utils/common.py``.
Minor Changes
-------------
- inventory/k8s.py - Defer removal of k8s inventory plugin to version 5.0 (https://github.com/ansible-collections/kubernetes.core/pull/723).
- k8s - The module and K8sService were changed so warnings returned by the K8S API are now displayed to the user.
Removed Features (previously deprecated)
----------------------------------------
- k8s - Support for ``merge_type=json`` has been removed in version 4.0.0. Please use ``kubernetes.core.k8s_json_patch`` instead (https://github.com/ansible-collections/kubernetes.core/pull/722).
- k8s_exec - the previously deprecated ``result.return_code`` return value has been removed, consider using ``result.rc`` instead (https://github.com/ansible-collections/kubernetes.core/pull/726).
- module_utils/common.py - the previously deprecated ``K8sAnsibleMixin`` class has been removed (https://github.com/ansible-collections/kubernetes.core/pull/726).
- module_utils/common.py - the previously deprecated ``configuration_digest()`` function has been removed (https://github.com/ansible-collections/kubernetes.core/pull/726).
- module_utils/common.py - the previously deprecated ``get_api_client()`` function has been removed (https://github.com/ansible-collections/kubernetes.core/pull/726).
- module_utils/common.py - the previously deprecated ``unique_string()`` function has been removed (https://github.com/ansible-collections/kubernetes.core/pull/726).
Bugfixes Bugfixes
-------- --------
- Resolve Collections util resource discovery fails when complex subresources present (https://github.com/ansible-collections/kubernetes.core/pull/676). - Resolve Collections util resource discovery fails when complex subresources present (https://github.com/ansible-collections/kubernetes.core/pull/676).
- align `helmdiff_check()` function commandline rendering with the `deploy()` function (https://github.com/ansible-collections/kubernetes.core/pull/670).
- avoid unsafe conditions in integration tests (https://github.com/ansible-collections/kubernetes.core/pull/665).
- helm - use ``reuse-values`` when running ``helm diff`` command (https://github.com/ansible-collections/kubernetes.core/issues/680).
- integrations test helm_kubeconfig - set helm version to v3.10.3 to avoid incompatability with new bitnami charts (https://github.com/ansible-collections/kubernetes.core/pull/670).
v2.4.1 v3.3.1
====== ======
Release Summary Release Summary
--------------- ---------------
The kubernetes.core 2.4.1 release includes several trivial bug fixes related to code sanity. This release fixes the CI issues with the ``linters`` workflow.
v3.3.0
======
Release Summary
---------------
This release comes with improvements to the error messages in the k8s_drain module and several bug fixes.
Minor Changes
-------------
- k8s_drain - Improve error message for pod disruption budget when draining a node (https://github.com/ansible-collections/kubernetes.core/issues/797).
Bugfixes
--------
- helm - Helm version checks did not support RC versions. They now accept any version tags. (https://github.com/ansible-collections/kubernetes.core/pull/745).
- helm_pull - Apply no_log=True to pass_credentials to silence false positive warning. (https://github.com/ansible-collections/kubernetes.core/pull/796).
- k8s_drain - Fix k8s_drain does not wait for single pod (https://github.com/ansible-collections/kubernetes.core/issues/769).
- k8s_drain - Fix k8s_drain runs into a timeout when evicting a pod which is part of a stateful set (https://github.com/ansible-collections/kubernetes.core/issues/792).
- kubeconfig option should not appear in module invocation log (https://github.com/ansible-collections/kubernetes.core/issues/782).
- kustomize - kustomize plugin fails with deprecation warnings (https://github.com/ansible-collections/kubernetes.core/issues/639).
- waiter - Fix waiting for daemonset when desired number of pods is 0. (https://github.com/ansible-collections/kubernetes.core/pull/756).
v3.2.0
======
Release Summary
---------------
This release comes with documentation updates.
Minor Changes
-------------
- connection/kubectl.py - Added an example of using the kubectl connection plugin to the documentation (https://github.com/ansible-collections/kubernetes.core/pull/741).
- inventory/k8s.py - Defer removal of k8s inventory plugin to version 5.0 (https://github.com/ansible-collections/kubernetes.core/pull/723).
- inventory/k8s.py - Defer removal of k8s inventory plugin to version 6.0.0 (https://github.com/ansible-collections/kubernetes.core/pull/734).
v3.1.0
======
Release Summary
---------------
This release comes with some bugfixes and documentation updates. It also adds new features to the kubectl connection plugin and the kustomize lookup plugin.
Minor Changes
-------------
- kubectl - added support of local enviroment variable that will be used for kubectl and may be requried for establishing connections ifself (https://github.com/ansible-collections/kubernetes.core/pull/702)
- kustomize - new parameter added to --enable-helm (https://github.com/ansible-collections/kubernetes.core/issues/568)
Bugfixes
--------
- helm - expand kubeconfig path with user's home directory for consistency with k8s
- k8s_json_patch - rename action symlink to ensure k8s action plugin is used (https://github.com/ansible-collections/kubernetes.core/pull/652).
v3.0.1
======
Release Summary
---------------
This release fixes issue with resources discovery when complex subresources are present, and fixes issues with `reuse-values` parameter for helm module.
Bugfixes
--------
- Resolve Collections util resource discovery fails when complex subresources present (https://github.com/ansible-collections/kubernetes.core/pull/676).
- align `helmdiff_check()` function commandline rendering with the `deploy()` function (https://github.com/ansible-collections/kubernetes.core/pull/670).
- helm - use ``reuse-values`` when running ``helm diff`` command (https://github.com/ansible-collections/kubernetes.core/issues/680).
- integrations test helm_kubeconfig - set helm version to v3.10.3 to avoid incompatability with new bitnami charts (https://github.com/ansible-collections/kubernetes.core/pull/670).
v3.0.0
======
Release Summary
---------------
This major release drops support for ansible-core versions lower than 2.14, Python versions lower than 3.9 and updates python kubernetes library to 24.2.0, helm/kind-action to 1.8.0, kubernetes >= 1.24, along with bug fixes and minor changes.
Minor Changes
-------------
- helm - add ``reuse_values`` and ``reset_values`` support to helm module (https://github.com/ansible-collections/kubernetes.core/issues/394).
- k8s - add new option ``delete_all`` to support deletion of all resources when state is set to ``absent``. (https://github.com/ansible-collections/kubernetes.core/issues/504)
- k8s, k8s_info - add a hidden_fields option to allow fields to be hidden in the results of k8s and k8s_info
- k8s_drain - add ability to filter the list of pods to be drained by a pod label selector (https://github.com/ansible-collections/kubernetes.core/issues/474).
Breaking Changes / Porting Guide
--------------------------------
- Remove support for ansible-core < 2.14
- Update python kubernetes library to 24.2.0, helm/kind-action to 1.8.0, kubernetes >= 1.24.
Deprecated Features
-------------------
- k8s - the ``k8s`` inventory plugin has been deprecated and will be removed in release 4.0.0 (https://github.com/ansible-collections/kubernetes.core/issues/31).
Bugfixes
--------
- helm - Put the chart_ref into quotes when running ``helm show chart``, ``helm upgrade`` and ``helm dependency update`` commands (https://github.com/ansible-collections/kubernetes.core/issues/653).
- helm - delete temporary file created when deploying chart with option ``release_values`` set (https://github.com/ansible-collections/kubernetes.core/issues/530).
- helm - fix issue occurring when uninstalling chart with statues others than ``deployed`` (https://github.com/ansible-collections/kubernetes.core/issues/319).
- helm - fix post_renderer argument breaking the helm deploy_command (https://github.com/ansible-collections/kubernetes.core/pull/586).
- helm - use post_renderer when checking ``changed`` status for a helm release (https://github.com/ansible-collections/kubernetes.core/pull/588).
- k8s_scale - clean handling of ResourceTimeout exception (https://github.com/ansible-collections/kubernetes.core/issues/583).
- k8s_scale - fix issue when scaling StatefulSets with ``updateStrategy=OnDelete`` (https://github.com/ansible-collections/kubernetes.core/issues/579).
v2.4.0 v2.4.0
====== ======
@@ -116,7 +348,7 @@ v2.3.1
Bugfixes Bugfixes
-------- --------
- Catch exception raised when the process is waiting for resources (https://github.com/ansible-collections/kubernetes.core/issues/407). - Catch expectation raised when the process is waiting for resources (https://github.com/ansible-collections/kubernetes.core/issues/407).
- Remove `omit` placeholder when defining resource using template parameter (https://github.com/ansible-collections/kubernetes.core/issues/431). - Remove `omit` placeholder when defining resource using template parameter (https://github.com/ansible-collections/kubernetes.core/issues/431).
- k8s - fix the issue when trying to delete resources using label_selectors options (https://github.com/ansible-collections/kubernetes.core/issues/433). - k8s - fix the issue when trying to delete resources using label_selectors options (https://github.com/ansible-collections/kubernetes.core/issues/433).
- k8s_cp - fix issue when using parameter local_path with file on managed node. (https://github.com/ansible-collections/kubernetes.core/issues/421). - k8s_cp - fix issue when using parameter local_path with file on managed node. (https://github.com/ansible-collections/kubernetes.core/issues/421).

10
CONTRIBUTING.md
View File

@@ -48,7 +48,7 @@ Where modules have multiple parameters we recommend running through the 4-step m
For general information on running the integration tests see the For general information on running the integration tests see the
[Integration Tests page of the Module Development Guide](https://docs.ansible.com/ansible/devel/dev_guide/testing_integration.html#testing-integration), [Integration Tests page of the Module Development Guide](https://docs.ansible.com/ansible/devel/dev_guide/testing_integration.html#testing-integration),
especially the section on configuration for cloud tests. For questions about writing tests the Ansible Kubernetes community can be found on Libera.Chat IRC as detailed below. especially the section on configuration for cloud tests.
### Updating documentation ### Updating documentation
@@ -70,11 +70,3 @@ Review the changes and create a pull request using updated files.
The `kubernetes.core` collection follows the Ansible project's The `kubernetes.core` collection follows the Ansible project's
[Code of Conduct](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html). [Code of Conduct](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html).
Please read and familiarize yourself with this document. Please read and familiarize yourself with this document.
### IRC
Our IRC channels may require you to register your nickname. If you receive an error when you connect, see
[Libera.Chat's Nickname Registration guide](https://libera.chat/guides/registration) for instructions.
The `#ansible-kubernetes` channel on [libera.chat](https://libera.chat/) IRC is the main and official place to discuss use and development of the `kubernetes.core` collection.
For more information about Ansible's Kubernetes integration, browse the resources in the [Kubernetes Working Group](https://github.com/ansible/community/wiki/Kubernetes) Community wiki page.

2
Makefile
View File

@@ -1,5 +1,5 @@
# Also needs to be updated in galaxy.yml # Also needs to be updated in galaxy.yml
VERSION = 2.4.1 VERSION = 5.4.0
TEST_ARGS ?= "" TEST_ARGS ?= ""
PYTHON_VERSION ?= `python -c 'import platform; print(".".join(platform.python_version_tuple()[0:2]))'` PYTHON_VERSION ?= `python -c 'import platform; print(".".join(platform.python_version_tuple()[0:2]))'`

87
README.md
View File

@@ -1,15 +1,29 @@
# Kubernetes Collection for Ansible # Kubernetes Collection for Ansible
[![CI](https://github.com/ansible-collections/kubernetes.core/workflows/CI/badge.svg?event=push)](https://github.com/ansible-collections/kubernetes.core/actions) [![Codecov](https://img.shields.io/codecov/c/github/ansible-collections/kubernetes.core)](https://codecov.io/gh/ansible-collections/kubernetes.core)
This repository hosts the `kubernetes.core` (formerly known as `community.kubernetes`) Ansible Collection. This repository hosts the `kubernetes.core` (formerly known as `community.kubernetes`) Ansible Collection.
## Description
The collection includes a variety of Ansible content to help automate the management of applications in Kubernetes and OpenShift clusters, as well as the provisioning and maintenance of clusters themselves. The collection includes a variety of Ansible content to help automate the management of applications in Kubernetes and OpenShift clusters, as well as the provisioning and maintenance of clusters themselves.
<!--start requires_ansible--> ## Communication
## Ansible version compatibility
This collection has been tested against following Ansible versions: **>=2.9.17**. * Join the Ansible forum:
* [Get Help](https://forum.ansible.com/c/help/6): get help or help others.
* [Posts tagged with 'kubernetes'](https://forum.ansible.com/tag/kubernetes): subscribe to participate in collection-related conversations.
* [Social Spaces](https://forum.ansible.com/c/chat/4): gather and interact with fellow enthusiasts.
* [News & Announcements](https://forum.ansible.com/c/news/5): track project-wide announcements including social events.
* The Ansible [Bullhorn newsletter](https://docs.ansible.com/ansible/devel/community/communication.html#the-bullhorn): used to announce releases and important changes.
For more information about communication, see the [Ansible communication guide](https://docs.ansible.com/ansible/devel/community/communication.html).
## Requirements
<!--start requires_ansible-->
## Ansible Version Compatibility
This collection has been tested against following Ansible versions: **>=2.15.0**.
For collections that support Ansible 2.9, please ensure you update your `network_os` to use the For collections that support Ansible 2.9, please ensure you update your `network_os` to use the
fully qualified collection name (for example, `cisco.ios.ios`). fully qualified collection name (for example, `cisco.ios.ios`).
@@ -18,37 +32,37 @@ A collection may contain metadata that identifies these versions.
PEP440 is the schema used to describe the versions of Ansible. PEP440 is the schema used to describe the versions of Ansible.
<!--end requires_ansible--> <!--end requires_ansible-->
## Python Support ### Python Support
* Collection supports 3.6+ * Collection supports 3.9+
Note: Python2 is deprecated from [1st January 2020](https://www.python.org/doc/sunset-python-2/). Please switch to Python3. Note: Python2 is deprecated from [1st January 2020](https://www.python.org/doc/sunset-python-2/). Please switch to Python3.
## Kubernetes Version Support ### Kubernetes Version Support
This collection supports Kubernetes versions >=1.19. This collection supports Kubernetes versions >= 1.24.
## Included content ### Included Content
Click on the name of a plugin or module to view that content's documentation: Click on the name of a plugin or module to view that content's documentation:
<!--start collection content--> <!--start collection content-->
### Connection plugins ### Connection Plugins
Name | Description Name | Description
--- | --- --- | ---
[kubernetes.core.kubectl](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.kubectl_connection.rst)|Execute tasks in pods running on Kubernetes. [kubernetes.core.kubectl](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.kubectl_connection.rst)|Execute tasks in pods running on Kubernetes.
### K8s filter plugins ### K8s filter Plugins
Name | Description Name | Description
--- | --- --- | ---
kubernetes.core.k8s_config_resource_name|Generate resource name for the given resource of type ConfigMap, Secret kubernetes.core.k8s_config_resource_name|Generate resource name for the given resource of type ConfigMap, Secret
### Inventory plugins ### Inventory Plugins
Name | Description Name | Description
--- | --- --- | ---
[kubernetes.core.k8s](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.k8s_inventory.rst)|Kubernetes (K8s) inventory source [kubernetes.core.k8s](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.k8s_inventory.rst)|Kubernetes (K8s) inventory source
### Lookup plugins ### Lookup Plugins
Name | Description Name | Description
--- | --- --- | ---
[kubernetes.core.k8s](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.k8s_lookup.rst)|Query the K8s API [kubernetes.core.k8s](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.k8s_lookup.rst)|Query the K8s API
@@ -62,6 +76,7 @@ Name | Description
[kubernetes.core.helm_plugin](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_plugin_module.rst)|Manage Helm plugins [kubernetes.core.helm_plugin](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_plugin_module.rst)|Manage Helm plugins
[kubernetes.core.helm_plugin_info](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_plugin_info_module.rst)|Gather information about Helm plugins [kubernetes.core.helm_plugin_info](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_plugin_info_module.rst)|Gather information about Helm plugins
[kubernetes.core.helm_pull](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_pull_module.rst)|download a chart from a repository and (optionally) unpack it in local directory. [kubernetes.core.helm_pull](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_pull_module.rst)|download a chart from a repository and (optionally) unpack it in local directory.
[kubernetes.core.helm_registry_auth](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_registry_auth_module.rst)|Helm registry authentication module
[kubernetes.core.helm_repository](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_repository_module.rst)|Manage Helm repositories. [kubernetes.core.helm_repository](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_repository_module.rst)|Manage Helm repositories.
[kubernetes.core.helm_template](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_template_module.rst)|Render chart templates [kubernetes.core.helm_template](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_template_module.rst)|Render chart templates
[kubernetes.core.k8s](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.k8s_module.rst)|Manage Kubernetes (K8s) objects [kubernetes.core.k8s](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.k8s_module.rst)|Manage Kubernetes (K8s) objects
@@ -79,9 +94,7 @@ Name | Description
<!--end collection content--> <!--end collection content-->
## Installation and Usage ## Installation
### Installing the Collection from Ansible Galaxy
Before using the Kubernetes collection, you need to install it with the Ansible Galaxy CLI: Before using the Kubernetes collection, you need to install it with the Ansible Galaxy CLI:
@@ -93,7 +106,7 @@ You can also include it in a `requirements.yml` file and install it via `ansible
--- ---
collections: collections:
- name: kubernetes.core - name: kubernetes.core
version: 2.4.1 version: 5.4.0
``` ```
### Installing the Kubernetes Python Library ### Installing the Kubernetes Python Library
@@ -102,7 +115,7 @@ Content in this collection requires the [Kubernetes Python client](https://pypi.
pip3 install kubernetes pip3 install kubernetes
### Using modules from the Kubernetes Collection in your playbooks ## Use Cases
It's preferable to use content in this collection using their Fully Qualified Collection Namespace (FQCN), for example `kubernetes.core.k8s_info`: It's preferable to use content in this collection using their Fully Qualified Collection Namespace (FQCN), for example `kubernetes.core.k8s_info`:
@@ -170,7 +183,7 @@ If upgrading older playbooks which were built prior to Ansible 2.10 and this col
For documentation on how to use individual modules and other content included in this collection, please see the links in the 'Included content' section earlier in this README. For documentation on how to use individual modules and other content included in this collection, please see the links in the 'Included content' section earlier in this README.
## Ansible Turbo mode Tech Preview ## Ansible Turbo Mode Tech Preview
The ``kubernetes.core`` collection supports Ansible Turbo mode as a tech preview via the ``cloud.common`` collection. By default, this feature is disabled. To enable Turbo mode for modules, set the environment variable `ENABLE_TURBO_MODE=1` on the managed node. For example: The ``kubernetes.core`` collection supports Ansible Turbo mode as a tech preview via the ``cloud.common`` collection. By default, this feature is disabled. To enable Turbo mode for modules, set the environment variable `ENABLE_TURBO_MODE=1` on the managed node. For example:
@@ -189,12 +202,16 @@ defined in the playbook using `environment` keyword as above, you must set it us
Please read more about Ansible Turbo mode - [here](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/ansible_turbo_mode.rst). Please read more about Ansible Turbo mode - [here](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/ansible_turbo_mode.rst).
## Testing and Development ## Contributing to this Collection
If you want to develop new content for this collection or improve what's already here, the easiest way to work on the collection is to clone it into one of the configured [`COLLECTIONS_PATHS`](https://docs.ansible.com/ansible/latest/reference_appendices/config.html#collections-paths), and work on it there. If you want to develop new content for this collection or improve what's already here, the easiest way to work on the collection is to clone it into one of the configured [`COLLECTIONS_PATHS`](https://docs.ansible.com/ansible/latest/reference_appendices/config.html#collections-paths), and work on it there.
See [Contributing to kubernetes.core](CONTRIBUTING.md). See [Contributing to kubernetes.core](CONTRIBUTING.md).
## Testing
[![Linters](https://img.shields.io/github/actions/workflow/status/ansible-collections/kubernetes.core/linters.yaml?label=linters)](https://github.com/ansible-collections/kubernetes.core/actions/workflows/linters.yaml) [![Integration tests](https://img.shields.io/github/actions/workflow/status/ansible-collections/kubernetes.core/integration-tests.yaml?label=integration%20tests)](https://github.com/ansible-collections/kubernetes.core/actions/workflows/integration-tests.yaml) [![Sanity tests](https://img.shields.io/github/actions/workflow/status/ansible-collections/kubernetes.core/sanity-tests.yaml?label=sanity%20tests)](https://github.com/ansible-collections/kubernetes.core/actions/workflows/sanity-tests.yaml) [![Unit tests](https://img.shields.io/github/actions/workflow/status/ansible-collections/kubernetes.core/unit-tests.yaml?label=unit%20tests)](https://github.com/ansible-collections/kubernetes.core/actions/workflows/unit-tests.yaml) [![Codecov](https://img.shields.io/codecov/c/github/ansible-collections/kubernetes.core)](https://app.codecov.io/gh/ansible-collections/kubernetes.core)
### Testing with `ansible-test` ### Testing with `ansible-test`
The `tests` directory contains configuration for running sanity and integration tests using [`ansible-test`](https://docs.ansible.com/ansible/latest/dev_guide/testing_integration.html). The `tests` directory contains configuration for running sanity and integration tests using [`ansible-test`](https://docs.ansible.com/ansible/latest/dev_guide/testing_integration.html).
@@ -231,9 +248,33 @@ After the version is published, verify it exists on the [Kubernetes Collection G
The process for uploading a supported release to Automation Hub is documented separately. The process for uploading a supported release to Automation Hub is documented separately.
## More Information ## Support
<!--List available communication channels. In addition to channels specific to your collection, we also recommend to use the following ones.-->
> **Note:** The `stable-4` branch, which handles all `4.x.y` releases of this collection, is no longer supported. This means that no backports nor releases will be performed on the `stable-4` branch.
We announce releases and important changes through Ansible's [The Bullhorn newsletter](https://github.com/ansible/community/wiki/News#the-bullhorn). Be sure you are [subscribed](https://eepurl.com/gZmiEP).
We take part in the global quarterly [Ansible Contributor Summit](https://github.com/ansible/community/wiki/Contributor-Summit) virtually or in-person. Track [The Bullhorn newsletter](https://eepurl.com/gZmiEP) and join us.
For more information about communication, refer to the [Ansible Communication guide](https://docs.ansible.com/ansible/devel/community/communication.html).
For the latest supported versions, refer to the release notes below.
If you encounter issues or have questions, you can submit a support request through the following channels:
- GitHub Issues: Report bugs, request features, or ask questions by opening an issue in the [GitHub repository]((https://github.com/ansible-collections/kubernetes.core/).
## Release Notes
See the [raw generated changelog](https://github.com/ansible-collections/kubernetes.core/blob/main/CHANGELOG.rst).
## Code of Conduct
We follow the [Ansible Code of Conduct](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html) in all our interactions within this project.
If you encounter abusive behavior, please refer to the [policy violations](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html#policy-violations) section of the Code for information on how to raise a complaint.
For more information about Ansible's Kubernetes integration, join the `#ansible-kubernetes` channel on [libera.chat](https://libera.chat/) IRC, and browse the resources in the [Kubernetes Working Group](https://github.com/ansible/community/wiki/Kubernetes) Community wiki page.
## License ## License

293
changelogs/changelog.yaml
View File

@@ -762,20 +762,297 @@ releases:
name: helm_pull name: helm_pull
namespace: '' namespace: ''
release_date: '2023-01-24' release_date: '2023-01-24'
2.4.1: 3.0.0:
changes: changes:
release_summary: The kubernetes.core 2.4.1 release includes several trivial breaking_changes:
bug fixes related to sanity. - Remove support for ansible-core < 2.14
- Update python kubernetes library to 24.2.0, helm/kind-action to 1.8.0, kubernetes
>= 1.24.
bugfixes:
- helm - Put the chart_ref into quotes when running ``helm show chart``, ``helm
upgrade`` and ``helm dependency update`` commands (https://github.com/ansible-collections/kubernetes.core/issues/653).
- helm - delete temporary file created when deploying chart with option ``release_values``
set (https://github.com/ansible-collections/kubernetes.core/issues/530).
- helm - fix issue occurring when uninstalling chart with statues others than
``deployed`` (https://github.com/ansible-collections/kubernetes.core/issues/319).
- helm - fix post_renderer argument breaking the helm deploy_command (https://github.com/ansible-collections/kubernetes.core/pull/586).
- helm - use post_renderer when checking ``changed`` status for a helm release
(https://github.com/ansible-collections/kubernetes.core/pull/588).
- k8s_scale - clean handling of ResourceTimeout exception (https://github.com/ansible-collections/kubernetes.core/issues/583).
- k8s_scale - fix issue when scaling StatefulSets with ``updateStrategy=OnDelete``
(https://github.com/ansible-collections/kubernetes.core/issues/579).
deprecated_features:
- k8s - the ``k8s`` inventory plugin has been deprecated and will be removed
in release 4.0.0 (https://github.com/ansible-collections/kubernetes.core/issues/31).
minor_changes:
- helm - add ``reuse_values`` and ``reset_values`` support to helm module (https://github.com/ansible-collections/kubernetes.core/issues/394).
- k8s - add new option ``delete_all`` to support deletion of all resources when
state is set to ``absent``. (https://github.com/ansible-collections/kubernetes.core/issues/504)
- k8s, k8s_info - add a hidden_fields option to allow fields to be hidden in
the results of k8s and k8s_info
- k8s_drain - add ability to filter the list of pods to be drained by a pod
label selector (https://github.com/ansible-collections/kubernetes.core/issues/474).
release_summary: This major release drops support for ansible-core versions
lower than 2.14, Python versions lower than 3.9 and updates python kubernetes
library to 24.2.0, helm/kind-action to 1.8.0, kubernetes >= 1.24, along with
bug fixes and minor changes.
fragments: fragments:
- fix_sanity_errors.yml - 20230206-deprecate-k8s-inventory.yml
release_date: '2024-02-06' - 20231110-helm-quote-ref.yaml
2.4.2: - 517-k8s-make-name-optional.yaml
- 575-helm-add-support-for-reuse_values-and-reset_values.yml
- 579-k8s_scale-fix-issue-with-scaling-statefulsets.yml
- 583-k8s_scale-clean-handling-of-ResourceTimeout-exception.yaml
- 586-helm-fix-post-renderer-arg.yml
- 588-helm-use-post-renderer-for-helmdiff.yml
- 589-helm-uninstall-chart-releases-with-statuses-different-than-deployed.yaml
- 606-k8s_drain-add-pod_selectors-parameter.yaml
- 612-fix-helm-tests.yaml
- 629-add-hidden-fields-option.yaml
- gha-sanity-fixes.yaml
- helm-delete-temporary-file-created-when-using-option-release_values.yaml
- remove_ansible_2_13.yaml
- update_supported_versions.yaml
release_date: '2023-11-17'
3.0.1:
changes: changes:
bugfixes: bugfixes:
- Resolve Collections util resource discovery fails when complex subresources - Resolve Collections util resource discovery fails when complex subresources
present (https://github.com/ansible-collections/kubernetes.core/pull/676). present (https://github.com/ansible-collections/kubernetes.core/pull/676).
release_summary: fix resource discovery when complex subresources present - align `helmdiff_check()` function commandline rendering with the `deploy()`
function (https://github.com/ansible-collections/kubernetes.core/pull/670).
- helm - use ``reuse-values`` when running ``helm diff`` command (https://github.com/ansible-collections/kubernetes.core/issues/680).
- integrations test helm_kubeconfig - set helm version to v3.10.3 to avoid incompatability
with new bitnami charts (https://github.com/ansible-collections/kubernetes.core/pull/670).
release_summary: This release fixes issue with resources discovery when complex
subresources are present, and fixes issues with `reuse-values` parameter for
helm module.
fragments: fragments:
- 2.4.2.yml - 20240117-fix-helm-diff-cmd-line-rendering.yml
- 20240222-Collections-util-resource-discovery-fails-when-complex-subresources-present.yml - 20240222-Collections-util-resource-discovery-fails-when-complex-subresources-present.yml
- 20240228-fix-helm-diff-with-reuse-values.yml
- 3.0.1.yml
release_date: '2024-03-01' release_date: '2024-03-01'
3.1.0:
changes:
bugfixes:
- helm - expand kubeconfig path with user's home directory for consistency with
k8s
- k8s_json_patch - rename action symlink to ensure k8s action plugin is used
(https://github.com/ansible-collections/kubernetes.core/pull/652).
minor_changes:
- kubectl - added support of local enviroment variable that will be used for
kubectl and may be requried for establishing connections ifself (https://github.com/ansible-collections/kubernetes.core/pull/702)
- kustomize - new parameter added to --enable-helm (https://github.com/ansible-collections/kubernetes.core/issues/568)
release_summary: This release comes with some bugfixes and documentation updates.
It also adds new features to the kubectl connection plugin and the kustomize
lookup plugin.
fragments:
- 20240426-add-support-of-kubectl-local-env-vars-for-connection-plugin.yml
- 3.1.0.yml
- 592-kustomize-helm-support.yml
- 652-fix-json-patch-action.yml
- 654-helm-expand-user.yml
release_date: '2024-05-16'
3.2.0:
changes:
minor_changes:
- connection/kubectl.py - Added an example of using the kubectl connection plugin
to the documentation (https://github.com/ansible-collections/kubernetes.core/pull/741).
- inventory/k8s.py - Defer removal of k8s inventory plugin to version 5.0 (https://github.com/ansible-collections/kubernetes.core/pull/723).
- inventory/k8s.py - Defer removal of k8s inventory plugin to version 6.0.0
(https://github.com/ansible-collections/kubernetes.core/pull/734).
release_summary: This release comes with documentation updates.
fragments:
- 20240530-defer-removal-and-ansible-core-support-update.yaml
- 20240601-doc-example-of-using-kubectl.yaml
- 3.2.0.yml
- inventory-update_removal_date.yml
release_date: '2024-06-14'
3.3.0:
changes:
bugfixes:
- helm - Helm version checks did not support RC versions. They now accept any
version tags. (https://github.com/ansible-collections/kubernetes.core/pull/745).
- helm_pull - Apply no_log=True to pass_credentials to silence false positive
warning. (https://github.com/ansible-collections/kubernetes.core/pull/796).
- k8s_drain - Fix k8s_drain does not wait for single pod (https://github.com/ansible-collections/kubernetes.core/issues/769).
- k8s_drain - Fix k8s_drain runs into a timeout when evicting a pod which is
part of a stateful set (https://github.com/ansible-collections/kubernetes.core/issues/792).
- kubeconfig option should not appear in module invocation log (https://github.com/ansible-collections/kubernetes.core/issues/782).
- kustomize - kustomize plugin fails with deprecation warnings (https://github.com/ansible-collections/kubernetes.core/issues/639).
- waiter - Fix waiting for daemonset when desired number of pods is 0. (https://github.com/ansible-collections/kubernetes.core/pull/756).
minor_changes:
- k8s_drain - Improve error message for pod disruption budget when draining
a node (https://github.com/ansible-collections/kubernetes.core/issues/797).
release_summary: This release comes with improvements to the error messages
in the k8s_drain module and several bug fixes.
fragments:
- 20240530-ansible-core-support-update.yaml
- 20240611-helm-rc-version.yaml
- 20240620-fix-kustomize-plugin-fails-with-deprecation-warnings.yml
- 20241102-fix-ci-post-2.18-issue.yaml
- 20241213-kubeconfig-set-no_log-true.yaml
- 756-fix-daemonset-waiting.yaml
- 770-fix-k8s-drain-doesnt-wait-for-single-pod.yaml
- 793-fix-k8s-drain-runs-into-timeout.yaml
- 796-false-positive-helmull.yaml
- 798-drain-pdb-error-message.yaml
- readme_template_update.yml
release_date: '2025-01-20'
3.3.1:
changes:
release_summary: This release fixes the CI issues with the ``linters`` workflow.
fragments:
- release_summary.yml
release_date: '2025-03-26'
4.0.0:
changes:
bugfixes:
- Resolve Collections util resource discovery fails when complex subresources
present (https://github.com/ansible-collections/kubernetes.core/pull/676).
- align `helmdiff_check()` function commandline rendering with the `deploy()`
function (https://github.com/ansible-collections/kubernetes.core/pull/670).
- avoid unsafe conditions in integration tests (https://github.com/ansible-collections/kubernetes.core/pull/665).
- helm - use ``reuse-values`` when running ``helm diff`` command (https://github.com/ansible-collections/kubernetes.core/issues/680).
- integrations test helm_kubeconfig - set helm version to v3.10.3 to avoid incompatability
with new bitnami charts (https://github.com/ansible-collections/kubernetes.core/pull/670).
minor_changes:
- inventory/k8s.py - Defer removal of k8s inventory plugin to version 5.0 (https://github.com/ansible-collections/kubernetes.core/pull/723).
- k8s - The module and K8sService were changed so warnings returned by the K8S
API are now displayed to the user.
release_summary: This major release brings several bug fixes. We have also removed
support for ``ansible-core<2.15`` and deprecated functions and class from
``module_utils/common.py``.
removed_features:
- k8s - Support for ``merge_type=json`` has been removed in version 4.0.0. Please
use ``kubernetes.core.k8s_json_patch`` instead (https://github.com/ansible-collections/kubernetes.core/pull/722).
- k8s_exec - the previously deprecated ``result.return_code`` return value has
been removed, consider using ``result.rc`` instead (https://github.com/ansible-collections/kubernetes.core/pull/726).
- module_utils/common.py - the previously deprecated ``K8sAnsibleMixin`` class
has been removed (https://github.com/ansible-collections/kubernetes.core/pull/726).
- module_utils/common.py - the previously deprecated ``configuration_digest()``
function has been removed (https://github.com/ansible-collections/kubernetes.core/pull/726).
- module_utils/common.py - the previously deprecated ``get_api_client()`` function
has been removed (https://github.com/ansible-collections/kubernetes.core/pull/726).
- module_utils/common.py - the previously deprecated ``unique_string()`` function
has been removed (https://github.com/ansible-collections/kubernetes.core/pull/726).
fragments:
- 20231206-fix-unsafe-condition-in-integration.yml
- 20240117-fix-helm-diff-cmd-line-rendering.yml
- 20240222-Collections-util-resource-discovery-fails-when-complex-subresources-present.yml
- 20240228-fix-helm-diff-with-reuse-values.yml
- 20240423-k8s-display-warnings-to-users.yml
- 4.0.0.yaml
- inventory-update_removal_date.yml
- k8s-merge_type-removed.yml
- module_utils-common-remove-deprecated-functions-and-class.yaml
release_date: '2024-05-24'
5.0.0:
changes:
breaking_changes:
- Remove support for ``ansible-core<2.15`` (https://github.com/ansible-collections/kubernetes.core/pull/737).
minor_changes:
- connection/kubectl.py - Added an example of using the kubectl connection plugin
to the documentation (https://github.com/ansible-collections/kubernetes.core/pull/741).
- inventory/k8s.py - Defer removal of k8s inventory plugin to version 6.0.0
(https://github.com/ansible-collections/kubernetes.core/pull/734).
release_summary: This major release drops support for ``ansible-core<2.15``.
fragments:
- 20240530-ansible-core-support-update.yaml
- 20240530-defer-removal-and-ansible-core-support-update.yaml
- 5.0.0.yml
release_date: '2024-05-31'
5.1.0:
changes:
bugfixes:
- helm - Helm version checks did not support RC versions. They now accept any
version tags. (https://github.com/ansible-collections/kubernetes.core/pull/745).
- helm_pull - Apply no_log=True to pass_credentials to silence false positive
warning. (https://github.com/ansible-collections/kubernetes.core/pull/796).
- k8s_drain - Fix k8s_drain does not wait for single pod (https://github.com/ansible-collections/kubernetes.core/issues/769).
- k8s_drain - Fix k8s_drain runs into a timeout when evicting a pod which is
part of a stateful set (https://github.com/ansible-collections/kubernetes.core/issues/792).
- kubeconfig option should not appear in module invocation log (https://github.com/ansible-collections/kubernetes.core/issues/782).
- kustomize - kustomize plugin fails with deprecation warnings (https://github.com/ansible-collections/kubernetes.core/issues/639).
- waiter - Fix waiting for daemonset when desired number of pods is 0. (https://github.com/ansible-collections/kubernetes.core/pull/756).
minor_changes:
- Bump version of ansible-lint to minimum 24.7.0 (https://github.com/ansible-collections/kubernetes.core/pull/765).
- Parameter insecure_registry added to helm_template as equivalent of insecure-skip-tls-verify
(https://github.com/ansible-collections/kubernetes.core/pull/805).
- k8s_drain - Improve error message for pod disruption budget when draining
a node (https://github.com/ansible-collections/kubernetes.core/issues/797).
release_summary: This release came with new module ``helm_registry_auth``, improvements
to the error messages in the k8s_drain module, new parameter ``insecure_registry``
for ``helm_template`` module and several bug fixes.
fragments:
- 0-readme.yml
- 20240601-doc-example-of-using-kubectl.yaml
- 20240611-helm-rc-version.yaml
- 20240620-fix-kustomize-plugin-fails-with-deprecation-warnings.yml
- 20241102-fix-ci-post-2.18-issue.yaml
- 20241103-completly-remove-obsolate-communication-channel.yaml
- 20241207-add-insecure-skip-tls-verify-to-helm-template.yaml
- 20241213-kubeconfig-set-no_log-true.yaml
- 756-fix-daemonset-waiting.yaml
- 765-bump-ansible-lint-version.yml
- 770-fix-k8s-drain-doesnt-wait-for-single-pod.yaml
- 793-fix-k8s-drain-runs-into-timeout.yaml
- 796-false-positive-helmull.yaml
- 798-drain-pdb-error-message.yaml
- readme_template_update.yml
modules:
- description: Helm registry authentication module
name: helm_registry_auth
namespace: ''
release_date: '2025-01-20'
5.2.0:
changes:
minor_changes:
- k8s - Extend hidden_fields to allow the expression of more complex field types
to be hidden (https://github.com/ansible-collections/kubernetes.core/pull/872)
- k8s_info - Extend hidden_fields to allow the expression of more complex field
types to be hidden (https://github.com/ansible-collections/kubernetes.core/pull/872)
- 'waiter.py - add ClusterOperator support. The module can now check OpenShift
cluster health by verifying ClusterOperator status requiring ''Available:
True'', ''Degraded: False'', and ''Progressing: False'' for success. (https://github.com/ansible-collections/kubernetes.core/issues/869)'
release_summary: This release adds more functionality to the hidden_fields option
and support for waiting on ClusterOperators to reach a ready state.
fragments:
- 5.2.0.yml
- 643-extend-hidden-fields.yaml
- 879-clusteroperator-waiter.py.yaml
release_date: '2025-03-27'
5.3.0:
changes:
bugfixes:
- module_utils/k8s/service - fix issue when trying to delete resource using
`delete_options` and `check_mode=true` (https://github.com/ansible-collections/kubernetes.core/issues/892).
minor_changes:
- kubernetes.core - Bump version of ``ansible-lint`` to ``25.1.2`` (https://github.com/ansible-collections/kubernetes.core/pull/919).
- action/k8s_info - update templating mechanism with changes from ``ansible-core
2.19`` (https://github.com/ansible-collections/kubernetes.core/pull/888).
- helm - add ``reset_then_reuse_values`` support to helm module (https://github.com/ansible-collections/kubernetes.core/issues/803).
- helm - add support for ``insecure_skip_tls_verify`` option to helm and ``helm_repository`` (https://github.com/ansible-collections/kubernetes.core/issues/694).
release_summary: This release includes minor changes, bug fixes and also bumps
``ansible-lint`` version to ``25.1.2``.
fragments:
- 20250324-k8s_info-templating.yaml
- 5.3.0.yml
- 694-add-insecure-skip-tls-verify.yml
- 800-helm-add-reset_then_reuse_values-support.yml
- 898-k8s-dont-delete-in-check-mode.yaml
- 919-update-ansible-lint-version.yaml
release_date: '2025-05-16'
5.4.0:
changes:
minor_changes:
- Module ``helm_registry_auth`` does not support idempotency with ``helm >= 3.18.0``
(https://github.com/ansible-collections/kubernetes.core/pull/946).
release_summary: This release updates the ``helm_registry_auth`` module to match the behavior of ``helm >= 3.18.0`` which reports a successful logout regardless of the current state (i.e., no idempotency).
fragments:
- 20250411-kubeconfig-no_log-revert.yaml
- 20250503-fix-unit-tests.yml
- 20250605-fix-helm_registry_auth-integration_test.yaml
- 5.4.0.yml
release_date: '2025-08-12'

32
changelogs/config.yaml
View File

@@ -10,21 +10,21 @@ notesdir: fragments
prelude_section_name: release_summary prelude_section_name: release_summary
prelude_section_title: Release Summary prelude_section_title: Release Summary
sections: sections:
- - major_changes - - major_changes
- Major Changes - Major Changes
- - minor_changes - - minor_changes
- Minor Changes - Minor Changes
- - breaking_changes - - breaking_changes
- Breaking Changes / Porting Guide - Breaking Changes / Porting Guide
- - deprecated_features - - deprecated_features
- Deprecated Features - Deprecated Features
- - removed_features - - removed_features
- Removed Features (previously deprecated) - Removed Features (previously deprecated)
- - security_fixes - - security_fixes
- Security Fixes - Security Fixes
- - bugfixes - - bugfixes
- Bugfixes - Bugfixes
- - known_issues - - known_issues
- Known Issues - Known Issues
title: Kubernetes Collection title: Kubernetes Collection
trivial_section_name: trivial trivial_section_name: trivial

3
changelogs/fragments/654-helm-expand-user.yml
View File

@@ -1,3 +0,0 @@
---
bugfixes:
- helm - expand kubeconfig path with user's home directory for consistency with k8s

112
docs/kubernetes.core.helm_info_module.rst
View File

@@ -105,6 +105,27 @@ Parameters
<div style="font-size: small; color: darkgreen"><br/>aliases: kube_context</div> <div style="font-size: small; color: darkgreen"><br/>aliases: kube_context</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>get_all_values</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Set to <code>True</code> if you want to get all (computed) values of the release.</div>
<div>When <code>False</code> (default), only user supplied values are returned.</div>
</td>
</tr>
<tr> <tr>
<td colspan="1"> <td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -127,7 +148,7 @@ Parameters
<b>kubeconfig</b> <b>kubeconfig</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small"> <div style="font-size: small">
<span style="color: purple">path</span> <span style="color: purple">raw</span>
</div> </div>
</td> </td>
<td> <td>
@@ -135,6 +156,7 @@ Parameters
<td> <td>
<div>Helm option to specify kubeconfig path to use.</div> <div>Helm option to specify kubeconfig path to use.</div>
<div>If the value is not specified in the task, the value of environment variable <code>K8S_AUTH_KUBECONFIG</code> will be used instead.</div> <div>If the value is not specified in the task, the value of environment variable <code>K8S_AUTH_KUBECONFIG</code> will be used instead.</div>
<div>The configuration can be provided as dictionary. Added in version 2.4.0.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: kubeconfig_path</div> <div style="font-size: small; color: darkgreen"><br/>aliases: kubeconfig_path</div>
</td> </td>
</tr> </tr>
@@ -172,6 +194,32 @@ Parameters
<div style="font-size: small; color: darkgreen"><br/>aliases: namespace</div> <div style="font-size: small; color: darkgreen"><br/>aliases: namespace</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>release_state</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
/ <span style="color: purple">elements=string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">[]</div>
</td>
<td>
<div>Show releases as per their states.</div>
<div>Default value is <code>deployed</code> and <code>failed</code>.</div>
<div>If set to <code>all</code>, show all releases without any filter applied.</div>
<div>If set to <code>deployed</code>, show deployed releases.</div>
<div>If set to <code>failed</code>, show failed releases.</div>
<div>If set to <code>pending</code>, show pending releases.</div>
<div>If set to <code>superseded</code>, show superseded releases.</div>
<div>If set to <code>uninstalled</code>, show uninstalled releases, if <code>helm uninstall --keep-history</code> was used.</div>
<div>If set to <code>uninstalling</code>, show releases that are currently being uninstalled.</div>
</td>
</tr>
<tr> <tr>
<td colspan="1"> <td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -204,11 +252,18 @@ Examples
.. code-block:: yaml .. code-block:: yaml
- name: Deploy latest version of Grafana chart inside monitoring namespace - name: Gather information of Grafana chart inside monitoring namespace
kubernetes.core.helm_info: kubernetes.core.helm_info:
name: test name: test
release_namespace: monitoring release_namespace: monitoring
- name: Gather information about test-chart with pending state
kubernetes.core.helm_info:
name: test-chart
release_namespace: testenv
release_state:
- pending
Return Values Return Values
@@ -270,6 +325,42 @@ Common return values are documented `here <https://docs.ansible.com/ansible/late
<br/> <br/>
</td> </td>
</tr> </tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>hooks</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
/ <span style="color: purple">elements=dictionary</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>always</td>
<td>
<div>Hooks of the release</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>manifest</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
/ <span style="color: purple">elements=dictionary</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>always</td>
<td>
<div>Manifest of the release</div>
<br/>
</td>
</tr>
<tr> <tr>
<td class="elbow-placeholder">&nbsp;</td> <td class="elbow-placeholder">&nbsp;</td>
<td colspan="1"> <td colspan="1">
@@ -302,6 +393,23 @@ Common return values are documented `here <https://docs.ansible.com/ansible/late
<br/> <br/>
</td> </td>
</tr> </tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>notes</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>always</td>
<td>
<div>Notes of the release</div>
<br/>
</td>
</tr>
<tr> <tr>
<td class="elbow-placeholder">&nbsp;</td> <td class="elbow-placeholder">&nbsp;</td>
<td colspan="1"> <td colspan="1">

250
docs/kubernetes.core.helm_module.rst
View File

@@ -36,12 +36,12 @@ Parameters
<table border=0 cellpadding=0 class="documentation-table"> <table border=0 cellpadding=0 class="documentation-table">
<tr> <tr>
<th colspan="1">Parameter</th> <th colspan="2">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th> <th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th> <th width="100%">Comments</th>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>api_key</b> <b>api_key</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -57,7 +57,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>atomic</b> <b>atomic</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -76,7 +76,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>binary_path</b> <b>binary_path</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -91,7 +91,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>ca_cert</b> <b>ca_cert</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -108,7 +108,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>chart_ref</b> <b>chart_ref</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -127,7 +127,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>chart_repo_url</b> <b>chart_repo_url</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -142,7 +142,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>chart_version</b> <b>chart_version</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -157,7 +157,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>context</b> <b>context</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -174,7 +174,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>create_namespace</b> <b>create_namespace</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -194,13 +194,14 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>dependency_update</b> <b>dependency_update</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small"> <div style="font-size: small">
<span style="color: purple">boolean</span> <span style="color: purple">boolean</span>
</div> </div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td> </td>
<td> <td>
<ul style="margin: 0; padding: 0"><b>Choices:</b> <ul style="margin: 0; padding: 0"><b>Choices:</b>
@@ -209,7 +210,7 @@ Parameters
</ul> </ul>
</td> </td>
<td> <td>
<div>Run standelone <code>helm dependency update CHART</code> before the operation.</div> <div>Run standalone <code>helm dependency update CHART</code> before the operation.</div>
<div>Run inline <code>--dependency-update</code> with <code>helm install</code> command. This feature is not supported yet with the <code>helm upgrade</code> command.</div> <div>Run inline <code>--dependency-update</code> with <code>helm install</code> command. This feature is not supported yet with the <code>helm upgrade</code> command.</div>
<div>So we should consider to use <em>dependency_update</em> options with <em>replace</em> option enabled when specifying <em>chart_repo_url</em>.</div> <div>So we should consider to use <em>dependency_update</em> options with <em>replace</em> option enabled when specifying <em>chart_repo_url</em>.</div>
<div>The <em>dependency_update</em> option require the add of <code>dependencies</code> block in <code>Chart.yaml/requirements.yaml</code> file.</div> <div>The <em>dependency_update</em> option require the add of <code>dependencies</code> block in <code>Chart.yaml/requirements.yaml</code> file.</div>
@@ -218,7 +219,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>disable_hook</b> <b>disable_hook</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -237,7 +238,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>force</b> <b>force</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -256,7 +257,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>history_max</b> <b>history_max</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -273,7 +274,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>host</b> <b>host</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -289,12 +290,35 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>insecure_skip_tls_verify</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 5.3.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Skip tls certificate checks for the chart download.</div>
<div>Do not confuse with the <code>validate_certs</code> option.</div>
<div>This option is only available for helm &gt;= 3.16.0.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: skip_tls_certs_check</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>kubeconfig</b> <b>kubeconfig</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small"> <div style="font-size: small">
<span style="color: purple">path</span> <span style="color: purple">raw</span>
</div> </div>
</td> </td>
<td> <td>
@@ -302,11 +326,28 @@ Parameters
<td> <td>
<div>Helm option to specify kubeconfig path to use.</div> <div>Helm option to specify kubeconfig path to use.</div>
<div>If the value is not specified in the task, the value of environment variable <code>K8S_AUTH_KUBECONFIG</code> will be used instead.</div> <div>If the value is not specified in the task, the value of environment variable <code>K8S_AUTH_KUBECONFIG</code> will be used instead.</div>
<div>The configuration can be provided as dictionary. Added in version 2.4.0.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: kubeconfig_path</div> <div style="font-size: small; color: darkgreen"><br/>aliases: kubeconfig_path</div>
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>post_renderer</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
</td>
<td>
<div>Path to an executable to be used for post rendering.</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>purge</b> <b>purge</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -325,7 +366,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>release_name</b> <b>release_name</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -342,7 +383,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>release_namespace</b> <b>release_namespace</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -359,7 +400,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>release_state</b> <b>release_state</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -379,7 +420,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>release_values</b> <b>release_values</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -396,7 +437,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>replace</b> <b>replace</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -418,7 +459,130 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>reset_then_reuse_values</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 6.0.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>When upgrading package, reset the values to the ones built into the chart, apply the last release&#x27;s values and merge in any overrides from parameters O(release_values), O(values_files) or O(set_values).</div>
<div>If O(reset_values) or O(reuse_values) is set to V(True), this is ignored.</div>
<div>This feature requires helm diff &gt;= 3.9.12.</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>reset_values</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 3.0.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>When upgrading package, reset the values to the ones built into the chart.</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>reuse_values</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 3.0.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>When upgrading package, specifies wether to reuse the last release&#x27;s values and merge in any overrides from parameters <em>release_values</em>, <em>values_files</em> or <em>set_values</em>.</div>
<div>If <em>reset_values</em> is set to <code>True</code>, this is ignored.</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>set_values</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
/ <span style="color: purple">elements=dictionary</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
</td>
<td>
<div>Values to pass to chart configuration</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder"></td>
<td colspan="1"> <td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>value</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>Value to pass to chart configuration (e.g phase=prod).</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder"></td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>value_type</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>raw</b>&nbsp;&larr;</div></li>
<li>string</li>
<li>json</li>
<li>file</li>
</ul>
</td>
<td>
<div>Use <code>raw</code> set individual value.</div>
<div>Use <code>string</code> to force a string for an individual value.</div>
<div>Use <code>file</code> to set individual values from a file when the value itself is too long for the command line or is dynamically generated.</div>
<div>Use <code>json</code> to set json values (scalars/objects/arrays). This feature requires helm&gt;=3.10.0.</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>skip_crds</b> <b>skip_crds</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -438,7 +602,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>timeout</b> <b>timeout</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -456,7 +620,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>update_repo_cache</b> <b>update_repo_cache</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -475,7 +639,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>validate_certs</b> <b>validate_certs</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -496,7 +660,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>values_files</b> <b>values_files</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -517,7 +681,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>wait</b> <b>wait</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -537,7 +701,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>wait_timeout</b> <b>wait_timeout</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -556,6 +720,12 @@ Parameters
<br/> <br/>
Notes
-----
.. note::
- The default idempotency check can fail to report changes when ``release_state`` is set to ``present`` and ``chart_repo_url`` is defined. Install helm diff >= 3.4.1 for better results.
Examples Examples
@@ -612,6 +782,15 @@ Examples
state: absent state: absent
update_repo_cache: true update_repo_cache: true
- name: Deploy Grafana chart using set values on target
kubernetes.core.helm:
name: test
chart_ref: stable/grafana
release_namespace: monitoring
set_values:
- value: phase=prod
value_type: string
# From git # From git
- name: Git clone stable repo on HEAD - name: Git clone stable repo on HEAD
ansible.builtin.git: ansible.builtin.git:
@@ -657,6 +836,17 @@ Examples
logging: logging:
enabled: True enabled: True
# Deploy latest version
- name: Deploy latest version of Grafana chart using reuse_values
kubernetes.core.helm:
name: test
chart_ref: stable/grafana
release_namespace: monitoring
reuse_values: true
values:
replicas: 2
version: 3e8ec0b2dffa40fb97d5342e4af887de95faa8c61a62480dd7f8aa03dffcf533
Return Values Return Values

3
docs/kubernetes.core.helm_plugin_info_module.rst
View File

@@ -126,7 +126,7 @@ Parameters
<b>kubeconfig</b> <b>kubeconfig</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small"> <div style="font-size: small">
<span style="color: purple">path</span> <span style="color: purple">raw</span>
</div> </div>
</td> </td>
<td> <td>
@@ -134,6 +134,7 @@ Parameters
<td> <td>
<div>Helm option to specify kubeconfig path to use.</div> <div>Helm option to specify kubeconfig path to use.</div>
<div>If the value is not specified in the task, the value of environment variable <code>K8S_AUTH_KUBECONFIG</code> will be used instead.</div> <div>If the value is not specified in the task, the value of environment variable <code>K8S_AUTH_KUBECONFIG</code> will be used instead.</div>
<div>The configuration can be provided as dictionary. Added in version 2.4.0.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: kubeconfig_path</div> <div style="font-size: small; color: darkgreen"><br/>aliases: kubeconfig_path</div>
</td> </td>
</tr> </tr>

35
docs/kubernetes.core.helm_plugin_module.rst
View File

@@ -126,7 +126,7 @@ Parameters
<b>kubeconfig</b> <b>kubeconfig</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small"> <div style="font-size: small">
<span style="color: purple">path</span> <span style="color: purple">raw</span>
</div> </div>
</td> </td>
<td> <td>
@@ -134,6 +134,7 @@ Parameters
<td> <td>
<div>Helm option to specify kubeconfig path to use.</div> <div>Helm option to specify kubeconfig path to use.</div>
<div>If the value is not specified in the task, the value of environment variable <code>K8S_AUTH_KUBECONFIG</code> will be used instead.</div> <div>If the value is not specified in the task, the value of environment variable <code>K8S_AUTH_KUBECONFIG</code> will be used instead.</div>
<div>The configuration can be provided as dictionary. Added in version 2.4.0.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: kubeconfig_path</div> <div style="font-size: small; color: darkgreen"><br/>aliases: kubeconfig_path</div>
</td> </td>
</tr> </tr>
@@ -150,7 +151,7 @@ Parameters
</td> </td>
<td> <td>
<div>Name of Helm plugin.</div> <div>Name of Helm plugin.</div>
<div>Required only if <code>state=absent</code>.</div> <div>Required only if <code>state=absent</code> or <code>state=latest</code>.</div>
</td> </td>
</tr> </tr>
<tr> <tr>
@@ -170,6 +171,23 @@ Parameters
<div>Required only if <code>state=present</code>.</div> <div>Required only if <code>state=present</code>.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>plugin_version</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>Plugin version to install. If this is not specified, the latest version is installed.</div>
<div>Ignored when <code>state=absent</code> or <code>state=latest</code>.</div>
</td>
</tr>
<tr> <tr>
<td colspan="1"> <td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -183,10 +201,12 @@ Parameters
<ul style="margin: 0; padding: 0"><b>Choices:</b> <ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>absent</li> <li>absent</li>
<li><div style="color: blue"><b>present</b>&nbsp;&larr;</div></li> <li><div style="color: blue"><b>present</b>&nbsp;&larr;</div></li>
<li>latest</li>
</ul> </ul>
</td> </td>
<td> <td>
<div>If <code>state=present</code> the Helm plugin will be installed.</div> <div>If <code>state=present</code> the Helm plugin will be installed.</div>
<div>If <code>state=latest</code> the Helm plugin will be updated. Added in version 2.3.0.</div>
<div>If <code>state=absent</code> the Helm plugin will be removed.</div> <div>If <code>state=absent</code> the Helm plugin will be removed.</div>
</td> </td>
</tr> </tr>
@@ -237,6 +257,17 @@ Examples
plugin_name: env plugin_name: env
state: absent state: absent
- name: Install Helm plugin with a specific version
kubernetes.core.helm_plugin:
plugin_version: 2.0.1
plugin_path: https://domain/path/to/plugin.tar.gz
state: present
- name: Update Helm plugin
kubernetes.core.helm_plugin:
plugin_name: secrets
state: latest
Return Values Return Values

3
docs/kubernetes.core.helm_pull_module.rst
View File

@@ -279,7 +279,8 @@ Parameters
</td> </td>
<td> <td>
<div>Whether or not to check tls certificate for the chart download.</div> <div>Whether or not to check tls certificate for the chart download.</div>
<div>Requires helm &gt;= 3.3.0.</div> <div>Requires helm &gt;= 3.3.0. Alias <code>insecure_skip_tls_verify</code> added in 5.3.0.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: insecure_skip_tls_verify</div>
</td> </td>
</tr> </tr>
<tr> <tr>

333
docs/kubernetes.core.helm_registry_auth_module.rst Normal file
View File

@@ -0,0 +1,333 @@
.. _kubernetes.core.helm_registry_auth_module:
**********************************
kubernetes.core.helm_registry_auth
**********************************
**Helm registry authentication module**
Version added: 5.1.0
.. contents::
:local:
:depth: 1
Synopsis
--------
- Helm registry authentication module allows you to login ``helm registry login`` and logout ``helm registry logout`` from a Helm registry.
Requirements
------------
The below requirements are needed on the host that executes this module.
- helm (https://github.com/helm/helm/releases) => 3.8.0
Parameters
----------
.. raw:: html
<table border=0 cellpadding=0 class="documentation-table">
<tr>
<th colspan="1">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>binary_path</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">path</span>
</div>
</td>
<td>
</td>
<td>
<div>The path of a helm binary to use.</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>ca_file</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">path</span>
</div>
</td>
<td>
</td>
<td>
<div>Path to the CA certificate SSL file for verify registry server certificate.</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>cert_file</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">path</span>
</div>
</td>
<td>
</td>
<td>
<div>Path to the client certificate SSL file for identify registry client using this certificate file.</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>host</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>Provide a URL for accessing the registry.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: registry_url</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>insecure</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Allow connections to SSL sites without certs.</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>key_file</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">path</span>
</div>
</td>
<td>
</td>
<td>
<div>Path to the client key SSL file for identify registry client using this key file.</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>password</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>Password for the registry.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: repo_password</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>state</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>present</b>&nbsp;&larr;</div></li>
<li>absent</li>
</ul>
</td>
<td>
<div>Desired state of the registry.</div>
<div>If set to V(present) attempt to log in to the remote registry server using the URL specified in O(host).</div>
<div>If set to V(absent) attempt to log out from the remote registry server using the URL specified in O(host).</div>
<div>As helm &gt;= 3.18.0 reports successful logout even if the user is not logged in, this module will report a change regardless of the current state.</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>username</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>Username for the registry.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: repo_username</div>
</td>
</tr>
</table>
<br/>
Examples
--------
.. code-block:: yaml
- name: Login to remote registry
kubernetes.core.helm_registry_auth:
username: admin
password: "sample_password"
host: localhost:5000
- name: Logout from remote registry
kubernetes.core.helm_registry_auth:
state: absent
host: localhost:5000
Return Values
-------------
Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module:
.. raw:: html
<table border=0 cellpadding=0 class="documentation-table">
<tr>
<th colspan="1">Key</th>
<th>Returned</th>
<th width="100%">Description</th>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>command</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>always</td>
<td>
<div>Full <code>helm</code> command executed</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">/usr/local/bin/helm registry login oci-registry.domain.example --username=admin --password-stdin --insecure</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>failed</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>always</td>
<td>
<div>Indicate if the <code>helm</code> command failed</div>
<br/>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>stderr</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>always</td>
<td>
<div>Full <code>helm</code> command stderr, in case you want to display it or examine the event log. Please be note that helm binnary may print messages to stderr even if the command is successful.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">Login Succeeded\n</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>stderr_lines</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>always</td>
<td>
<div>Full <code>helm</code> command stderr, in case you want to display it or examine the event log</div>
<br/>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>stdout</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>always</td>
<td>
<div>Full <code>helm</code> command stdout, in case you want to display it or examine the event log</div>
<br/>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>stout_lines</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>always</td>
<td>
<div>Full <code>helm</code> command stdout, in case you want to display it or examine the event log</div>
<br/>
</td>
</tr>
</table>
<br/><br/>
Status
------
Authors
~~~~~~~
- Yuriy Novostavskiy (@yurnov)

169
docs/kubernetes.core.helm_repository_module.rst
View File

@@ -40,6 +40,22 @@ Parameters
<th>Choices/<font color="blue">Defaults</font></th> <th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th> <th width="100%">Comments</th>
</tr> </tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>api_key</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>Token used to authenticate with the API. Can also be specified via <code>K8S_AUTH_API_KEY</code> environment variable.</div>
</td>
</tr>
<tr> <tr>
<td colspan="1"> <td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -55,6 +71,138 @@ Parameters
<div>The path of a helm binary to use.</div> <div>The path of a helm binary to use.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>ca_cert</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">path</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>Path to a CA certificate used to authenticate with the API. The full certificate chain must be provided to avoid certificate validation errors. Can also be specified via <code>K8S_AUTH_SSL_CA_CERT</code> environment variable.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: ssl_ca_cert</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>context</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
</td>
<td>
<div>Helm option to specify which kubeconfig context to use.</div>
<div>If the value is not specified in the task, the value of environment variable <code>K8S_AUTH_CONTEXT</code> will be used instead.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: kube_context</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>force_update</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Whether or not to replace (overwrite) the repo if it already exists.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: force</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>host</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>Provide a URL for accessing the API. Can also be specified via <code>K8S_AUTH_HOST</code> environment variable.</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>insecure_skip_tls_verify</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 5.3.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Skip tls certificate checks for the repository url.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: skip_tls_certs_check</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>kubeconfig</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">raw</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
</td>
<td>
<div>Helm option to specify kubeconfig path to use.</div>
<div>If the value is not specified in the task, the value of environment variable <code>K8S_AUTH_KUBECONFIG</code> will be used instead.</div>
<div>The configuration can be provided as dictionary.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: kubeconfig_path</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>pass_credentials</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Pass credentials to all domains.</div>
</td>
</tr>
<tr> <tr>
<td colspan="1"> <td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -142,6 +290,27 @@ Parameters
<div style="font-size: small; color: darkgreen"><br/>aliases: username</div> <div style="font-size: small; color: darkgreen"><br/>aliases: username</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>validate_certs</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Whether or not to verify the API server&#x27;s SSL certificates. Can also be specified via <code>K8S_AUTH_VERIFY_SSL</code> environment variable.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: verify_ssl</div>
</td>
</tr>
</table> </table>
<br/> <br/>

190
docs/kubernetes.core.helm_template_module.rst
View File

@@ -28,12 +28,12 @@ Parameters
<table border=0 cellpadding=0 class="documentation-table"> <table border=0 cellpadding=0 class="documentation-table">
<tr> <tr>
<th colspan="1">Parameter</th> <th colspan="2">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th> <th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th> <th width="100%">Comments</th>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>binary_path</b> <b>binary_path</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -48,7 +48,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>chart_ref</b> <b>chart_ref</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -67,7 +67,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>chart_repo_url</b> <b>chart_repo_url</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -82,7 +82,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>chart_version</b> <b>chart_version</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -97,13 +97,14 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>dependency_update</b> <b>dependency_update</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small"> <div style="font-size: small">
<span style="color: purple">boolean</span> <span style="color: purple">boolean</span>
</div> </div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td> </td>
<td> <td>
<ul style="margin: 0; padding: 0"><b>Choices:</b> <ul style="margin: 0; padding: 0"><b>Choices:</b>
@@ -119,7 +120,27 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>disable_hook</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Prevent hooks from running during install.</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>include_crds</b> <b>include_crds</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -138,7 +159,27 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>insecure_registry</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 5.1.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Skip TLS certificate checks for the chart download</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>output_dir</b> <b>output_dir</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -154,7 +195,40 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>release_name</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
</td>
<td>
<div>Release name to use in rendered templates.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: name</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>release_namespace</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
</td>
<td>
<div>namespace scope for this request.</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>release_values</b> <b>release_values</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -171,7 +245,85 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>set_values</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
/ <span style="color: purple">elements=dictionary</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
</td>
<td>
<div>Values to pass to chart configuration.</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder"></td>
<td colspan="1"> <td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>value</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>Value to pass to chart configuration (e.g phase=prod).</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder"></td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>value_type</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>raw</b>&nbsp;&larr;</div></li>
<li>string</li>
<li>json</li>
<li>file</li>
</ul>
</td>
<td>
<div>Use <code>raw</code> set individual value.</div>
<div>Use <code>string</code> to force a string for an individual value.</div>
<div>Use <code>file</code> to set individual values from a file when the value itself is too long for the command line or is dynamically generated.</div>
<div>Use <code>json</code> to set json values (scalars/objects/arrays). This feature requires helm&gt;=3.10.0.</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>show_only</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
/ <span style="color: purple">elements=string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">[]</div>
</td>
<td>
<div>Only show manifests rendered from the given templates.</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>update_repo_cache</b> <b>update_repo_cache</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -190,7 +342,7 @@ Parameters
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="1"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
<b>values_files</b> <b>values_files</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
@@ -235,6 +387,24 @@ Examples
dest: myfile.yaml dest: myfile.yaml
content: "{{ result.stdout }}" content: "{{ result.stdout }}"
- name: Render MutatingWebhooksConfiguration for revision tag "canary", rev "1-13-0"
kubernetes.core.helm_template:
chart_ref: istio/istiod
chart_version: "1.13.0"
release_namespace: "istio-system"
show_only:
- "templates/revision-tags.yaml"
release_values:
revision: "1-13-0"
revisionTags:
- "canary"
register: result
- name: Write templates to file
copy:
dest: myfile.yaml
content: "{{ result.stdout }}"
Return Values Return Values

24
docs/kubernetes.core.k8s_cluster_info_module.rst
View File

@@ -27,8 +27,8 @@ Requirements
------------ ------------
The below requirements are needed on the host that executes this module. The below requirements are needed on the host that executes this module.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
- PyYAML >= 3.11 - PyYAML >= 3.11
@@ -203,9 +203,29 @@ Parameters
</td> </td>
<td> <td>
<div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div> <div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div>
<div>Multiple Kubernetes config file can be provided using separator &#x27;;&#x27; for Windows platform or &#x27;:&#x27; for others platforms.</div>
<div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div> <div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>no_proxy</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>The comma separated list of hosts/domains/IP/CIDR that shouldn&#x27;t go through proxy. Can also be specified via K8S_AUTH_NO_PROXY environment variable.</div>
<div>Please note that this module does not pick up typical proxy settings from the environment (e.g. NO_PROXY).</div>
<div>This feature requires kubernetes&gt;=19.15.0. When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct.</div>
<div>example value is &quot;localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16&quot;</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>

26
docs/kubernetes.core.k8s_cp_module.rst
View File

@@ -25,8 +25,8 @@ Requirements
------------ ------------
The below requirements are needed on the host that executes this module. The below requirements are needed on the host that executes this module.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
Parameters Parameters
@@ -215,6 +215,7 @@ Parameters
</td> </td>
<td> <td>
<div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div> <div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div>
<div>Multiple Kubernetes config file can be provided using separator &#x27;;&#x27; for Windows platform or &#x27;:&#x27; for others platforms.</div>
<div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div> <div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div>
</td> </td>
</tr> </tr>
@@ -271,6 +272,25 @@ Parameters
<div>This option is ignored when <em>content</em> is set or when <em>state</em> is set to <code>from_pod</code>.</div> <div>This option is ignored when <em>content</em> is set or when <em>state</em> is set to <code>from_pod</code>.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>no_proxy</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>The comma separated list of hosts/domains/IP/CIDR that shouldn&#x27;t go through proxy. Can also be specified via K8S_AUTH_NO_PROXY environment variable.</div>
<div>Please note that this module does not pick up typical proxy settings from the environment (e.g. NO_PROXY).</div>
<div>This feature requires kubernetes&gt;=19.15.0. When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct.</div>
<div>example value is &quot;localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16&quot;</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -538,7 +558,7 @@ Examples
state: from_pod state: from_pod
# copy content into a file in the remote pod # copy content into a file in the remote pod
- name: Copy /tmp/foo from a remote pod to /tmp/bar locally - name: Copy content into a file in the remote pod
kubernetes.core.k8s_cp: kubernetes.core.k8s_cp:
state: to_pod state: to_pod
namespace: some-namespace namespace: some-namespace

60
docs/kubernetes.core.k8s_drain_module.rst
View File

@@ -29,8 +29,8 @@ Requirements
------------ ------------
The below requirements are needed on the host that executes this module. The below requirements are needed on the host that executes this module.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
Parameters Parameters
@@ -132,6 +132,7 @@ Parameters
</div> </div>
</td> </td>
<td> <td>
<b>Default:</b><br/><div style="color: blue">{}</div>
</td> </td>
<td> <td>
<div>Specify options to delete pods.</div> <div>Specify options to delete pods.</div>
@@ -147,6 +148,7 @@ Parameters
<div style="font-size: small"> <div style="font-size: small">
<span style="color: purple">boolean</span> <span style="color: purple">boolean</span>
</div> </div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td> </td>
<td> <td>
<ul style="margin: 0; padding: 0"><b>Choices:</b> <ul style="margin: 0; padding: 0"><b>Choices:</b>
@@ -155,7 +157,7 @@ Parameters
</ul> </ul>
</td> </td>
<td> <td>
<div>Continue even if there are pods using emptyDir (local data that will be deleted when the node is drained)</div> <div>Continue even if there are pods using emptyDir (local data that will be deleted when the node is drained).</div>
</td> </td>
</tr> </tr>
<tr> <tr>
@@ -334,6 +336,7 @@ Parameters
</td> </td>
<td> <td>
<div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div> <div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div>
<div>Multiple Kubernetes config file can be provided using separator &#x27;;&#x27; for Windows platform or &#x27;:&#x27; for others platforms.</div>
<div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div> <div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div>
</td> </td>
</tr> </tr>
@@ -353,6 +356,25 @@ Parameters
<div>The name of the node.</div> <div>The name of the node.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>no_proxy</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>The comma separated list of hosts/domains/IP/CIDR that shouldn&#x27;t go through proxy. Can also be specified via K8S_AUTH_NO_PROXY environment variable.</div>
<div>Please note that this module does not pick up typical proxy settings from the environment (e.g. NO_PROXY).</div>
<div>This feature requires kubernetes&gt;=19.15.0. When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct.</div>
<div>example value is &quot;localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16&quot;</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -392,6 +414,25 @@ Parameters
<div>The fix for this k8s python library is here: https://github.com/kubernetes-client/python-base/pull/169</div> <div>The fix for this k8s python library is here: https://github.com/kubernetes-client/python-base/pull/169</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>pod_selectors</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
/ <span style="color: purple">elements=string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 3.0.0</div>
</td>
<td>
</td>
<td>
<div>Label selector to filter pods on the node.</div>
<div>This option has effect only when <code>state</code> is set to <em>drain</em>.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: label_selectors</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -554,14 +595,15 @@ Examples
kubernetes.core.k8s_drain: kubernetes.core.k8s_drain:
state: drain state: drain
name: foo name: foo
force: yes delete_options:
force: yes
- name: Drain node "foo", but abort if there are pods not managed by a ReplicationController, Job, or DaemonSet, and use a grace period of 15 minutes. - name: Drain node "foo", but abort if there are pods not managed by a ReplicationController, Job, or DaemonSet, and use a grace period of 15 minutes.
kubernetes.core.k8s_drain: kubernetes.core.k8s_drain:
state: drain state: drain
name: foo name: foo
delete_options: delete_options:
terminate_grace_period: 900 terminate_grace_period: 900
- name: Mark node "foo" as schedulable. - name: Mark node "foo" as schedulable.
kubernetes.core.k8s_drain: kubernetes.core.k8s_drain:
@@ -573,6 +615,14 @@ Examples
state: cordon state: cordon
name: foo name: foo
- name: Drain node "foo" using label selector to filter the list of pods to be drained.
kubernetes.core.k8s_drain:
state: drain
name: foo
pod_selectors:
- 'app!=csi-attacher'
- 'app!=csi-provisioner'
Return Values Return Values

40
docs/kubernetes.core.k8s_exec_module.rst
View File

@@ -25,8 +25,8 @@ Requirements
------------ ------------
The below requirements are needed on the host that executes this module. The below requirements are needed on the host that executes this module.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
- PyYAML >= 3.11 - PyYAML >= 3.11
@@ -117,7 +117,7 @@ Parameters
<td> <td>
</td> </td>
<td> <td>
<div>The command to execute</div> <div>The command to execute.</div>
</td> </td>
</tr> </tr>
<tr> <tr>
@@ -134,6 +134,7 @@ Parameters
<td> <td>
<div>The name of the container in the pod to connect to.</div> <div>The name of the container in the pod to connect to.</div>
<div>Defaults to only container if there is only one container in the pod.</div> <div>Defaults to only container if there is only one container in the pod.</div>
<div>If not specified, will choose the first container from the given pod as kubectl cmdline does.</div>
</td> </td>
</tr> </tr>
<tr> <tr>
@@ -214,6 +215,7 @@ Parameters
</td> </td>
<td> <td>
<div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div> <div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div>
<div>Multiple Kubernetes config file can be provided using separator &#x27;;&#x27; for Windows platform or &#x27;:&#x27; for others platforms.</div>
<div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div> <div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div>
</td> </td>
</tr> </tr>
@@ -230,7 +232,26 @@ Parameters
<td> <td>
</td> </td>
<td> <td>
<div>The pod namespace name</div> <div>The pod namespace name.</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>no_proxy</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>The comma separated list of hosts/domains/IP/CIDR that shouldn&#x27;t go through proxy. Can also be specified via K8S_AUTH_NO_PROXY environment variable.</div>
<div>Please note that this module does not pick up typical proxy settings from the environment (e.g. NO_PROXY).</div>
<div>This feature requires kubernetes&gt;=19.15.0. When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct.</div>
<div>example value is &quot;localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16&quot;</div>
</td> </td>
</tr> </tr>
<tr> <tr>
@@ -285,7 +306,7 @@ Parameters
<td> <td>
</td> </td>
<td> <td>
<div>The pod name</div> <div>The pod name.</div>
</td> </td>
</tr> </tr>
<tr> <tr>
@@ -302,7 +323,7 @@ Parameters
<td> <td>
<div>The URL of an HTTP proxy to use for the connection.</div> <div>The URL of an HTTP proxy to use for the connection.</div>
<div>Can also be specified via <em>K8S_AUTH_PROXY</em> environment variable.</div> <div>Can also be specified via <em>K8S_AUTH_PROXY</em> environment variable.</div>
<div>Please note that this module does not pick up typical proxy settings from the environment (e.g. HTTP_PROXY).</div> <div>Please note that this module does not pick up typical proxy settings from the environment (for example, HTTP_PROXY).</div>
</td> </td>
</tr> </tr>
<tr> <tr>
@@ -449,6 +470,13 @@ Examples
msg: "cmd failed" msg: "cmd failed"
when: command_status.rc != 0 when: command_status.rc != 0
- name: Specify a container name to execute the command on
kubernetes.core.k8s_exec:
namespace: myproject
pod: busybox-test
container: manager
command: echo "hello"
Return Values Return Values

44
docs/kubernetes.core.k8s_info_module.rst
View File

@@ -28,8 +28,8 @@ Requirements
------------ ------------
The below requirements are needed on the host that executes this module. The below requirements are needed on the host that executes this module.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
- PyYAML >= 3.11 - PyYAML >= 3.11
@@ -153,11 +153,30 @@ Parameters
</div> </div>
</td> </td>
<td> <td>
<b>Default:</b><br/><div style="color: blue">[]</div>
</td> </td>
<td> <td>
<div>List of field selectors to use to filter results</div> <div>List of field selectors to use to filter results</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>hidden_fields</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
/ <span style="color: purple">elements=string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 3.0.0</div>
</td>
<td>
</td>
<td>
<div>Hide fields matching any of the field definitions in the result</div>
<div>An example might be <code>hidden_fields=[metadata.managedFields]</code> or V(hidden_fields=[spec.containers[0].env[3].value]) or V(hidden_fields=[metadata.annotations[kubectl.kubernetes.io/last-applied-configuration]])</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -240,6 +259,7 @@ Parameters
</td> </td>
<td> <td>
<div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div> <div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div>
<div>Multiple Kubernetes config file can be provided using separator &#x27;;&#x27; for Windows platform or &#x27;:&#x27; for others platforms.</div>
<div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div> <div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div>
</td> </td>
</tr> </tr>
@@ -254,6 +274,7 @@ Parameters
</div> </div>
</td> </td>
<td> <td>
<b>Default:</b><br/><div style="color: blue">[]</div>
</td> </td>
<td> <td>
<div>List of label selectors to use to filter results</div> <div>List of label selectors to use to filter results</div>
@@ -295,6 +316,25 @@ Parameters
<div>If <em>resource definition</em> is provided, the <em>metadata.namespace</em> value from the <em>resource_definition</em> will override this option.</div> <div>If <em>resource definition</em> is provided, the <em>metadata.namespace</em> value from the <em>resource_definition</em> will override this option.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>no_proxy</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>The comma separated list of hosts/domains/IP/CIDR that shouldn&#x27;t go through proxy. Can also be specified via K8S_AUTH_NO_PROXY environment variable.</div>
<div>Please note that this module does not pick up typical proxy settings from the environment (e.g. NO_PROXY).</div>
<div>This feature requires kubernetes&gt;=19.15.0. When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct.</div>
<div>example value is &quot;localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16&quot;</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>

53
docs/kubernetes.core.k8s_inventory.rst
View File

@@ -13,6 +13,15 @@ kubernetes.core.k8s
:local: :local:
:depth: 1 :depth: 1
DEPRECATED
----------
:Removed in collection release after
:Why: As discussed in https://github.com/ansible-collections/kubernetes.core/issues/31, we decided to
remove the k8s inventory plugin in release 6.0.0.
:Alternative: Use :ref:`kubernetes.core.k8s_info <kubernetes.core.k8s_info_module>` and :ref:`ansible.builtin.add_host <ansible.builtin.add_host_module>` instead.
Synopsis Synopsis
-------- --------
@@ -27,8 +36,8 @@ Requirements
------------ ------------
The below requirements are needed on the local Ansible controller node that executes this inventory. The below requirements are needed on the local Ansible controller node that executes this inventory.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
- PyYAML >= 3.11 - PyYAML >= 3.11
@@ -322,24 +331,24 @@ Examples
# File must be named k8s.yaml or k8s.yml # File must be named k8s.yaml or k8s.yml
# Authenticate with token, and return all pods and services for all namespaces - name: Authenticate with token, and return all pods and services for all namespaces
plugin: kubernetes.core.k8s plugin: kubernetes.core.k8s
connections: connections:
- host: https://192.168.64.4:8443 - host: https://192.168.64.4:8443
api_key: xxxxxxxxxxxxxxxx api_key: xxxxxxxxxxxxxxxx
validate_certs: false validate_certs: false
# Use default config (~/.kube/config) file and active context, and return objects for a specific namespace - name: Use default config (~/.kube/config) file and active context, and return objects for a specific namespace
plugin: kubernetes.core.k8s plugin: kubernetes.core.k8s
connections: connections:
- namespaces: - namespaces:
- testing - testing
# Use a custom config file, and a specific context. - name: Use a custom config file, and a specific context.
plugin: kubernetes.core.k8s plugin: kubernetes.core.k8s
connections: connections:
- kubeconfig: /path/to/config - kubeconfig: /path/to/config
context: 'awx/192-168-64-4:8443/developer' context: 'awx/192-168-64-4:8443/developer'
@@ -348,11 +357,15 @@ Status
------ ------
- This inventory will be removed in version 6.0.0. *[deprecated]*
- For more information see `DEPRECATED`_.
Authors Authors
~~~~~~~ ~~~~~~~
- Chris Houseknecht <@chouseknecht> - Chris Houseknecht (@chouseknecht)
- Fabian von Feilitzsch <@fabianvf> - Fabian von Feilitzsch (@fabianvf)
.. hint:: .. hint::

26
docs/kubernetes.core.k8s_json_patch_module.rst
View File

@@ -27,8 +27,8 @@ Requirements
------------ ------------
The below requirements are needed on the host that executes this module. The below requirements are needed on the host that executes this module.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
- PyYAML >= 3.11 - PyYAML >= 3.11
- jsonpatch - jsonpatch
@@ -220,6 +220,7 @@ Parameters
</td> </td>
<td> <td>
<div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div> <div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div>
<div>Multiple Kubernetes config file can be provided using separator &#x27;;&#x27; for Windows platform or &#x27;:&#x27; for others platforms.</div>
<div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div> <div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div>
</td> </td>
</tr> </tr>
@@ -256,6 +257,25 @@ Parameters
<div>Use in conjunction with <em>api_version</em>, <em>kind</em>, and <em>name</em> to identify a specific object.</div> <div>Use in conjunction with <em>api_version</em>, <em>kind</em>, and <em>name</em> to identify a specific object.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>no_proxy</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>The comma separated list of hosts/domains/IP/CIDR that shouldn&#x27;t go through proxy. Can also be specified via K8S_AUTH_NO_PROXY environment variable.</div>
<div>Please note that this module does not pick up typical proxy settings from the environment (e.g. NO_PROXY).</div>
<div>This feature requires kubernetes&gt;=19.15.0. When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct.</div>
<div>example value is &quot;localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16&quot;</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -594,7 +614,7 @@ Examples
path: /metadata/labels/app path: /metadata/labels/app
value: myapp value: myapp
- op: replace - op: replace
patch: /spec/containers/0/image path: /spec/containers/0/image
value: nginx value: nginx

93
docs/kubernetes.core.k8s_log_module.rst
View File

@@ -28,8 +28,8 @@ Requirements
------------ ------------
The below requirements are needed on the host that executes this module. The below requirements are needed on the host that executes this module.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
- PyYAML >= 3.11 - PyYAML >= 3.11
@@ -44,6 +44,27 @@ Parameters
<th>Choices/<font color="blue">Defaults</font></th> <th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th> <th width="100%">Comments</th>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>all_containers</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>If set to <code>true</code>, retrieve all containers&#x27; logs in the pod(s).</div>
<div>mutually exclusive with <code>container</code>.</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -141,7 +162,8 @@ Parameters
<td> <td>
<div>Use to specify the container within a pod to grab the log from.</div> <div>Use to specify the container within a pod to grab the log from.</div>
<div>If there is only one container, this will default to that container.</div> <div>If there is only one container, this will default to that container.</div>
<div>If there is more than one container, this option is required.</div> <div>If there is more than one container, this option is required or set <em>all_containers</em> to <code>true</code>.</div>
<div>mutually exclusive with <code>all_containers</code>.</div>
</td> </td>
</tr> </tr>
<tr> <tr>
@@ -240,6 +262,7 @@ Parameters
</td> </td>
<td> <td>
<div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div> <div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div>
<div>Multiple Kubernetes config file can be provided using separator &#x27;;&#x27; for Windows platform or &#x27;:&#x27; for others platforms.</div>
<div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div> <div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div>
</td> </td>
</tr> </tr>
@@ -254,6 +277,7 @@ Parameters
</div> </div>
</td> </td>
<td> <td>
<b>Default:</b><br/><div style="color: blue">[]</div>
</td> </td>
<td> <td>
<div>List of label selectors to use to filter results</div> <div>List of label selectors to use to filter results</div>
@@ -295,6 +319,25 @@ Parameters
<div>If <em>resource definition</em> is provided, the <em>metadata.namespace</em> value from the <em>resource_definition</em> will override this option.</div> <div>If <em>resource definition</em> is provided, the <em>metadata.namespace</em> value from the <em>resource_definition</em> will override this option.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>no_proxy</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>The comma separated list of hosts/domains/IP/CIDR that shouldn&#x27;t go through proxy. Can also be specified via K8S_AUTH_NO_PROXY environment variable.</div>
<div>Please note that this module does not pick up typical proxy settings from the environment (e.g. NO_PROXY).</div>
<div>This feature requires kubernetes&gt;=19.15.0. When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct.</div>
<div>example value is &quot;localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16&quot;</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -334,6 +377,26 @@ Parameters
<div>The fix for this k8s python library is here: https://github.com/kubernetes-client/python-base/pull/169</div> <div>The fix for this k8s python library is here: https://github.com/kubernetes-client/python-base/pull/169</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>previous</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>If <code>true</code>, print the logs for the previous instance of the container in a pod if it exists.</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -435,6 +498,22 @@ Parameters
<div>A relative time in seconds before the current time from which to show logs.</div> <div>A relative time in seconds before the current time from which to show logs.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>tail_lines</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">integer</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.4.0</div>
</td>
<td>
</td>
<td>
<div>A number of lines from the end of the logs to retrieve.</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -519,8 +598,16 @@ Examples
kind: DeploymentConfig kind: DeploymentConfig
namespace: testing namespace: testing
name: example name: example
tail_lines: 100
register: log register: log
# This will get the logs from all containers in Pod
- name: Get the logs from all containers in pod
kubernetes.core.k8s_log:
namespace: testing
name: some-pod
all_containers: true
Return Values Return Values

98
docs/kubernetes.core.k8s_lookup.rst
View File

@@ -26,8 +26,8 @@ Requirements
------------ ------------
The below requirements are needed on the local Ansible controller node that executes this lookup. The below requirements are needed on the local Ansible controller node that executes this lookup.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
- PyYAML >= 3.11 - PyYAML >= 3.11
@@ -438,106 +438,28 @@ Common return values are documented `here <https://docs.ansible.com/ansible/late
<table border=0 cellpadding=0 class="documentation-table"> <table border=0 cellpadding=0 class="documentation-table">
<tr> <tr>
<th colspan="2">Key</th> <th colspan="1">Key</th>
<th>Returned</th> <th>Returned</th>
<th width="100%">Description</th> <th width="100%">Description</th>
</tr> </tr>
<tr> <tr>
<td colspan="2"> <td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div> <div class="ansibleOptionAnchor" id="return-"></div>
<b>_list</b> <b>_list</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small"> <div style="font-size: small">
<span style="color: purple">complex</span> <span style="color: purple">list</span>
/ <span style="color: purple">elements=dictionary</span>
</div> </div>
</td> </td>
<td></td> <td></td>
<td> <td>
<div>One ore more object definitions returned from the API.</div> <div>One ore more object definitions returned from the API.</div>
<br/> <br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[{&#x27;kind&#x27;: &#x27;ConfigMap&#x27;, &#x27;apiVersion&#x27;: &#x27;v1&#x27;, &#x27;metadata&#x27;: {&#x27;creationTimestamp&#x27;: &#x27;2022-03-04T13:59:49Z&#x27;, &#x27;name&#x27;: &#x27;my-config-map&#x27;, &#x27;namespace&#x27;: &#x27;default&#x27;, &#x27;resourceVersion&#x27;: &#x27;418&#x27;, &#x27;uid&#x27;: &#x27;5714b011-d090-4eac-8272-a0ea82ec0abd&#x27;}, &#x27;data&#x27;: {&#x27;key1&#x27;: &#x27;val1&#x27;}}]</div>
</td> </td>
</tr> </tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>api_version</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>success</td>
<td>
<div>The versioned schema of this representation of an object.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>kind</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>success</td>
<td>
<div>Represents the REST resource this object represents.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>metadata</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">complex</span>
</div>
</td>
<td>success</td>
<td>
<div>Standard object metadata. Includes name, namespace, annotations, labels, etc.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>spec</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">complex</span>
</div>
</td>
<td>success</td>
<td>
<div>Specific attributes of the object. Will vary based on the <em>api_version</em> and <em>kind</em>.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>status</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">complex</span>
</div>
</td>
<td>success</td>
<td>
<div>Current status details for the object.</div>
<br/>
</td>
</tr>
</table> </table>
<br/><br/> <br/><br/>
@@ -549,8 +471,8 @@ Status
Authors Authors
~~~~~~~ ~~~~~~~
- Chris Houseknecht <@chouseknecht> - Chris Houseknecht (@chouseknecht)
- Fabian von Feilitzsch <@fabianvf> - Fabian von Feilitzsch (@fabianvf)
.. hint:: .. hint::

206
docs/kubernetes.core.k8s_module.rst
View File

@@ -29,8 +29,8 @@ Requirements
------------ ------------
The below requirements are needed on the host that executes this module. The below requirements are needed on the host that executes this module.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
- PyYAML >= 3.11 - PyYAML >= 3.11
- jsonpatch - jsonpatch
@@ -121,7 +121,7 @@ Parameters
<td> <td>
<div><code>apply</code> compares the desired resource definition with the previously supplied resource definition, ignoring properties that are automatically generated</div> <div><code>apply</code> compares the desired resource definition with the previously supplied resource definition, ignoring properties that are automatically generated</div>
<div><code>apply</code> works better with Services than &#x27;force=yes&#x27;</div> <div><code>apply</code> works better with Services than &#x27;force=yes&#x27;</div>
<div>mutually exclusive with <code>merge_type</code></div> <div>Mutually exclusive with <code>merge_type</code>.</div>
</td> </td>
</tr> </tr>
<tr> <tr>
@@ -208,6 +208,30 @@ Parameters
<div>This has no effect on the validation step which is controlled by the <code>validate.fail_on_error</code> parameter.</div> <div>This has no effect on the validation step which is controlled by the <code>validate.fail_on_error</code> parameter.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="3">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>delete_all</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 3.0.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>When this option is set to <em>true</em> and <em>state=absent</em>, module will delete all resources of the specified resource type in the requested namespace.</div>
<div>Ignored when <code>state</code> is not set to <em>absent</em> or when one of (src), <code>name</code> or <code>resource_definition</code> is provided.</div>
<div>Parameter <code>kind</code> is required to use this option.</div>
<div>This parameter can be used with <code>label_selectors</code> to restrict the resources to be deleted.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: all</div>
</td>
</tr>
<tr> <tr>
<td colspan="3"> <td colspan="3">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -336,6 +360,44 @@ Parameters
<div>If set to <code>yes</code>, and <em>state</em> is <code>present</code>, an existing object will be replaced.</div> <div>If set to <code>yes</code>, and <em>state</em> is <code>present</code>, an existing object will be replaced.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="3">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>generate_name</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>Use to specify the basis of an object name and random characters will be added automatically on server to generate a unique name.</div>
<div>This option is ignored when <em>state</em> is not set to <code>present</code> or when <em>apply</em> is set to <code>yes</code>.</div>
<div>If <em>resource definition</em> is provided, the <em>metadata.generateName</em> value from the <em>resource_definition</em> will override this option.</div>
<div>If <em>resource definition</em> is provided, and contains <em>metadata.name</em>, this option is ignored.</div>
<div>mutually exclusive with <code>name</code>.</div>
</td>
</tr>
<tr>
<td colspan="3">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>hidden_fields</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
/ <span style="color: purple">elements=string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 3.0.0</div>
</td>
<td>
</td>
<td>
<div>Hide fields matching this option in the result</div>
<div>An example might be <code>hidden_fields=[metadata.managedFields]</code> or V(hidden_fields=[spec.containers[0].env[3].value]) or V(hidden_fields=[metadata.annotations[kubectl.kubernetes.io/last-applied-configuration]])</div>
</td>
</tr>
<tr> <tr>
<td colspan="3"> <td colspan="3">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -417,6 +479,7 @@ Parameters
</td> </td>
<td> <td>
<div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div> <div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div>
<div>Multiple Kubernetes config file can be provided using separator &#x27;;&#x27; for Windows platform or &#x27;:&#x27; for others platforms.</div>
<div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div> <div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div>
</td> </td>
</tr> </tr>
@@ -449,18 +512,17 @@ Parameters
</td> </td>
<td> <td>
<ul style="margin: 0; padding: 0"><b>Choices:</b> <ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>json</li>
<li>merge</li> <li>merge</li>
<li>strategic-merge</li> <li>strategic-merge</li>
</ul> </ul>
</td> </td>
<td> <td>
<div>Whether to override the default patch merge approach with a specific type. By default, the strategic merge will typically be used.</div> <div>Whether to override the default patch merge approach with a specific type. By default, the strategic merge will typically be used.</div>
<div>For example, Custom Resource Definitions typically aren&#x27;t updatable by the usual strategic merge. You may want to use <code>merge</code> if you see &quot;strategic merge patch format is not supported&quot;</div> <div>For example, Custom Resource Definitions typically aren&#x27;t updatable by the usual strategic merge. You may want to use <code>merge</code> if you see &quot;strategic merge patch format is not supported&quot;.</div>
<div>See <a href='https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment'>https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment</a></div> <div>See <a href='https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment'>https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment</a></div>
<div>If more than one <code>merge_type</code> is given, the merge_types will be tried in order. This defaults to <code>[&#x27;strategic-merge&#x27;, &#x27;merge&#x27;]</code>, which is ideal for using the same parameters on resource kinds that combine Custom Resources and built-in resources.</div> <div>If more than one <code>merge_type</code> is given, the merge_types will be tried in order. This defaults to <code>[&#x27;strategic-merge&#x27;, &#x27;merge&#x27;]</code>, which is ideal for using the same parameters on resource kinds that combine Custom Resources and built-in resources.</div>
<div>mutually exclusive with <code>apply</code></div> <div>Mutually exclusive with <code>apply</code>.</div>
<div><em>merge_type=json</em> is deprecated and will be removed in version 3.0.0. Please use <span class='module'>kubernetes.core.k8s_json_patch</span> instead.</div> <div><em>merge_type=json</em> has been removed in version 4.0.0. Please use <span class='module'>kubernetes.core.k8s_json_patch</span> instead.</div>
</td> </td>
</tr> </tr>
<tr> <tr>
@@ -499,6 +561,25 @@ Parameters
<div>If <em>resource definition</em> is provided, the <em>metadata.namespace</em> value from the <em>resource_definition</em> will override this option.</div> <div>If <em>resource definition</em> is provided, the <em>metadata.namespace</em> value from the <em>resource_definition</em> will override this option.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="3">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>no_proxy</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>The comma separated list of hosts/domains/IP/CIDR that shouldn&#x27;t go through proxy. Can also be specified via K8S_AUTH_NO_PROXY environment variable.</div>
<div>Please note that this module does not pick up typical proxy settings from the environment (e.g. NO_PROXY).</div>
<div>This feature requires kubernetes&gt;=19.15.0. When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct.</div>
<div>example value is &quot;localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16&quot;</div>
</td>
</tr>
<tr> <tr>
<td colspan="3"> <td colspan="3">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -640,6 +721,63 @@ Parameters
<div style="font-size: small; color: darkgreen"><br/>aliases: definition, inline</div> <div style="font-size: small; color: darkgreen"><br/>aliases: definition, inline</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="3">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>server_side_apply</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">dictionary</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>When this option is set, apply runs in the server instead of the client.</div>
<div>Ignored if <code>apply</code> is not set or is set to False.</div>
<div>This option requires &quot;kubernetes &gt;= 19.15.0&quot;.</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder"></td>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>field_manager</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>Name of the manager used to track field ownership.</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder"></td>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>force_conflicts</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>A conflict is a special status error that occurs when an Server Side Apply operation tries to change a field, which another user also claims to manage.</div>
<div>When set to True, server-side apply will force the changes against conflicts.</div>
</td>
</tr>
<tr> <tr>
<td colspan="3"> <td colspan="3">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -654,7 +792,8 @@ Parameters
<td> <td>
<div>Provide a path to a file containing a valid YAML definition of an object or objects to be created or updated. Mutually exclusive with <em>resource_definition</em>. NOTE: <em>kind</em>, <em>api_version</em>, <em>name</em>, and <em>namespace</em> will be overwritten by corresponding values found in the configuration read in from the <em>src</em> file.</div> <div>Provide a path to a file containing a valid YAML definition of an object or objects to be created or updated. Mutually exclusive with <em>resource_definition</em>. NOTE: <em>kind</em>, <em>api_version</em>, <em>name</em>, and <em>namespace</em> will be overwritten by corresponding values found in the configuration read in from the <em>src</em> file.</div>
<div>Reads from the local file system. To read from the Ansible controller&#x27;s file system, including vaulted files, use the file lookup plugin or template lookup plugin, combined with the from_yaml filter, and pass the result to <em>resource_definition</em>. See Examples below.</div> <div>Reads from the local file system. To read from the Ansible controller&#x27;s file system, including vaulted files, use the file lookup plugin or template lookup plugin, combined with the from_yaml filter, and pass the result to <em>resource_definition</em>. See Examples below.</div>
<div>Mutually exclusive with <em>template</em> in case of <span class='module'>k8s</span> module.</div> <div>The URL to manifest files that can be used to create the resource. Added in version 2.4.0.</div>
<div>Mutually exclusive with <em>template</em> in case of <span class='module'>kubernetes.core.k8s</span> module.</div>
</td> </td>
</tr> </tr>
<tr> <tr>
@@ -1016,6 +1155,14 @@ Examples
state: present state: present
definition: "{{ lookup('file', '/testing/deployment.yml') | from_yaml }}" definition: "{{ lookup('file', '/testing/deployment.yml') | from_yaml }}"
- name: >-
(Alternative) Read definition file from the Ansible controller file system.
In this case, the definition file contains multiple YAML documents, separated by ---.
If the definition file has been encrypted with Ansible Vault it will automatically be decrypted.
kubernetes.core.k8s:
state: present
definition: "{{ lookup('file', '/testing/deployment.yml') | from_yaml_all }}"
- name: Read definition template file from the Ansible controller file system - name: Read definition template file from the Ansible controller file system
kubernetes.core.k8s: kubernetes.core.k8s:
state: present state: present
@@ -1033,10 +1180,10 @@ Examples
kubernetes.core.k8s: kubernetes.core.k8s:
state: present state: present
template: template:
- path: '/testing/deployment_one.j2' - path: '/testing/deployment_one.j2'
- path: '/testing/deployment_two.j2' - path: '/testing/deployment_two.j2'
variable_start_string: '[[' variable_start_string: '[['
variable_end_string: ']]' variable_end_string: ']]'
- name: fail on validation errors - name: fail on validation errors
kubernetes.core.k8s: kubernetes.core.k8s:
@@ -1093,6 +1240,41 @@ Examples
labels: labels:
support: patch support: patch
# Create object using generateName
- name: create resource using name generated by the server
kubernetes.core.k8s:
state: present
generate_name: pod-
definition:
apiVersion: v1
kind: Pod
spec:
containers:
- name: py
image: python:3.7-alpine
imagePullPolicy: IfNotPresent
# Server side apply
- name: Create configmap using server side apply
kubernetes.core.k8s:
namespace: testing
definition:
apiVersion: v1
kind: ConfigMap
metadata:
name: my-configmap
apply: yes
server_side_apply:
field_manager: ansible
# Delete all Deployment from specified namespace
- name: Delete all Deployment from specified namespace
kubernetes.core.k8s:
api_version: apps/v1
namespace: testing
kind: Deployment
delete_all: true
Return Values Return Values

26
docs/kubernetes.core.k8s_rollback_module.rst
View File

@@ -27,8 +27,8 @@ Requirements
------------ ------------
The below requirements are needed on the host that executes this module. The below requirements are needed on the host that executes this module.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
- PyYAML >= 3.11 - PyYAML >= 3.11
@@ -152,6 +152,7 @@ Parameters
</div> </div>
</td> </td>
<td> <td>
<b>Default:</b><br/><div style="color: blue">[]</div>
</td> </td>
<td> <td>
<div>List of field selectors to use to filter results.</div> <div>List of field selectors to use to filter results.</div>
@@ -238,6 +239,7 @@ Parameters
</td> </td>
<td> <td>
<div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div> <div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div>
<div>Multiple Kubernetes config file can be provided using separator &#x27;;&#x27; for Windows platform or &#x27;:&#x27; for others platforms.</div>
<div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div> <div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div>
</td> </td>
</tr> </tr>
@@ -252,6 +254,7 @@ Parameters
</div> </div>
</td> </td>
<td> <td>
<b>Default:</b><br/><div style="color: blue">[]</div>
</td> </td>
<td> <td>
<div>List of label selectors to use to filter results.</div> <div>List of label selectors to use to filter results.</div>
@@ -293,6 +296,25 @@ Parameters
<div>If <em>resource definition</em> is provided, the <em>metadata.namespace</em> value from the <em>resource_definition</em> will override this option.</div> <div>If <em>resource definition</em> is provided, the <em>metadata.namespace</em> value from the <em>resource_definition</em> will override this option.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>no_proxy</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>The comma separated list of hosts/domains/IP/CIDR that shouldn&#x27;t go through proxy. Can also be specified via K8S_AUTH_NO_PROXY environment variable.</div>
<div>Please note that this module does not pick up typical proxy settings from the environment (e.g. NO_PROXY).</div>
<div>This feature requires kubernetes&gt;=19.15.0. When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct.</div>
<div>example value is &quot;localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16&quot;</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>

28
docs/kubernetes.core.k8s_scale_module.rst
View File

@@ -25,8 +25,8 @@ Requirements
------------ ------------
The below requirements are needed on the host that executes this module. The below requirements are needed on the host that executes this module.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
- PyYAML >= 3.11 - PyYAML >= 3.11
@@ -255,6 +255,7 @@ Parameters
</td> </td>
<td> <td>
<div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div> <div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div>
<div>Multiple Kubernetes config file can be provided using separator &#x27;;&#x27; for Windows platform or &#x27;:&#x27; for others platforms.</div>
<div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div> <div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div>
</td> </td>
</tr> </tr>
@@ -270,6 +271,7 @@ Parameters
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.0.0</div> <div style="font-style: italic; font-size: small; color: darkgreen">added in 2.0.0</div>
</td> </td>
<td> <td>
<b>Default:</b><br/><div style="color: blue">[]</div>
</td> </td>
<td> <td>
<div>List of label selectors to use to filter results.</div> <div>List of label selectors to use to filter results.</div>
@@ -311,6 +313,25 @@ Parameters
<div>If <em>resource definition</em> is provided, the <em>metadata.namespace</em> value from the <em>resource_definition</em> will override this option.</div> <div>If <em>resource definition</em> is provided, the <em>metadata.namespace</em> value from the <em>resource_definition</em> will override this option.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>no_proxy</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>The comma separated list of hosts/domains/IP/CIDR that shouldn&#x27;t go through proxy. Can also be specified via K8S_AUTH_NO_PROXY environment variable.</div>
<div>Please note that this module does not pick up typical proxy settings from the environment (e.g. NO_PROXY).</div>
<div>This feature requires kubernetes&gt;=19.15.0. When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct.</div>
<div>example value is &quot;localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16&quot;</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -497,7 +518,8 @@ Parameters
<td> <td>
<div>Provide a path to a file containing a valid YAML definition of an object or objects to be created or updated. Mutually exclusive with <em>resource_definition</em>. NOTE: <em>kind</em>, <em>api_version</em>, <em>name</em>, and <em>namespace</em> will be overwritten by corresponding values found in the configuration read in from the <em>src</em> file.</div> <div>Provide a path to a file containing a valid YAML definition of an object or objects to be created or updated. Mutually exclusive with <em>resource_definition</em>. NOTE: <em>kind</em>, <em>api_version</em>, <em>name</em>, and <em>namespace</em> will be overwritten by corresponding values found in the configuration read in from the <em>src</em> file.</div>
<div>Reads from the local file system. To read from the Ansible controller&#x27;s file system, including vaulted files, use the file lookup plugin or template lookup plugin, combined with the from_yaml filter, and pass the result to <em>resource_definition</em>. See Examples below.</div> <div>Reads from the local file system. To read from the Ansible controller&#x27;s file system, including vaulted files, use the file lookup plugin or template lookup plugin, combined with the from_yaml filter, and pass the result to <em>resource_definition</em>. See Examples below.</div>
<div>Mutually exclusive with <em>template</em> in case of <span class='module'>k8s</span> module.</div> <div>The URL to manifest files that can be used to create the resource. Added in version 2.4.0.</div>
<div>Mutually exclusive with <em>template</em> in case of <span class='module'>kubernetes.core.k8s</span> module.</div>
</td> </td>
</tr> </tr>
<tr> <tr>

27
docs/kubernetes.core.k8s_service_module.rst
View File

@@ -24,8 +24,8 @@ Requirements
------------ ------------
The below requirements are needed on the host that executes this module. The below requirements are needed on the host that executes this module.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
Parameters Parameters
@@ -220,6 +220,7 @@ Parameters
</td> </td>
<td> <td>
<div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div> <div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div>
<div>Multiple Kubernetes config file can be provided using separator &#x27;;&#x27; for Windows platform or &#x27;:&#x27; for others platforms.</div>
<div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div> <div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div>
</td> </td>
</tr> </tr>
@@ -280,6 +281,25 @@ Parameters
<div>Use to specify a Service object namespace.</div> <div>Use to specify a Service object namespace.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>no_proxy</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 2.3.0</div>
</td>
<td>
</td>
<td>
<div>The comma separated list of hosts/domains/IP/CIDR that shouldn&#x27;t go through proxy. Can also be specified via K8S_AUTH_NO_PROXY environment variable.</div>
<div>Please note that this module does not pick up typical proxy settings from the environment (e.g. NO_PROXY).</div>
<div>This feature requires kubernetes&gt;=19.15.0. When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct.</div>
<div>example value is &quot;localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16&quot;</div>
</td>
</tr>
<tr> <tr>
<td colspan="2"> <td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -468,7 +488,8 @@ Parameters
<td> <td>
<div>Provide a path to a file containing a valid YAML definition of an object or objects to be created or updated. Mutually exclusive with <em>resource_definition</em>. NOTE: <em>kind</em>, <em>api_version</em>, <em>name</em>, and <em>namespace</em> will be overwritten by corresponding values found in the configuration read in from the <em>src</em> file.</div> <div>Provide a path to a file containing a valid YAML definition of an object or objects to be created or updated. Mutually exclusive with <em>resource_definition</em>. NOTE: <em>kind</em>, <em>api_version</em>, <em>name</em>, and <em>namespace</em> will be overwritten by corresponding values found in the configuration read in from the <em>src</em> file.</div>
<div>Reads from the local file system. To read from the Ansible controller&#x27;s file system, including vaulted files, use the file lookup plugin or template lookup plugin, combined with the from_yaml filter, and pass the result to <em>resource_definition</em>. See Examples below.</div> <div>Reads from the local file system. To read from the Ansible controller&#x27;s file system, including vaulted files, use the file lookup plugin or template lookup plugin, combined with the from_yaml filter, and pass the result to <em>resource_definition</em>. See Examples below.</div>
<div>Mutually exclusive with <em>template</em> in case of <span class='module'>k8s</span> module.</div> <div>The URL to manifest files that can be used to create the resource. Added in version 2.4.0.</div>
<div>Mutually exclusive with <em>template</em> in case of <span class='module'>kubernetes.core.k8s</span> module.</div>
</td> </td>
</tr> </tr>
<tr> <tr>

5
docs/kubernetes.core.k8s_taint_module.rst
View File

@@ -26,8 +26,8 @@ Requirements
------------ ------------
The below requirements are needed on the host that executes this module. The below requirements are needed on the host that executes this module.
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
Parameters Parameters
@@ -182,6 +182,7 @@ Parameters
</td> </td>
<td> <td>
<div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div> <div>Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from <em>~/.kube/config</em>. Can also be specified via K8S_AUTH_KUBECONFIG environment variable.</div>
<div>Multiple Kubernetes config file can be provided using separator &#x27;;&#x27; for Windows platform or &#x27;:&#x27; for others platforms.</div>
<div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div> <div>The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version &gt;= 17.17.0. Added in version 2.2.0.</div>
</td> </td>
</tr> </tr>

100
docs/kubernetes.core.kubectl_connection.rst
View File

@@ -208,6 +208,28 @@ Parameters
</td> </td>
<td> <td>
<div>Path to a kubectl config file. Defaults to <em>~/.kube/config</em></div> <div>Path to a kubectl config file. Defaults to <em>~/.kube/config</em></div>
<div>The configuration can be provided as dictionary. Added in version 2.4.0.</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>kubectl_local_env_vars</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">dictionary</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 3.1.0</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">{}</div>
</td>
<td>
<div>var: ansible_kubectl_local_env_vars</div>
</td>
<td>
<div>Local enviromantal variable to be passed locally to the kubectl command line.</div>
<div>Please be aware that this passes information directly on the command line and it could expose sensitive data.</div>
</td> </td>
</tr> </tr>
<tr> <tr>
@@ -343,6 +365,82 @@ Parameters
Examples
--------
.. code-block:: yaml
- name: Run a command in a pod using local kubectl with kubeconfig file ~/.kube/config
hosts: localhost
gather_facts: no
vars:
ansible_connection: kubernetes.core.kubectl
ansible_kubectl_namespace: my-namespace
ansible_kubectl_pod: my-pod
ansible_kubectl_container: my-container
tasks:
# be aware that the command is executed as the user that started the container
# and requires python to be installed in the image
- name: Run a command in a pod
ansible.builtin.command: echo "Hello, World!"
- name: Run a command in a pod using local kubectl with inventory variables
# Example inventory:
# k8s:
# hosts:
# foo.example.com:
# ansible_connection: kubernetes.core.kubectl
# ansible_kubectl_kubeconfig: /root/.kube/foo.example.com.config
# ansible_kubectl_pod: my-foo-pod
# ansible_kubectl_container: my-foo-container
# ansible_kubectl_namespace: my-foo-namespace
# bar.example.com:
# ansible_connection: kubernetes.core.kubectl
# ansible_kubectl_kubeconfig: /root/.kube/bar.example.com.config
# ansible_kubectl_pod: my-bar-pod
# ansible_kubectl_container: my-bar-container
# ansible_kubectl_namespace: my-bar-namespace
hosts: k8s
gather_facts: no
tasks:
# be aware that the command is executed as the user that started the container
# and requires python to be installed in the image
- name: Run a command in a pod
ansible.builtin.command: echo "Hello, World!"
- name: Run a command in a pod using dynamic inventory
hosts: localhost
gather_facts: no
vars:
kubeconfig: /root/.kube/config
namespace: my-namespace
my_app: my-app
tasks:
- name: Get My App pod info based on label
kubernetes.core.k8s_info:
kubeconfig: "{{ kubeconfig }}"
namespace: "{{ namespace }}"
kind: Pod
label_selectors: app.kubernetes.io/name = "{{ my_app }}"
register: my_app_pod
- name: Get My App pod name
ansible.builtin.set_fact:
my_app_pod_name: "{{ my_app_pod.resources[0].metadata.name }}"
- name: Add My App pod to inventory
ansible.builtin.add_host:
name: "{{ my_app_pod_name }}"
ansible_connection: kubernetes.core.kubectl
ansible_kubectl_kubeconfig: "{{ kubeconfig }}"
ansible_kubectl_pod: "{{ my_app_pod_name }}"
ansible_kubectl_namespace: "{{ namespace }}"
- name: Run a command in My App pod
# be aware that the command is executed as the user that started the container
# and requires python to be installed in the image
ansible.builtin.command: echo "Hello, World!"
delegate_to: "{{ my_app_pod_name }}"
@@ -354,7 +452,7 @@ Status
Authors Authors
~~~~~~~ ~~~~~~~
- xuxinkun - xuxinkun (@xuxinkun)
.. hint:: .. hint::

121
docs/kubernetes.core.kustomize_lookup.rst
View File

@@ -77,6 +77,24 @@ Parameters
<div>If omitted, &#x27;.&#x27; is assumed.</div> <div>If omitted, &#x27;.&#x27; is assumed.</div>
</td> </td>
</tr> </tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>enable_helm</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">"False"</div>
</td>
<td>
</td>
<td>
<div>Enable the helm chart inflation generator</div>
</td>
</tr>
<tr> <tr>
<td colspan="1"> <td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div> <div class="ansibleOptionAnchor" id="parameter-"></div>
@@ -112,17 +130,21 @@ Examples
.. code-block:: yaml .. code-block:: yaml
- name: Run lookup using kustomize - name: Run lookup using kustomize
set_fact: ansible.builtin.set_fact:
resources: "{{ lookup('kubernetes.core.kustomize', binary_path='/path/to/kustomize') }}" resources: "{{ lookup('kubernetes.core.kustomize', binary_path='/path/to/kustomize') }}"
- name: Run lookup using kubectl kustomize - name: Run lookup using kubectl kustomize
set_fact: ansible.builtin.set_fact:
resources: "{{ lookup('kubernetes.core.kustomize', binary_path='/path/to/kubectl') }}" resources: "{{ lookup('kubernetes.core.kustomize', binary_path='/path/to/kubectl') }}"
- name: Create kubernetes resources for lookup output - name: Create kubernetes resources for lookup output
k8s: kubernetes.core.k8s:
definition: "{{ lookup('kubernetes.core.kustomize', dir='/path/to/kustomization') }}" definition: "{{ lookup('kubernetes.core.kustomize', dir='/path/to/kustomization') }}"
- name: Create kubernetes resources for lookup output with `--enable-helm` set
kubernetes.core.k8s:
definition: "{{ lookup('kubernetes.core.kustomize', dir='/path/to/kustomization', enable_helm=True) }}"
Return Values Return Values
@@ -133,106 +155,27 @@ Common return values are documented `here <https://docs.ansible.com/ansible/late
<table border=0 cellpadding=0 class="documentation-table"> <table border=0 cellpadding=0 class="documentation-table">
<tr> <tr>
<th colspan="2">Key</th> <th colspan="1">Key</th>
<th>Returned</th> <th>Returned</th>
<th width="100%">Description</th> <th width="100%">Description</th>
</tr> </tr>
<tr> <tr>
<td colspan="2"> <td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div> <div class="ansibleOptionAnchor" id="return-"></div>
<b>_list</b> <b>_list</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small"> <div style="font-size: small">
<span style="color: purple">complex</span> <span style="color: purple">string</span>
</div> </div>
</td> </td>
<td></td> <td></td>
<td> <td>
<div>One ore more object definitions returned from the tool execution.</div> <div>YAML string for the object definitions returned from the tool execution.</div>
<br/> <br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">{&#x27;kind&#x27;: &#x27;ConfigMap&#x27;, &#x27;apiVersion&#x27;: &#x27;v1&#x27;, &#x27;metadata&#x27;: {&#x27;name&#x27;: &#x27;my-config-map&#x27;, &#x27;namespace&#x27;: &#x27;default&#x27;}, &#x27;data&#x27;: {&#x27;key1&#x27;: &#x27;val1&#x27;}}</div>
</td> </td>
</tr> </tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>api_version</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>success</td>
<td>
<div>The versioned schema of this representation of an object.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>kind</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>success</td>
<td>
<div>Represents the REST resource this object represents.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>metadata</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">complex</span>
</div>
</td>
<td>success</td>
<td>
<div>Standard object metadata. Includes name, namespace, annotations, labels, etc.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>spec</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">complex</span>
</div>
</td>
<td>success</td>
<td>
<div>Specific attributes of the object. Will vary based on the <em>api_version</em> and <em>kind</em>.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>status</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">complex</span>
</div>
</td>
<td>success</td>
<td>
<div>Current status details for the object.</div>
<br/>
</td>
</tr>
</table> </table>
<br/><br/> <br/><br/>
@@ -244,7 +187,7 @@ Status
Authors Authors
~~~~~~~ ~~~~~~~
- Aubin Bikouo <@abikouo> - Aubin Bikouo (@abikouo)
.. hint:: .. hint::

2
galaxy.yml
View File

@@ -25,7 +25,7 @@ tags:
- openshift - openshift
- okd - okd
- cluster - cluster
version: 2.4.1 version: 5.4.0
build_ignore: build_ignore:
- .DS_Store - .DS_Store
- "*.tar.gz" - "*.tar.gz"

16
meta/runtime.yml
View File

@@ -1,5 +1,5 @@
--- ---
requires_ansible: ">=2.9.17" requires_ansible: '>=2.15.0'
action_groups: action_groups:
helm: helm:
@@ -20,6 +20,12 @@ plugin_routing:
inventory: inventory:
openshift: openshift:
redirect: community.okd.openshift redirect: community.okd.openshift
k8s:
deprecation:
removal_version: 6.0.0
warning_text: >-
The k8s inventory plugin has been deprecated and
will be removed in release 6.0.0.
modules: modules:
k8s_auth: k8s_auth:
redirect: community.okd.k8s_auth redirect: community.okd.k8s_auth
@@ -29,18 +35,18 @@ plugin_routing:
warning_text: Use kubernetes.core.k8s_info instead. warning_text: Use kubernetes.core.k8s_info instead.
k8s_raw: k8s_raw:
tombstone: tombstone:
removal_version: "0.1.0" removal_version: 0.1.0
warning_text: The k8s_raw module was slated for deprecation in Ansible 2.10 and has been removed. Use kubernetes.core.k8s instead. warning_text: The k8s_raw module was slated for deprecation in Ansible 2.10 and has been removed. Use kubernetes.core.k8s instead.
openshift_raw: openshift_raw:
tombstone: tombstone:
removal_version: "0.1.0" removal_version: 0.1.0
warning_text: The openshift_raw module was slated for deprecation in Ansible 2.10 and has been removed. Use kubernetes.core.k8s instead. warning_text: The openshift_raw module was slated for deprecation in Ansible 2.10 and has been removed. Use kubernetes.core.k8s instead.
openshift_scale: openshift_scale:
tombstone: tombstone:
removal_version: "0.1.0" removal_version: 0.1.0
warning_text: The openshift_scale module was slated for deprecation in Ansible 2.10 and has been removed. Use kubernetes.core.k8s_scale instead. warning_text: The openshift_scale module was slated for deprecation in Ansible 2.10 and has been removed. Use kubernetes.core.k8s_scale instead.
lookup: lookup:
openshift: openshift:
tombstone: tombstone:
removal_version: "0.1.0" removal_version: 0.1.0
warning_text: The openshift lookup plugin was slated for deprecation in Ansible 2.10 and has been removed. Use kubernetes.core.k8s instead. warning_text: The openshift lookup plugin was slated for deprecation in Ansible 2.10 and has been removed. Use kubernetes.core.k8s instead.

98
plugins/action/k8s_info.py
View File

@@ -8,54 +8,41 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type __metaclass__ = type
import copy import copy
import traceback
import os import os
from contextlib import contextmanager
import platform import platform
import traceback
from contextlib import contextmanager
from ansible.config.manager import ensure_type from ansible.config.manager import ensure_type
from ansible.errors import ( from ansible.errors import (
AnsibleError,
AnsibleFileNotFound,
AnsibleAction, AnsibleAction,
AnsibleActionFail, AnsibleActionFail,
AnsibleError,
AnsibleFileNotFound,
) )
from ansible.module_utils._text import to_bytes, to_native, to_text
from ansible.module_utils.parsing.convert_bool import boolean from ansible.module_utils.parsing.convert_bool import boolean
from ansible.module_utils.six import string_types, iteritems from ansible.module_utils.six import iteritems, string_types
from ansible.module_utils._text import to_text, to_bytes, to_native
from ansible.plugins.action import ActionBase from ansible.plugins.action import ActionBase
try:
from ansible.template import trust_as_template
except ImportError:
trust_as_template = None
class RemoveOmit(object):
def __init__(self, buffer, omit_value):
try:
import yaml
except ImportError:
raise AnsibleError("Failed to import the required Python library (PyYAML).")
self.data = yaml.safe_load_all(buffer)
self.omit = omit_value
def remove_omit(self, data): def _from_yaml_to_definition(buffer):
if isinstance(data, dict): try:
result = dict() import yaml
for key, value in iteritems(data): except ImportError:
if value == self.omit: raise AnsibleError("Failed to import the required Python library (PyYAML).")
continue return list(yaml.safe_load_all(buffer))
result[key] = self.remove_omit(value)
return result
if isinstance(data, list):
return [self.remove_omit(v) for v in data if v != self.omit]
return data
def output(self):
return [self.remove_omit(d) for d in self.data]
ENV_KUBECONFIG_PATH_SEPARATOR = ";" if platform.system() == "Windows" else ":" ENV_KUBECONFIG_PATH_SEPARATOR = ";" if platform.system() == "Windows" else ":"
class ActionModule(ActionBase): class ActionModule(ActionBase):
TRANSFERS_FILES = True TRANSFERS_FILES = True
DEFAULT_NEWLINE_SEQUENCE = "\n" DEFAULT_NEWLINE_SEQUENCE = "\n"
@@ -208,7 +195,6 @@ class ActionModule(ActionBase):
"'template' is only a supported parameter for the 'k8s' module." "'template' is only a supported parameter for the 'k8s' module."
) )
omit_value = task_vars.get("omit")
template_params = [] template_params = []
if isinstance(template, string_types) or isinstance(template, dict): if isinstance(template, string_types) or isinstance(template, dict):
template_params.append(self.get_template_args(template)) template_params.append(self.get_template_args(template))
@@ -231,17 +217,18 @@ class ActionModule(ActionBase):
old_vars = self._templar.available_variables old_vars = self._templar.available_variables
default_environment = {} default_environment = {}
for key in ( if trust_as_template is None:
"newline_sequence", for key in (
"variable_start_string", "newline_sequence",
"variable_end_string", "variable_start_string",
"block_start_string", "variable_end_string",
"block_end_string", "block_start_string",
"trim_blocks", "block_end_string",
"lstrip_blocks", "trim_blocks",
): "lstrip_blocks",
if hasattr(self._templar.environment, key): ):
default_environment[key] = getattr(self._templar.environment, key) if hasattr(self._templar.environment, key):
default_environment[key] = getattr(self._templar.environment, key)
for template_item in template_params: for template_item in template_params:
# We need to convert unescaped sequences to proper escaped sequences for Jinja2 # We need to convert unescaped sequences to proper escaped sequences for Jinja2
newline_sequence = template_item["newline_sequence"] newline_sequence = template_item["newline_sequence"]
@@ -258,26 +245,35 @@ class ActionModule(ActionBase):
with self.get_template_data(template_item["path"]) as template_data: with self.get_template_data(template_item["path"]) as template_data:
# add ansible 'template' vars # add ansible 'template' vars
temp_vars = copy.deepcopy(task_vars) temp_vars = copy.deepcopy(task_vars)
overrides = {}
for key, value in iteritems(template_item): for key, value in iteritems(template_item):
if hasattr(self._templar.environment, key): if hasattr(self._templar.environment, key):
if value is not None: if value is not None:
setattr(self._templar.environment, key, value) overrides[key] = value
else: if trust_as_template is None:
setattr(self._templar.environment, key, value)
elif trust_as_template is None:
setattr( setattr(
self._templar.environment, self._templar.environment,
key, key,
default_environment.get(key), default_environment.get(key),
) )
self._templar.available_variables = temp_vars self._templar.available_variables = temp_vars
result = self._templar.do_template( if trust_as_template:
template_data, template_data = trust_as_template(template_data)
preserve_trailing_newlines=True, result = self._templar.template(
escape_backslashes=False, template_data,
) preserve_trailing_newlines=True,
if omit_value is not None: escape_backslashes=False,
result_template.extend(RemoveOmit(result, omit_value).output()) overrides=overrides,
)
else: else:
result_template.append(result) result = self._templar.do_template(
template_data,
preserve_trailing_newlines=True,
escape_backslashes=False,
)
result_template.extend(_from_yaml_to_definition(result))
self._templar.available_variables = old_vars self._templar.available_variables = old_vars
resource_definition = self._task.args.get("definition", None) resource_definition = self._task.args.get("definition", None)
if not resource_definition: if not resource_definition:

0
plugins/action/ks8_json_patch.py → plugins/action/k8s_json_patch.py
View File

118
plugins/connection/kubectl.py
View File

@@ -72,6 +72,15 @@ DOCUMENTATION = r"""
- name: ansible_kubectl_extra_args - name: ansible_kubectl_extra_args
env: env:
- name: K8S_AUTH_EXTRA_ARGS - name: K8S_AUTH_EXTRA_ARGS
kubectl_local_env_vars:
description:
- Local enviromantal variable to be passed locally to the kubectl command line.
- Please be aware that this passes information directly on the command line and it could expose sensitive data.
default: {}
type: dict
version_added: 3.1.0
vars:
- name: ansible_kubectl_local_env_vars
kubectl_kubeconfig: kubectl_kubeconfig:
description: description:
- Path to a kubectl config file. Defaults to I(~/.kube/config) - Path to a kubectl config file. Defaults to I(~/.kube/config)
@@ -172,18 +181,93 @@ DOCUMENTATION = r"""
aliases: [ kubectl_verify_ssl ] aliases: [ kubectl_verify_ssl ]
""" """
EXAMPLES = r"""
- name: Run a command in a pod using local kubectl with kubeconfig file ~/.kube/config
hosts: localhost
gather_facts: no
vars:
ansible_connection: kubernetes.core.kubectl
ansible_kubectl_namespace: my-namespace
ansible_kubectl_pod: my-pod
ansible_kubectl_container: my-container
tasks:
# be aware that the command is executed as the user that started the container
# and requires python to be installed in the image
- name: Run a command in a pod
ansible.builtin.command: echo "Hello, World!"
- name: Run a command in a pod using local kubectl with inventory variables
# Example inventory:
# k8s:
# hosts:
# foo.example.com:
# ansible_connection: kubernetes.core.kubectl
# ansible_kubectl_kubeconfig: /root/.kube/foo.example.com.config
# ansible_kubectl_pod: my-foo-pod
# ansible_kubectl_container: my-foo-container
# ansible_kubectl_namespace: my-foo-namespace
# bar.example.com:
# ansible_connection: kubernetes.core.kubectl
# ansible_kubectl_kubeconfig: /root/.kube/bar.example.com.config
# ansible_kubectl_pod: my-bar-pod
# ansible_kubectl_container: my-bar-container
# ansible_kubectl_namespace: my-bar-namespace
hosts: k8s
gather_facts: no
tasks:
# be aware that the command is executed as the user that started the container
# and requires python to be installed in the image
- name: Run a command in a pod
ansible.builtin.command: echo "Hello, World!"
- name: Run a command in a pod using dynamic inventory
hosts: localhost
gather_facts: no
vars:
kubeconfig: /root/.kube/config
namespace: my-namespace
my_app: my-app
tasks:
- name: Get My App pod info based on label
kubernetes.core.k8s_info:
kubeconfig: "{{ kubeconfig }}"
namespace: "{{ namespace }}"
kind: Pod
label_selectors: app.kubernetes.io/name = "{{ my_app }}"
register: my_app_pod
- name: Get My App pod name
ansible.builtin.set_fact:
my_app_pod_name: "{{ my_app_pod.resources[0].metadata.name }}"
- name: Add My App pod to inventory
ansible.builtin.add_host:
name: "{{ my_app_pod_name }}"
ansible_connection: kubernetes.core.kubectl
ansible_kubectl_kubeconfig: "{{ kubeconfig }}"
ansible_kubectl_pod: "{{ my_app_pod_name }}"
ansible_kubectl_namespace: "{{ namespace }}"
- name: Run a command in My App pod
# be aware that the command is executed as the user that started the container
# and requires python to be installed in the image
ansible.builtin.command: echo "Hello, World!"
delegate_to: "{{ my_app_pod_name }}"
"""
import json
import os import os
import os.path import os.path
import shutil import shutil
import subprocess import subprocess
import tempfile import tempfile
import json
from ansible.parsing.yaml.loader import AnsibleLoader
from ansible.errors import AnsibleError, AnsibleFileNotFound from ansible.errors import AnsibleError, AnsibleFileNotFound
from ansible.module_utils.six.moves import shlex_quote
from ansible.module_utils._text import to_bytes from ansible.module_utils._text import to_bytes
from ansible.plugins.connection import ConnectionBase, BUFSIZE from ansible.module_utils.six.moves import shlex_quote
from ansible.parsing.yaml.loader import AnsibleLoader
from ansible.plugins.connection import BUFSIZE, ConnectionBase
from ansible.utils.display import Display from ansible.utils.display import Display
display = Display() display = Display()
@@ -301,6 +385,19 @@ class Connection(ConnectionBase):
return local_cmd, censored_local_cmd return local_cmd, censored_local_cmd
def _local_env(self):
"""Return a dict of local environment variables to pass to the kubectl command"""
local_env = {}
local_local_env_vars_name = "{0}_local_env_vars".format(self.transport)
local_env_vars = self.get_option(local_local_env_vars_name)
if local_env_vars:
if isinstance(local_env_vars, dict):
local_env_vars = json.dumps(local_env_vars)
local_env = os.environ.copy()
local_env.update(json.loads(local_env_vars))
return local_env
return None
def _connect(self, port=None): def _connect(self, port=None):
"""Connect to the container. Nothing to do""" """Connect to the container. Nothing to do"""
super(Connection, self)._connect() super(Connection, self)._connect()
@@ -329,6 +426,7 @@ class Connection(ConnectionBase):
stdin=subprocess.PIPE, stdin=subprocess.PIPE,
stdout=subprocess.PIPE, stdout=subprocess.PIPE,
stderr=subprocess.PIPE, stderr=subprocess.PIPE,
env=self._local_env(),
) )
stdout, stderr = p.communicate(in_data) stdout, stderr = p.communicate(in_data)
@@ -378,7 +476,11 @@ class Connection(ConnectionBase):
args = [to_bytes(i, errors="surrogate_or_strict") for i in args] args = [to_bytes(i, errors="surrogate_or_strict") for i in args]
try: try:
p = subprocess.Popen( p = subprocess.Popen(
args, stdin=in_file, stdout=subprocess.PIPE, stderr=subprocess.PIPE args,
stdin=in_file,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
env=self._local_env(),
) )
except OSError: except OSError:
raise AnsibleError( raise AnsibleError(
@@ -415,7 +517,11 @@ class Connection(ConnectionBase):
) as out_file: ) as out_file:
try: try:
p = subprocess.Popen( p = subprocess.Popen(
args, stdin=subprocess.PIPE, stdout=out_file, stderr=subprocess.PIPE args,
stdin=subprocess.PIPE,
stdout=out_file,
stderr=subprocess.PIPE,
env=self._local_env(),
) )
except OSError: except OSError:
raise AnsibleError( raise AnsibleError(

9
plugins/doc_fragments/helm_common_options.py
View File

@@ -12,7 +12,6 @@ __metaclass__ = type
class ModuleDocFragment(object): class ModuleDocFragment(object):
DOCUMENTATION = r""" DOCUMENTATION = r"""
options: options:
binary_path: binary_path:
@@ -37,12 +36,12 @@ options:
description: description:
- Provide a URL for accessing the API. Can also be specified via C(K8S_AUTH_HOST) environment variable. - Provide a URL for accessing the API. Can also be specified via C(K8S_AUTH_HOST) environment variable.
type: str type: str
version_added: "1.2.0" version_added: 1.2.0
api_key: api_key:
description: description:
- Token used to authenticate with the API. Can also be specified via C(K8S_AUTH_API_KEY) environment variable. - Token used to authenticate with the API. Can also be specified via C(K8S_AUTH_API_KEY) environment variable.
type: str type: str
version_added: "1.2.0" version_added: 1.2.0
validate_certs: validate_certs:
description: description:
- Whether or not to verify the API server's SSL certificates. Can also be specified via C(K8S_AUTH_VERIFY_SSL) - Whether or not to verify the API server's SSL certificates. Can also be specified via C(K8S_AUTH_VERIFY_SSL)
@@ -50,12 +49,12 @@ options:
type: bool type: bool
aliases: [ verify_ssl ] aliases: [ verify_ssl ]
default: True default: True
version_added: "1.2.0" version_added: 1.2.0
ca_cert: ca_cert:
description: description:
- Path to a CA certificate used to authenticate with the API. The full certificate chain must be provided to - Path to a CA certificate used to authenticate with the API. The full certificate chain must be provided to
avoid certificate validation errors. Can also be specified via C(K8S_AUTH_SSL_CA_CERT) environment variable. avoid certificate validation errors. Can also be specified via C(K8S_AUTH_SSL_CA_CERT) environment variable.
type: path type: path
aliases: [ ssl_ca_cert ] aliases: [ ssl_ca_cert ]
version_added: "1.2.0" version_added: 1.2.0
""" """

1
plugins/doc_fragments/k8s_auth_options.py
View File

@@ -11,7 +11,6 @@ __metaclass__ = type
class ModuleDocFragment(object): class ModuleDocFragment(object):
DOCUMENTATION = r""" DOCUMENTATION = r"""
options: options:
host: host:

3
plugins/doc_fragments/k8s_delete_options.py
View File

@@ -11,12 +11,11 @@ __metaclass__ = type
class ModuleDocFragment(object): class ModuleDocFragment(object):
DOCUMENTATION = r""" DOCUMENTATION = r"""
options: options:
delete_options: delete_options:
type: dict type: dict
version_added: '1.2.0' version_added: 1.2.0
description: description:
- Configure behavior when deleting an object. - Configure behavior when deleting an object.
- Only used when I(state=absent). - Only used when I(state=absent).

1
plugins/doc_fragments/k8s_name_options.py
View File

@@ -11,7 +11,6 @@ __metaclass__ = type
class ModuleDocFragment(object): class ModuleDocFragment(object):
DOCUMENTATION = r""" DOCUMENTATION = r"""
options: options:
api_version: api_version:

1
plugins/doc_fragments/k8s_resource_options.py
View File

@@ -11,7 +11,6 @@ __metaclass__ = type
class ModuleDocFragment(object): class ModuleDocFragment(object):
DOCUMENTATION = r""" DOCUMENTATION = r"""
options: options:
resource_definition: resource_definition:

1
plugins/doc_fragments/k8s_scale_options.py
View File

@@ -11,7 +11,6 @@ __metaclass__ = type
class ModuleDocFragment(object): class ModuleDocFragment(object):
DOCUMENTATION = r""" DOCUMENTATION = r"""
options: options:
replicas: replicas:

1
plugins/doc_fragments/k8s_state_options.py
View File

@@ -11,7 +11,6 @@ __metaclass__ = type
class ModuleDocFragment(object): class ModuleDocFragment(object):
DOCUMENTATION = r""" DOCUMENTATION = r"""
options: options:
state: state:

1
plugins/doc_fragments/k8s_wait_options.py
View File

@@ -11,7 +11,6 @@ __metaclass__ = type
class ModuleDocFragment(object): class ModuleDocFragment(object):
DOCUMENTATION = r""" DOCUMENTATION = r"""
options: options:
wait: wait:

40
plugins/filter/k8s.py
View File

@@ -1,50 +1,12 @@
# Copyright (c) 2017 Ansible Project # Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import absolute_import, division, print_function from __future__ import absolute_import, division, print_function
__metaclass__ = type __metaclass__ = type
DOCUMENTATION = r"""
name: k8s_config_resource_name
short_description: Generate resource name for the given resource of type ConfigMap, Secret
description:
- Generate resource name for the given resource of type ConfigMap, Secret.
- Resource must have a C(metadata.name) key to generate a resource name
options:
_input:
description:
- A valid YAML definition for a ConfigMap or a Secret.
type: dict
required: true
author:
- ansible cloud team
"""
EXAMPLES = r"""
# Dump generated name for a configmap into a variable
- set_fact:
generated_name: '{{ definition | kubernetes.core.k8s_config_resource_name }}'
vars:
definition:
apiVersion: v1
kind: ConfigMap
metadata:
name: myconfigmap
namespace: mynamespace
"""
RETURN = r"""
_value:
description: Generated resource name.
type: str
"""
from ansible.errors import AnsibleFilterError from ansible.errors import AnsibleFilterError
from ansible_collections.kubernetes.core.plugins.module_utils.hashes import ( from ansible_collections.kubernetes.core.plugins.module_utils.hashes import (
generate_hash, generate_hash,

44
plugins/inventory/k8s.py
View File

@@ -19,6 +19,13 @@ DOCUMENTATION = """
- Uses the kubectl connection plugin to access the Kubernetes cluster. - Uses the kubectl connection plugin to access the Kubernetes cluster.
- Uses k8s.(yml|yaml) YAML configuration file to set parameter values. - Uses k8s.(yml|yaml) YAML configuration file to set parameter values.
deprecated:
removed_in: 6.0.0
why: |
As discussed in U(https://github.com/ansible-collections/kubernetes.core/issues/31), we decided to
remove the k8s inventory plugin in release 6.0.0.
alternative: "Use M(kubernetes.core.k8s_info) and M(ansible.builtin.add_host) instead."
options: options:
plugin: plugin:
description: token that ensures this is a source file for the 'k8s' plugin. description: token that ensures this is a source file for the 'k8s' plugin.
@@ -27,7 +34,7 @@ DOCUMENTATION = """
connections: connections:
description: description:
- Optional list of cluster connection settings. If no connections are provided, the default - Optional list of cluster connection settings. If no connections are provided, the default
'~/.kube/config' and active context will be used, and objects will be returned for all namespaces I(~/.kube/config) and active context will be used, and objects will be returned for all namespaces
the active user is authorized to access. the active user is authorized to access.
suboptions: suboptions:
name: name:
@@ -38,7 +45,7 @@ DOCUMENTATION = """
description: description:
- Path to an existing Kubernetes config file. If not provided, and no other connection - Path to an existing Kubernetes config file. If not provided, and no other connection
options are provided, the Kubernetes client will attempt to load the default options are provided, the Kubernetes client will attempt to load the default
configuration file from '~/.kube/config'. Can also be specified via K8S_AUTH_KUBECONFIG configuration file from I(~/.kube/config). Can also be specified via K8S_AUTH_KUBECONFIG
environment variable. environment variable.
context: context:
description: description:
@@ -86,12 +93,12 @@ DOCUMENTATION = """
to access. to access.
requirements: requirements:
- "python >= 3.6" - "python >= 3.9"
- "kubernetes >= 12.0.0" - "kubernetes >= 24.2.0"
- "PyYAML >= 3.11" - "PyYAML >= 3.11"
""" """
EXAMPLES = """ EXAMPLES = r"""
# File must be named k8s.yaml or k8s.yml # File must be named k8s.yaml or k8s.yml
- name: Authenticate with token, and return all pods and services for all namespaces - name: Authenticate with token, and return all pods and services for all namespaces
@@ -117,19 +124,19 @@ EXAMPLES = """
import json import json
from ansible.errors import AnsibleError from ansible.errors import AnsibleError
from ansible_collections.kubernetes.core.plugins.module_utils.common import ( from ansible.plugins.inventory import BaseInventoryPlugin, Cacheable, Constructable
HAS_K8S_MODULE_HELPER,
k8s_import_exception,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import (
get_api_client,
)
from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
try: try:
from kubernetes.dynamic.exceptions import DynamicApiError from kubernetes.dynamic.exceptions import DynamicApiError
except ImportError:
pass HAS_K8S_MODULE_HELPER = True
k8s_import_exception = None
except ImportError as e:
HAS_K8S_MODULE_HELPER = False
k8s_import_exception = e
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import (
get_api_client,
)
def format_dynamic_api_exc(exc): def format_dynamic_api_exc(exc):
@@ -155,6 +162,12 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
def parse(self, inventory, loader, path, cache=True): def parse(self, inventory, loader, path, cache=True):
super(InventoryModule, self).parse(inventory, loader, path) super(InventoryModule, self).parse(inventory, loader, path)
self.display.deprecated(
"The 'k8s' inventory plugin has been deprecated and will be removed in release 6.0.0",
version="6.0.0",
collection_name="kubernetes.core",
)
cache_key = self._get_cache_prefix(path) cache_key = self._get_cache_prefix(path)
config_data = self._read_config_data(path) config_data = self._read_config_data(path)
self.setup(config_data, cache, cache_key) self.setup(config_data, cache, cache_key)
@@ -180,7 +193,6 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
self.fetch_objects(connections) self.fetch_objects(connections)
def fetch_objects(self, connections): def fetch_objects(self, connections):
if connections: if connections:
if not isinstance(connections, list): if not isinstance(connections, list):
raise K8sInventoryException("Expecting connections to be a list.") raise K8sInventoryException("Expecting connections to be a list.")

6
plugins/lookup/k8s.py
View File

@@ -114,8 +114,8 @@ DOCUMENTATION = """
aliases: [ verify_ssl ] aliases: [ verify_ssl ]
requirements: requirements:
- "python >= 3.6" - "python >= 3.9"
- "kubernetes >= 12.0.0" - "kubernetes >= 24.2.0"
- "PyYAML >= 3.11" - "PyYAML >= 3.11"
""" """
@@ -179,7 +179,6 @@ import os
from ansible.errors import AnsibleError from ansible.errors import AnsibleError
from ansible.module_utils.common._collections_compat import KeysView from ansible.module_utils.common._collections_compat import KeysView
from ansible.module_utils.common.validation import check_type_bool from ansible.module_utils.common.validation import check_type_bool
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import (
get_api_client, get_api_client,
) )
@@ -214,7 +213,6 @@ except ImportError as e:
class KubernetesLookup(object): class KubernetesLookup(object):
def __init__(self): def __init__(self):
if not HAS_K8S_MODULE_HELPER: if not HAS_K8S_MODULE_HELPER:
raise Exception( raise Exception(
"Requires the Kubernetes Python client. Try `pip install kubernetes`. Detail: {0}".format( "Requires the Kubernetes Python client. Try `pip install kubernetes`. Detail: {0}".format(

59
plugins/lookup/kustomize.py
View File

@@ -8,7 +8,7 @@ DOCUMENTATION = """
short_description: Build a set of kubernetes resources using a 'kustomization.yaml' file. short_description: Build a set of kubernetes resources using a 'kustomization.yaml' file.
version_added: "2.2.0" version_added: 2.2.0
author: author:
- Aubin Bikouo (@abikouo) - Aubin Bikouo (@abikouo)
@@ -30,6 +30,10 @@ DOCUMENTATION = """
opt_dirs: opt_dirs:
description: description:
- An optional list of directories to search for the executable in addition to PATH. - An optional list of directories to search for the executable in addition to PATH.
enable_helm:
description:
- Enable the helm chart inflation generator
default: "False"
requirements: requirements:
- "python >= 3.6" - "python >= 3.6"
@@ -37,16 +41,20 @@ DOCUMENTATION = """
EXAMPLES = """ EXAMPLES = """
- name: Run lookup using kustomize - name: Run lookup using kustomize
set_fact: ansible.builtin.set_fact:
resources: "{{ lookup('kubernetes.core.kustomize', binary_path='/path/to/kustomize') }}" resources: "{{ lookup('kubernetes.core.kustomize', binary_path='/path/to/kustomize') }}"
- name: Run lookup using kubectl kustomize - name: Run lookup using kubectl kustomize
set_fact: ansible.builtin.set_fact:
resources: "{{ lookup('kubernetes.core.kustomize', binary_path='/path/to/kubectl') }}" resources: "{{ lookup('kubernetes.core.kustomize', binary_path='/path/to/kubectl') }}"
- name: Create kubernetes resources for lookup output - name: Create kubernetes resources for lookup output
k8s: kubernetes.core.k8s:
definition: "{{ lookup('kubernetes.core.kustomize', dir='/path/to/kustomization') }}" definition: "{{ lookup('kubernetes.core.kustomize', dir='/path/to/kustomization') }}"
- name: Create kubernetes resources for lookup output with `--enable-helm` set
kubernetes.core.k8s:
definition: "{{ lookup('kubernetes.core.kustomize', dir='/path/to/kustomization', enable_helm=True) }}"
""" """
RETURN = """ RETURN = """
@@ -64,13 +72,12 @@ RETURN = """
key1: val1 key1: val1
""" """
from ansible.errors import AnsibleLookupError
from ansible.plugins.lookup import LookupBase
from ansible.module_utils.common.process import get_bin_path
import subprocess import subprocess
from ansible.errors import AnsibleLookupError
from ansible.module_utils.common.process import get_bin_path
from ansible.plugins.lookup import LookupBase
def get_binary_from_path(name, opt_dirs=None): def get_binary_from_path(name, opt_dirs=None):
opt_arg = {} opt_arg = {}
@@ -87,12 +94,20 @@ def get_binary_from_path(name, opt_dirs=None):
def run_command(command): def run_command(command):
cmd = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE) cmd = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
return cmd.communicate() stdout, stderr = cmd.communicate()
return cmd.returncode, stdout, stderr
class LookupModule(LookupBase): class LookupModule(LookupBase):
def run( def run(
self, terms, variables=None, dir=".", binary_path=None, opt_dirs=None, **kwargs self,
terms,
variables=None,
dir=".",
binary_path=None,
opt_dirs=None,
enable_helm=False,
**kwargs
): ):
executable_path = binary_path executable_path = binary_path
if executable_path is None: if executable_path is None:
@@ -123,9 +138,21 @@ class LookupModule(LookupBase):
) )
) )
(out, err) = run_command(command) if enable_helm:
if err: command += ["--enable-helm"]
raise AnsibleLookupError(
"kustomize command failed with: {0}".format(err.decode("utf-8")) (ret, out, err) = run_command(command)
) if ret != 0:
if err:
raise AnsibleLookupError(
"kustomize command failed. exit code: {0}, error: {1}".format(
ret, err.decode("utf-8")
)
)
else:
raise AnsibleLookupError(
"kustomize command failed with unknown error. exit code: {0}".format(
ret
)
)
return [out.decode("utf-8")] return [out.decode("utf-8")]

4
plugins/module_utils/ansiblemodule.py
View File

@@ -14,9 +14,9 @@ except TypeError:
if enable_turbo_mode: if enable_turbo_mode:
try: try:
from ansible_collections.cloud.common.plugins.module_utils.turbo.module import ( from ansible_collections.cloud.common.plugins.module_utils.turbo.module import ( # noqa: F401
AnsibleTurboModule as AnsibleModule, AnsibleTurboModule as AnsibleModule,
) # noqa: F401 )
AnsibleModule.collection_name = "kubernetes.core" AnsibleModule.collection_name = "kubernetes.core"
except ImportError: except ImportError:

5
plugins/module_utils/apply.py
View File

@@ -17,8 +17,8 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type __metaclass__ = type
from collections import OrderedDict
import json import json
from collections import OrderedDict
from ansible.module_utils.common.dict_transformations import dict_merge from ansible.module_utils.common.dict_transformations import dict_merge
from ansible_collections.kubernetes.core.plugins.module_utils.exceptions import ( from ansible_collections.kubernetes.core.plugins.module_utils.exceptions import (
@@ -31,7 +31,6 @@ from ansible_collections.kubernetes.core.plugins.module_utils.version import (
LooseVersion, LooseVersion,
) )
try: try:
from kubernetes.dynamic.exceptions import NotFoundError from kubernetes.dynamic.exceptions import NotFoundError
except ImportError: except ImportError:
@@ -150,6 +149,7 @@ def k8s_apply(resource, definition, **kwargs):
force_conflicts=kwargs.get("force_conflicts"), force_conflicts=kwargs.get("force_conflicts"),
field_manager=kwargs.get("field_manager"), field_manager=kwargs.get("field_manager"),
dry_run=kwargs.get("dry_run"), dry_run=kwargs.get("dry_run"),
serialize=kwargs.get("serialize"),
) )
if not existing: if not existing:
return resource.create( return resource.create(
@@ -159,6 +159,7 @@ def k8s_apply(resource, definition, **kwargs):
return resource.get( return resource.get(
name=definition["metadata"]["name"], name=definition["metadata"]["name"],
namespace=definition["metadata"].get("namespace"), namespace=definition["metadata"].get("namespace"),
**kwargs
) )
return resource.patch( return resource.patch(
body=desired, body=desired,

2
plugins/module_utils/args_common.py
View File

@@ -18,7 +18,7 @@ AUTH_PROXY_HEADERS_SPEC = dict(
) )
AUTH_ARG_SPEC = { AUTH_ARG_SPEC = {
"kubeconfig": {"type": "raw"}, "kubeconfig": {"type": "raw", "no_log": True},
"context": {}, "context": {},
"host": {}, "host": {},
"api_key": {"no_log": True}, "api_key": {"no_log": True},

11
plugins/module_utils/client/discovery.py
View File

@@ -13,15 +13,18 @@
# limitations under the License. # limitations under the License.
import hashlib
import json import json
import os import os
from collections import defaultdict
import hashlib
import tempfile import tempfile
from collections import defaultdict
from functools import partial from functools import partial
import kubernetes.dynamic import kubernetes.dynamic
import kubernetes.dynamic.discovery import kubernetes.dynamic.discovery
from ansible_collections.kubernetes.core.plugins.module_utils.client.resource import (
ResourceList,
)
from kubernetes import __version__ from kubernetes import __version__
from kubernetes.dynamic.exceptions import ( from kubernetes.dynamic.exceptions import (
ResourceNotFoundError, ResourceNotFoundError,
@@ -29,10 +32,6 @@ from kubernetes.dynamic.exceptions import (
ServiceUnavailableError, ServiceUnavailableError,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.client.resource import (
ResourceList,
)
class Discoverer(kubernetes.dynamic.discovery.Discoverer): class Discoverer(kubernetes.dynamic.discovery.Discoverer):
def __init__(self, client, cache_file): def __init__(self, client, cache_file):

1442
plugins/module_utils/common.py
View File

File diff suppressed because it is too large Load Diff

15
plugins/module_utils/copy.py
View File

@@ -18,25 +18,26 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type __metaclass__ = type
import os import os
from tempfile import TemporaryFile, NamedTemporaryFile
from select import select
from abc import ABCMeta, abstractmethod
import tarfile import tarfile
from abc import ABCMeta, abstractmethod
from select import select
from tempfile import NamedTemporaryFile, TemporaryFile
from ansible.module_utils._text import to_native
# from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import AnsibleModule # from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import AnsibleModule
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import (
CoreException, CoreException,
) )
from ansible.module_utils._text import to_native
try: try:
from kubernetes.client.api import core_v1_api from kubernetes.client.api import core_v1_api
from kubernetes.stream import stream from kubernetes.stream import stream
from kubernetes.stream.ws_client import ( from kubernetes.stream.ws_client import (
STDOUT_CHANNEL,
STDERR_CHANNEL,
ERROR_CHANNEL,
ABNF, ABNF,
ERROR_CHANNEL,
STDERR_CHANNEL,
STDOUT_CHANNEL,
) )
except ImportError: except ImportError:
pass pass

4
plugins/module_utils/hashes.py
View File

@@ -19,8 +19,8 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type __metaclass__ = type
import json
import hashlib import hashlib
import json
try: try:
import string import string
@@ -37,7 +37,7 @@ except ImportError:
def sorted_dict(unsorted_dict): def sorted_dict(unsorted_dict):
result = OrderedDict() result = OrderedDict()
for (k, v) in sorted(unsorted_dict.items()): for k, v in sorted(unsorted_dict.items()):
if isinstance(v, dict): if isinstance(v, dict):
v = sorted_dict(v) v = sorted_dict(v)
result[k] = v result[k] = v

25
plugins/module_utils/helm.py
View File

@@ -7,19 +7,18 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type __metaclass__ = type
import copy
import json
import os import os
import re
import tempfile import tempfile
import traceback import traceback
import re
import json
import copy
from ansible.module_utils.basic import missing_required_lib from ansible.module_utils.basic import AnsibleModule, missing_required_lib
from ansible.module_utils.six import string_types from ansible.module_utils.six import string_types
from ansible_collections.kubernetes.core.plugins.module_utils.version import ( from ansible_collections.kubernetes.core.plugins.module_utils.version import (
LooseVersion, LooseVersion,
) )
from ansible.module_utils.basic import AnsibleModule
try: try:
import yaml import yaml
@@ -78,13 +77,11 @@ def write_temp_kubeconfig(server, validate_certs=True, ca_cert=None, kubeconfig=
class AnsibleHelmModule(object): class AnsibleHelmModule(object):
""" """
An Ansible module class for Kubernetes.core helm modules An Ansible module class for Kubernetes.core helm modules
""" """
def __init__(self, **kwargs): def __init__(self, **kwargs):
self._module = None self._module = None
if "module" in kwargs: if "module" in kwargs:
self._module = kwargs.get("module") self._module = kwargs.get("module")
@@ -162,11 +159,13 @@ class AnsibleHelmModule(object):
self.helm_env = self._prepare_helm_environment() self.helm_env = self._prepare_helm_environment()
return self.helm_env return self.helm_env
def run_helm_command(self, command, fails_on_error=True): def run_helm_command(self, command, fails_on_error=True, data=None):
if not HAS_YAML: if not HAS_YAML:
self.fail_json(msg=missing_required_lib("PyYAML"), exception=YAML_IMP_ERR) self.fail_json(msg=missing_required_lib("PyYAML"), exception=YAML_IMP_ERR)
rc, out, err = self.run_command(command, environ_update=self.env_update) rc, out, err = self.run_command(
command, environ_update=self.env_update, data=data
)
if fails_on_error and rc != 0: if fails_on_error and rc != 0:
self.fail_json( self.fail_json(
msg="Failure when executing Helm command. Exited {0}.\nstdout: {1}\nstderr: {2}".format( msg="Failure when executing Helm command. Exited {0}.\nstdout: {1}\nstderr: {2}".format(
@@ -184,13 +183,12 @@ class AnsibleHelmModule(object):
) )
def get_helm_version(self): def get_helm_version(self):
command = self.get_helm_binary() + " version" command = self.get_helm_binary() + " version"
rc, out, err = self.run_command(command) rc, out, err = self.run_command(command)
m = re.match(r'version.BuildInfo{Version:"v([0-9\.]*)",', out) m = re.match(r'version.BuildInfo{Version:"v(.*?)",', out)
if m: if m:
return m.group(1) return m.group(1)
m = re.match(r'Client: &version.Version{SemVer:"v([0-9\.]*)", ', out) m = re.match(r'Client: &version.Version{SemVer:"v(.*?)", ', out)
if m: if m:
return m.group(1) return m.group(1)
return None return None
@@ -216,7 +214,6 @@ class AnsibleHelmModule(object):
return yaml.safe_load(out) return yaml.safe_load(out)
def parse_yaml_content(self, content): def parse_yaml_content(self, content):
if not HAS_YAML: if not HAS_YAML:
self.fail_json(msg=missing_required_lib("yaml"), exception=HAS_YAML) self.fail_json(msg=missing_required_lib("yaml"), exception=HAS_YAML)
@@ -228,7 +225,6 @@ class AnsibleHelmModule(object):
) )
def get_manifest(self, release_name): def get_manifest(self, release_name):
command = [ command = [
self.get_helm_binary(), self.get_helm_binary(),
"get", "get",
@@ -241,7 +237,6 @@ class AnsibleHelmModule(object):
return self.parse_yaml_content(out) return self.parse_yaml_content(out)
def get_notes(self, release_name): def get_notes(self, release_name):
command = [ command = [
self.get_helm_binary(), self.get_helm_binary(),
"get", "get",

1
plugins/module_utils/helm_args_common.py
View File

@@ -16,6 +16,7 @@ HELM_AUTH_ARG_SPEC = dict(
type="raw", type="raw",
aliases=["kubeconfig_path"], aliases=["kubeconfig_path"],
fallback=(env_fallback, ["K8S_AUTH_KUBECONFIG"]), fallback=(env_fallback, ["K8S_AUTH_KUBECONFIG"]),
no_log=True,
), ),
host=dict(type="str", fallback=(env_fallback, ["K8S_AUTH_HOST"])), host=dict(type="str", fallback=(env_fallback, ["K8S_AUTH_HOST"])),
ca_cert=dict( ca_cert=dict(

3
plugins/module_utils/k8s/client.py
View File

@@ -1,12 +1,11 @@
# Copyright: (c) 2021, Red Hat | Ansible # Copyright: (c) 2021, Red Hat | Ansible
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
import os
import hashlib import hashlib
import os
from typing import Any, Dict, List, Optional from typing import Any, Dict, List, Optional
from ansible.module_utils.six import iteritems, string_types from ansible.module_utils.six import iteritems, string_types
from ansible_collections.kubernetes.core.plugins.module_utils.args_common import ( from ansible_collections.kubernetes.core.plugins.module_utils.args_common import (
AUTH_ARG_MAP, AUTH_ARG_MAP,
AUTH_ARG_SPEC, AUTH_ARG_SPEC,

9
plugins/module_utils/k8s/core.py
View File

@@ -1,15 +1,12 @@
import traceback import traceback
from typing import Optional from typing import Optional
from ansible.module_utils.basic import AnsibleModule, missing_required_lib
from ansible.module_utils.common.text.converters import to_text
from ansible_collections.kubernetes.core.plugins.module_utils.version import ( from ansible_collections.kubernetes.core.plugins.module_utils.version import (
LooseVersion, LooseVersion,
) )
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.basic import missing_required_lib
from ansible.module_utils.common.text.converters import to_text
class AnsibleK8SModule: class AnsibleK8SModule:
"""A base module class for K8S modules. """A base module class for K8S modules.
@@ -38,7 +35,7 @@ class AnsibleK8SModule:
if self.settings["check_k8s"]: if self.settings["check_k8s"]:
self.requires("kubernetes") self.requires("kubernetes")
self.has_at_least("kubernetes", "12.0.0", warn=True) self.has_at_least("kubernetes", "24.2.0", warn=True)
if self.settings["check_pyyaml"]: if self.settings["check_pyyaml"]:
self.requires("pyyaml") self.requires("pyyaml")

2
plugins/module_utils/k8s/resource.py
View File

@@ -2,7 +2,7 @@
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
import os import os
from typing import cast, Dict, Iterable, List, Optional, Union from typing import Dict, Iterable, List, Optional, Union, cast
from ansible.module_utils.six import string_types from ansible.module_utils.six import string_types
from ansible.module_utils.urls import Request from ansible.module_utils.urls import Request

68
plugins/module_utils/k8s/runner.py
View File

@@ -4,12 +4,12 @@
from typing import Dict from typing import Dict
from ansible.module_utils._text import to_native from ansible.module_utils._text import to_native
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import (
get_api_client, get_api_client,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import (
CoreException, CoreException,
ResourceTimeout,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.resource import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.resource import (
create_definitions, create_definitions,
@@ -17,9 +17,7 @@ from ansible_collections.kubernetes.core.plugins.module_utils.k8s.resource impor
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.service import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.service import (
K8sService, K8sService,
diff_objects, diff_objects,
) hide_fields,
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import (
ResourceTimeout,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.waiter import exists from ansible_collections.kubernetes.core.plugins.module_utils.k8s.waiter import exists
from ansible_collections.kubernetes.core.plugins.module_utils.selector import ( from ansible_collections.kubernetes.core.plugins.module_utils.selector import (
@@ -46,16 +44,51 @@ def validate(client, module, resource):
return [_prepend_resource_info(resource, msg) for msg in warnings + errors] return [_prepend_resource_info(resource, msg) for msg in warnings + errors]
def get_definitions(svc, params):
try:
definitions = create_definitions(params)
except Exception as e:
msg = "Failed to load resource definition: {0}".format(e)
raise CoreException(msg) from e
delete_all = params.get("delete_all")
src = params.get("src")
resource_definition = params.get("resource_definition")
name = params.get("name")
state = params.get("state")
if (
delete_all
and state == "absent"
and name is None
and resource_definition is None
and src is None
):
# Delete all resources in the namespace for the specified resource type
if params.get("kind") is None:
raise CoreException(
"'kind' option is required to specify the resource type."
)
resource = svc.find_resource(
params.get("kind"), params.get("api_version"), fail=True
)
definitions = svc.retrieve_all(
resource,
params.get("namespace"),
params.get("label_selectors"),
)
return definitions
def run_module(module) -> None: def run_module(module) -> None:
results = [] results = []
changed = False changed = False
client = get_api_client(module) client = get_api_client(module)
svc = K8sService(client, module) svc = K8sService(client, module)
try:
definitions = create_definitions(module.params) definitions = get_definitions(svc, module.params)
except Exception as e:
msg = "Failed to load resource definition: {0}".format(e)
raise CoreException(msg) from e
for definition in definitions: for definition in definitions:
result = {"changed": False, "result": {}} result = {"changed": False, "result": {}}
@@ -102,9 +135,11 @@ def perform_action(svc, definition: Dict, params: Dict) -> Dict:
state = params.get("state", None) state = params.get("state", None)
kind = definition.get("kind") kind = definition.get("kind")
api_version = definition.get("apiVersion") api_version = definition.get("apiVersion")
hidden_fields = params.get("hidden_fields")
result = {"changed": False, "result": {}} result = {"changed": False, "result": {}}
instance = {} instance = {}
warnings = []
resource = svc.find_resource(kind, api_version, fail=True) resource = svc.find_resource(kind, api_version, fail=True)
definition["kind"] = resource.kind definition["kind"] = resource.kind
@@ -138,7 +173,7 @@ def perform_action(svc, definition: Dict, params: Dict) -> Dict:
return result return result
if params.get("apply"): if params.get("apply"):
instance = svc.apply(resource, definition, existing) instance, warnings = svc.apply(resource, definition, existing)
result["method"] = "apply" result["method"] = "apply"
elif not existing: elif not existing:
if state == "patched": if state == "patched":
@@ -149,16 +184,19 @@ def perform_action(svc, definition: Dict, params: Dict) -> Dict:
) )
) )
return result return result
instance = svc.create(resource, definition) instance, warnings = svc.create(resource, definition)
result["method"] = "create" result["method"] = "create"
result["changed"] = True result["changed"] = True
elif params.get("force", False): elif params.get("force", False):
instance = svc.replace(resource, definition, existing) instance, warnings = svc.replace(resource, definition, existing)
result["method"] = "replace" result["method"] = "replace"
else: else:
instance = svc.update(resource, definition, existing) instance, warnings = svc.update(resource, definition, existing)
result["method"] = "update" result["method"] = "update"
if warnings:
result["warnings"] = warnings
# If needed, wait and/or create diff # If needed, wait and/or create diff
success = True success = True
@@ -177,7 +215,7 @@ def perform_action(svc, definition: Dict, params: Dict) -> Dict:
existing = existing.to_dict() existing = existing.to_dict()
else: else:
existing = {} existing = {}
match, diffs = diff_objects(existing, instance) match, diffs = diff_objects(existing, instance, hidden_fields)
if match and diffs: if match and diffs:
result.setdefault("warnings", []).append( result.setdefault("warnings", []).append(
"No meaningful diff was generated, but the API may not be idempotent " "No meaningful diff was generated, but the API may not be idempotent "
@@ -187,7 +225,7 @@ def perform_action(svc, definition: Dict, params: Dict) -> Dict:
if svc.module._diff: if svc.module._diff:
result["diff"] = diffs result["diff"] = diffs
result["result"] = instance result["result"] = hide_fields(instance, hidden_fields)
if not success: if not success:
raise ResourceTimeout( raise ResourceTimeout(
'"{0}" "{1}": Timed out waiting on resource'.format( '"{0}" "{1}": Timed out waiting on resource'.format(

450
plugins/module_utils/k8s/service.py
View File

@@ -1,38 +1,35 @@
# Copyright: (c) 2021, Red Hat | Ansible # Copyright: (c) 2021, Red Hat | Ansible
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from typing import Any, Dict, List, Optional, Tuple import copy
from json import loads
from re import compile
from typing import Any, Dict, List, Optional, Tuple, Union
from ansible.module_utils.common.dict_transformations import dict_merge
from ansible_collections.kubernetes.core.plugins.module_utils.hashes import ( from ansible_collections.kubernetes.core.plugins.module_utils.hashes import (
generate_hash, generate_hash,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.core import requires
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.waiter import (
Waiter,
exists,
resource_absent,
get_waiter,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.core import (
requires,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import (
CoreException, CoreException,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.waiter import (
from ansible.module_utils.common.dict_transformations import dict_merge Waiter,
exists,
get_waiter,
resource_absent,
)
try: try:
from kubernetes.dynamic.exceptions import ( from kubernetes.dynamic.exceptions import (
NotFoundError, BadRequestError,
ResourceNotFoundError,
ResourceNotUniqueError,
ConflictError, ConflictError,
ForbiddenError, ForbiddenError,
MethodNotAllowedError, MethodNotAllowedError,
BadRequestError, NotFoundError,
ResourceNotFoundError,
ResourceNotUniqueError,
) )
except ImportError: except ImportError:
# Handled in module setup # Handled in module setup
@@ -147,18 +144,12 @@ class K8sService:
name: str, name: str,
namespace: str, namespace: str,
merge_type: str = None, merge_type: str = None,
) -> Dict: ) -> Tuple[Dict, List[str]]:
if merge_type == "json":
self.module.deprecate(
msg="json as a merge_type value is deprecated. Please use the k8s_json_patch module instead.",
version="3.0.0",
collection_name="kubernetes.core",
)
try: try:
params = dict(name=name, namespace=namespace) params = dict(name=name, namespace=namespace, serialize=False)
if merge_type: if merge_type:
params["content_type"] = "application/{0}-patch+json".format(merge_type) params["content_type"] = "application/{0}-patch+json".format(merge_type)
return self.client.patch(resource, definition, **params).to_dict() return decode_response(self.client.patch(resource, definition, **params))
except Exception as e: except Exception as e:
reason = e.body if hasattr(e, "body") else e reason = e.body if hasattr(e, "body") else e
msg = "Failed to patch object: {0}".format(reason) msg = "Failed to patch object: {0}".format(reason)
@@ -211,6 +202,30 @@ class K8sService:
return existing return existing
def retrieve_all(
self, resource: Resource, namespace: str, label_selectors: List[str] = None
) -> List[Dict]:
definitions: List[ResourceInstance] = []
try:
params = dict(namespace=namespace)
if label_selectors:
params["label_selector"] = ",".join(label_selectors)
resource_list = self.client.get(resource, **params)
for item in resource_list.items:
existing = self.client.get(
resource, name=item.metadata.name, namespace=namespace
)
definitions.append(existing.to_dict())
except (NotFoundError, MethodNotAllowedError):
pass
except Exception as e:
reason = e.body if hasattr(e, "body") else e
msg = "Failed to retrieve requested object: {0}".format(reason)
raise CoreException(msg) from e
return definitions
def find( def find(
self, self,
kind: str, kind: str,
@@ -224,6 +239,7 @@ class K8sService:
wait_timeout: Optional[int] = 120, wait_timeout: Optional[int] = 120,
state: Optional[str] = "present", state: Optional[str] = "present",
condition: Optional[Dict] = None, condition: Optional[Dict] = None,
hidden_fields: Optional[List] = None,
) -> Dict: ) -> Dict:
resource = self.find_resource(kind, api_version) resource = self.find_resource(kind, api_version)
api_found = bool(resource) api_found = bool(resource)
@@ -286,7 +302,9 @@ class K8sService:
instances = resources.get("items") or [resources] instances = resources.get("items") or [resources]
if not wait: if not wait:
result["resources"] = instances result["resources"] = [
hide_fields(instance, hidden_fields) for instance in instances
]
return result return result
# Now wait for the specified state of any resource instances we have found. # Now wait for the specified state of any resource instances we have found.
@@ -305,126 +323,127 @@ class K8sService:
"Failed to gather information about %s(s) even" "Failed to gather information about %s(s) even"
" after waiting for %s seconds" % (res.get("kind"), duration) " after waiting for %s seconds" % (res.get("kind"), duration)
) )
result["resources"].append(res) result["resources"].append(hide_fields(res, hidden_fields))
return result return result
def create(self, resource: Resource, definition: Dict) -> Dict: def create(self, resource: Resource, definition: Dict) -> Tuple[Dict, List[str]]:
namespace = definition["metadata"].get("namespace") namespace = definition["metadata"].get("namespace")
name = definition["metadata"].get("name") name = definition["metadata"].get("name")
if self._client_side_dry_run: if self._client_side_dry_run:
k8s_obj = _encode_stringdata(definition) return _encode_stringdata(definition), []
else:
try: try:
k8s_obj = self.client.create( return decode_response(
resource, definition, namespace=namespace self.client.create(
).to_dict() resource, definition, namespace=namespace, serialize=False
except ConflictError:
# Some resources, like ProjectRequests, can't be created multiple times,
# because the resources that they create don't match their kind
# In this case we'll mark it as unchanged and warn the user
self.module.warn(
"{0} was not found, but creating it returned a 409 Conflict error. This can happen \
if the resource you are creating does not directly create a resource of the same kind.".format(
name
)
) )
return dict() )
except Exception as e: except ConflictError:
reason = e.body if hasattr(e, "body") else e # Some resources, like ProjectRequests, can't be created multiple times,
msg = "Failed to create object: {0}".format(reason) # because the resources that they create don't match their kind
raise CoreException(msg) from e # In this case we'll mark it as unchanged and warn the user
return k8s_obj self.module.warn(
"{0} was not found, but creating it returned a 409 Conflict error. This can happen \
if the resource you are creating does not directly create a resource of the same kind.".format(
name
)
)
return dict(), []
except Exception as e:
reason = e.body if hasattr(e, "body") else e
msg = "Failed to create object: {0}".format(reason)
raise CoreException(msg) from e
def apply( def apply(
self, self,
resource: Resource, resource: Resource,
definition: Dict, definition: Dict,
existing: Optional[ResourceInstance] = None, existing: Optional[ResourceInstance] = None,
) -> Dict: ) -> Tuple[Dict, List[str]]:
namespace = definition["metadata"].get("namespace") namespace = definition["metadata"].get("namespace")
server_side_apply = self.module.params.get("server_side_apply") server_side_apply = self.module.params.get("server_side_apply")
if server_side_apply: if server_side_apply:
requires("kubernetes", "19.15.0", reason="to use server side apply") requires("kubernetes", "19.15.0", reason="to use server side apply")
if self._client_side_dry_run: if self._client_side_dry_run:
ignored, patch = apply_object(resource, _encode_stringdata(definition)) ignored, patch = apply_object(resource, _encode_stringdata(definition))
if existing: if existing:
k8s_obj = dict_merge(existing.to_dict(), patch) return dict_merge(existing.to_dict(), patch), []
else: else:
k8s_obj = patch return patch, []
else:
try: try:
params = {} params = {}
if server_side_apply: if server_side_apply:
params["server_side"] = True params["server_side"] = True
params.update(server_side_apply) params.update(server_side_apply)
k8s_obj = self.client.apply( return decode_response(
resource, definition, namespace=namespace, **params self.client.apply(
).to_dict() resource, definition, namespace=namespace, serialize=False, **params
except Exception as e: )
reason = e.body if hasattr(e, "body") else e )
msg = "Failed to apply object: {0}".format(reason) except Exception as e:
raise CoreException(msg) from e reason = e.body if hasattr(e, "body") else e
return k8s_obj msg = "Failed to apply object: {0}".format(reason)
raise CoreException(msg) from e
def replace( def replace(
self, self,
resource: Resource, resource: Resource,
definition: Dict, definition: Dict,
existing: ResourceInstance, existing: ResourceInstance,
) -> Dict: ) -> Tuple[Dict, List[str]]:
append_hash = self.module.params.get("append_hash", False) append_hash = self.module.params.get("append_hash", False)
name = definition["metadata"].get("name") name = definition["metadata"].get("name")
namespace = definition["metadata"].get("namespace") namespace = definition["metadata"].get("namespace")
if self._client_side_dry_run: if self._client_side_dry_run:
k8s_obj = _encode_stringdata(definition) return _encode_stringdata(definition), []
else:
try: try:
k8s_obj = self.client.replace( return decode_response(
self.client.replace(
resource, resource,
definition, definition,
name=name, name=name,
namespace=namespace, namespace=namespace,
append_hash=append_hash, append_hash=append_hash,
).to_dict() serialize=False,
except Exception as e: )
reason = e.body if hasattr(e, "body") else e )
msg = "Failed to replace object: {0}".format(reason) except Exception as e:
raise CoreException(msg) from e reason = e.body if hasattr(e, "body") else e
return k8s_obj msg = "Failed to replace object: {0}".format(reason)
raise CoreException(msg) from e
def update( def update(
self, resource: Resource, definition: Dict, existing: ResourceInstance self, resource: Resource, definition: Dict, existing: ResourceInstance
) -> Dict: ) -> Tuple[Dict, List[str]]:
name = definition["metadata"].get("name") name = definition["metadata"].get("name")
namespace = definition["metadata"].get("namespace") namespace = definition["metadata"].get("namespace")
if self._client_side_dry_run: if self._client_side_dry_run:
k8s_obj = dict_merge(existing.to_dict(), _encode_stringdata(definition)) return dict_merge(existing.to_dict(), _encode_stringdata(definition)), []
else:
exception = None exception = None
for merge_type in self.module.params.get("merge_type") or [ for merge_type in self.module.params.get("merge_type") or [
"strategic-merge", "strategic-merge",
"merge", "merge",
]: ]:
try: try:
k8s_obj = self.patch_resource( return self.patch_resource(
resource, resource,
definition, definition,
name, name,
namespace, namespace,
merge_type=merge_type, merge_type=merge_type,
) )
exception = None except CoreException as e:
except CoreException as e: exception = e
exception = e continue
continue raise exception
break
if exception:
raise exception
return k8s_obj
def delete( def delete(
self, self,
@@ -454,7 +473,7 @@ class K8sService:
if label_selectors: if label_selectors:
params["label_selector"] = ",".join(label_selectors) params["label_selector"] = ",".join(label_selectors)
if delete_options: if delete_options and not self.module.check_mode:
body = { body = {
"apiVersion": "v1", "apiVersion": "v1",
"kind": "DeleteOptions", "kind": "DeleteOptions",
@@ -471,7 +490,9 @@ class K8sService:
return k8s_obj return k8s_obj
def diff_objects(existing: Dict, new: Dict) -> Tuple[bool, Dict]: def diff_objects(
existing: Dict, new: Dict, hidden_fields: Optional[list] = None
) -> Tuple[bool, Dict]:
result = {} result = {}
diff = recursive_diff(existing, new) diff = recursive_diff(existing, new)
if not diff: if not diff:
@@ -480,17 +501,214 @@ def diff_objects(existing: Dict, new: Dict) -> Tuple[bool, Dict]:
result["before"] = diff[0] result["before"] = diff[0]
result["after"] = diff[1] result["after"] = diff[1]
if list(result["after"].keys()) != ["metadata"] or list( if list(result["after"].keys()) == ["metadata"] and list(
result["before"].keys() result["before"].keys()
) != ["metadata"]: ) == ["metadata"]:
return False, result # If only metadata.generation and metadata.resourceVersion changed, ignore it
ignored_keys = set(["generation", "resourceVersion"])
# If only metadata.generation and metadata.resourceVersion changed, ignore it if set(result["after"]["metadata"].keys()).issubset(ignored_keys) and set(
ignored_keys = set(["generation", "resourceVersion"]) result["before"]["metadata"].keys()
).issubset(ignored_keys):
return True, result
if not set(result["after"]["metadata"].keys()).issubset(ignored_keys): result["before"] = hide_fields(result["before"], hidden_fields)
return False, result result["after"] = hide_fields(result["after"], hidden_fields)
if not set(result["before"]["metadata"].keys()).issubset(ignored_keys):
return False, result
return True, result return False, result
def hide_field_tree(hidden_field: str) -> List[str]:
result = []
key, rest = hide_field_split2(hidden_field)
result.append(key)
while rest:
key, rest = hide_field_split2(rest)
result.append(key)
return result
def build_hidden_field_tree(hidden_fields: List[str]) -> Dict[str, Any]:
"""Group hidden field targeting the same json key
Example:
Input: ['env[3]', 'env[0]']
Output: {'env': [0, 3]}
"""
output = {}
for hidden_field in hidden_fields:
current = output
tree = hide_field_tree(hidden_field)
for idx, key in enumerate(tree):
if current.get(key, "") is None:
break
if idx == (len(tree) - 1):
current[key] = None
elif key not in current:
current[key] = {}
current = current[key]
return output
# hide_field should be able to cope with simple or more complicated
# field definitions
# e.g. status or metadata.managedFields or
# spec.template.spec.containers[0].env[3].value or
# metadata.annotations[kubectl.kubernetes.io/last-applied-configuration]
def hide_field(
definition: Union[Dict[str, Any], List[Any]], hidden_field: Dict[str, Any]
) -> Dict[str, Any]:
def dict_contains_key(obj: Dict[str, Any], key: str) -> bool:
return key in obj
def list_contains_key(obj: List[Any], key: str) -> bool:
return int(key) < len(obj)
hidden_keys = list(hidden_field.keys())
field_contains_key = dict_contains_key
field_get_key = str
if isinstance(definition, list):
# Sort with reverse=true so that when we delete an item from the list, the order is not changed
hidden_keys = sorted(
[k for k in hidden_field.keys() if k.isdecimal()], reverse=True
)
field_contains_key = list_contains_key
field_get_key = int
for key in hidden_keys:
if field_contains_key(definition, key):
value = hidden_field.get(key)
convert_key = field_get_key(key)
if value is None:
del definition[convert_key]
else:
definition[convert_key] = hide_field(definition[convert_key], value)
if (
definition[convert_key] == dict()
or definition[convert_key] == list()
):
del definition[convert_key]
return definition
def hide_fields(
definition: Dict[str, Any], hidden_fields: Optional[List[str]]
) -> Dict[str, Any]:
if not hidden_fields:
return definition
result = copy.deepcopy(definition)
hidden_field_tree = build_hidden_field_tree(hidden_fields)
return hide_field(result, hidden_field_tree)
def decode_response(resp) -> Tuple[Dict, List[str]]:
"""
This function decodes unserialized responses from the Kubernetes python
client and decodes the RFC2616 14.46 warnings found in the response
headers.
"""
obj = ResourceInstance(None, loads(resp.data.decode("utf8"))).to_dict()
warnings = []
if (
resp.headers is not None
and "warning" in resp.headers
and resp.headers["warning"] is not None
):
warnings = resp.headers["warning"].split(", ")
return obj, decode_warnings(warnings)
def decode_warnings(warnings: str) -> List[str]:
"""
This function decodes RFC2616 14.46 warnings in a simplified way, where
only the warn-texts are returned in a list.
"""
p = compile('\\d{3} .+ (".+")')
decoded = []
for warning in warnings:
m = p.match(warning)
if m:
try:
parsed, unused = parse_quoted_string(m.group(1))
decoded.append(parsed)
except ValueError:
continue
return decoded
def parse_quoted_string(quoted_string: str) -> Tuple[str, str]:
"""
This function was adapted from:
https://github.com/kubernetes/apimachinery/blob/bb8822152cabfb4f34dbc26270f874ce53db50de/pkg/util/net/http.go#L609
"""
if len(quoted_string) == 0:
raise ValueError("invalid quoted string: 0-length")
if quoted_string[0] != '"':
raise ValueError("invalid quoted string: missing initial quote")
quoted_string = quoted_string[1:]
remainder = ""
escaping = False
closed_quote = False
result = []
for i, b in enumerate(quoted_string):
if b == '"':
if escaping:
result.append(b)
escaping = False
else:
closed_quote = True
remainder_start = i + 1
remainder = quoted_string[remainder_start:].strip()
break
elif b == "\\":
if escaping:
result.append(b)
escaping = False
else:
escaping = True
else:
result.append(b)
escaping = False
if not closed_quote:
raise ValueError("invalid quoted string: missing closing quote")
return "".join(result), remainder
# hide_field_split2 returns the first key in hidden_field and the rest of the hidden_field
# We expect the first key to either be in brackets, to be terminated by the start of a left
# bracket, or to be terminated by a dot.
# examples would be:
# field.another.next -> (field, another.next)
# field[key].value -> (field, [key].value)
# [key].value -> (key, value)
# [one][two] -> (one, [two])
def hide_field_split2(hidden_field: str) -> Tuple[str, str]:
lbracket = hidden_field.find("[")
rbracket = hidden_field.find("]")
dot = hidden_field.find(".")
if lbracket == 0:
# skip past right bracket and any following dot
rest = hidden_field[rbracket + 1 :] # noqa: E203
if rest and rest[0] == ".":
rest = rest[1:]
return (hidden_field[lbracket + 1 : rbracket], rest) # noqa: E203
if lbracket != -1 and (dot == -1 or lbracket < dot):
return (hidden_field[:lbracket], hidden_field[lbracket:])
split = hidden_field.split(".", 1)
if len(split) == 1:
return split[0], ""
return split

33
plugins/module_utils/k8s/waiter.py
View File

@@ -3,7 +3,6 @@ from functools import partial
from typing import Any, Callable, Dict, Iterator, List, Optional, Tuple, Union from typing import Any, Callable, Dict, Iterator, List, Optional, Tuple, Union
from ansible.module_utils.parsing.convert_bool import boolean from ansible.module_utils.parsing.convert_bool import boolean
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import (
CoreException, CoreException,
) )
@@ -52,7 +51,7 @@ def daemonset_ready(daemonset: ResourceInstance) -> bool:
return bool( return bool(
daemonset.status daemonset.status
and daemonset.status.desiredNumberScheduled is not None and daemonset.status.desiredNumberScheduled is not None
and daemonset.status.updatedNumberScheduled and (daemonset.status.updatedNumberScheduled or 0)
== daemonset.status.desiredNumberScheduled == daemonset.status.desiredNumberScheduled
and daemonset.status.numberReady == daemonset.status.desiredNumberScheduled and daemonset.status.numberReady == daemonset.status.desiredNumberScheduled
and daemonset.status.observedGeneration == daemonset.metadata.generation and daemonset.status.observedGeneration == daemonset.metadata.generation
@@ -61,6 +60,13 @@ def daemonset_ready(daemonset: ResourceInstance) -> bool:
def statefulset_ready(statefulset: ResourceInstance) -> bool: def statefulset_ready(statefulset: ResourceInstance) -> bool:
if statefulset.spec.updateStrategy.type == "OnDelete":
return bool(
statefulset.status
and statefulset.status.observedGeneration
== (statefulset.metadata.generation or 0)
and statefulset.status.replicas == statefulset.spec.replicas
)
# These may be None # These may be None
updated_replicas = statefulset.status.updatedReplicas or 0 updated_replicas = statefulset.status.updatedReplicas or 0
ready_replicas = statefulset.status.readyReplicas or 0 ready_replicas = statefulset.status.readyReplicas or 0
@@ -111,11 +117,34 @@ def exists(resource: Optional[ResourceInstance]) -> bool:
return bool(resource) and not empty_list(resource) return bool(resource) and not empty_list(resource)
def cluster_operator_ready(resource: ResourceInstance) -> bool:
"""
Predicate to check if a single ClusterOperator is healthy.
Returns True if:
- "Available" is True
- "Degraded" is False
- "Progressing" is False
"""
if not resource:
return False
# Extract conditions from the resource's status
conditions = resource.get("status", {}).get("conditions", [])
status = {x.get("type", ""): x.get("status") for x in conditions}
return (
(status.get("Degraded") == "False")
and (status.get("Progressing") == "False")
and (status.get("Available") == "True")
)
RESOURCE_PREDICATES = { RESOURCE_PREDICATES = {
"DaemonSet": daemonset_ready, "DaemonSet": daemonset_ready,
"Deployment": deployment_ready, "Deployment": deployment_ready,
"Pod": pod_ready, "Pod": pod_ready,
"StatefulSet": statefulset_ready, "StatefulSet": statefulset_ready,
"ClusterOperator": cluster_operator_ready,
} }

3
plugins/module_utils/k8sdynamicclient.py
View File

@@ -18,12 +18,11 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type __metaclass__ = type
from kubernetes.dynamic import DynamicClient
from ansible_collections.kubernetes.core.plugins.module_utils.apply import k8s_apply from ansible_collections.kubernetes.core.plugins.module_utils.apply import k8s_apply
from ansible_collections.kubernetes.core.plugins.module_utils.exceptions import ( from ansible_collections.kubernetes.core.plugins.module_utils.exceptions import (
ApplyException, ApplyException,
) )
from kubernetes.dynamic import DynamicClient
class K8SDynamicClient(DynamicClient): class K8SDynamicClient(DynamicClient):

1
plugins/module_utils/selector.py
View File

@@ -16,7 +16,6 @@ import re
class Selector(object): class Selector(object):
equality_based_operators = ("==", "!=", "=") equality_based_operators = ("==", "!=", "=")
def __init__(self, data): def __init__(self, data):

253
plugins/modules/helm.py
View File

@@ -14,7 +14,7 @@ module: helm
short_description: Manages Kubernetes packages with the Helm package manager short_description: Manages Kubernetes packages with the Helm package manager
version_added: "0.11.0" version_added: 0.11.0
author: author:
- Lucas Boisserie (@LucasBoisserie) - Lucas Boisserie (@LucasBoisserie)
@@ -61,7 +61,7 @@ options:
default: false default: false
type: bool type: bool
aliases: [ dep_up ] aliases: [ dep_up ]
version_added: "2.4.0" version_added: 2.4.0
release_name: release_name:
description: description:
- Release name to manage. - Release name to manage.
@@ -99,7 +99,7 @@ options:
default: [] default: []
type: list type: list
elements: str elements: str
version_added: '1.1.0' version_added: 1.1.0
update_repo_cache: update_repo_cache:
description: description:
- Run C(helm repo update) before the operation. Can be run as part of the package installation or as a separate step (see Examples). - Run C(helm repo update) before the operation. Can be run as part of the package installation or as a separate step (see Examples).
@@ -129,7 +129,32 @@ options:
- string - string
- json - json
- file - file
version_added: '2.4.0' version_added: 2.4.0
reuse_values:
description:
- When upgrading package, specifies wether to reuse the last release's values and merge in any overrides from parameters I(release_values),
I(values_files) or I(set_values).
- If I(reset_values) is set to C(True), this is ignored.
type: bool
required: false
version_added: 3.0.0
reset_values:
description:
- When upgrading package, reset the values to the ones built into the chart.
type: bool
required: false
default: True
version_added: 3.0.0
reset_then_reuse_values:
description:
- When upgrading package, reset the values to the ones built into the chart, apply the last release's values and merge in any overrides from
parameters O(release_values), O(values_files) or O(set_values).
- If O(reset_values) or O(reuse_values) is set to V(True), this is ignored.
- This feature requires helm diff >= 3.9.12.
type: bool
required: false
default: False
version_added: 6.0.0
#Helm options #Helm options
disable_hook: disable_hook:
@@ -166,7 +191,7 @@ options:
- similar to C(wait_timeout) but does not required C(wait) to be activated. - similar to C(wait_timeout) but does not required C(wait) to be activated.
- Mutually exclusive with C(wait_timeout). - Mutually exclusive with C(wait_timeout).
type: str type: str
version_added: "2.3.0" version_added: 2.3.0
atomic: atomic:
description: description:
- If set, the installation process deletes the installation on failure. - If set, the installation process deletes the installation on failure.
@@ -177,12 +202,12 @@ options:
- Create the release namespace if not present. - Create the release namespace if not present.
type: bool type: bool
default: False default: False
version_added: "0.11.1" version_added: 0.11.1
post_renderer: post_renderer:
description: description:
- Path to an executable to be used for post rendering. - Path to an executable to be used for post rendering.
type: str type: str
version_added: "2.4.0" version_added: 2.4.0
replace: replace:
description: description:
- Reuse the given name, only if that name is a deleted release which remains in the history. - Reuse the given name, only if that name is a deleted release which remains in the history.
@@ -190,19 +215,28 @@ options:
- mutually exclusive with with C(history_max). - mutually exclusive with with C(history_max).
type: bool type: bool
default: False default: False
version_added: "1.11.0" version_added: 1.11.0
skip_crds: skip_crds:
description: description:
- Skip custom resource definitions when installing or upgrading. - Skip custom resource definitions when installing or upgrading.
type: bool type: bool
default: False default: False
version_added: "1.2.0" version_added: 1.2.0
history_max: history_max:
description: description:
- Limit the maximum number of revisions saved per release. - Limit the maximum number of revisions saved per release.
- mutually exclusive with with C(replace). - mutually exclusive with with C(replace).
type: int type: int
version_added: "2.2.0" version_added: 2.2.0
insecure_skip_tls_verify:
description:
- Skip tls certificate checks for the chart download.
- Do not confuse with the C(validate_certs) option.
- This option is only available for helm >= 3.16.0.
type: bool
default: False
aliases: [ skip_tls_certs_check ]
version_added: 5.3.0
extends_documentation_fragment: extends_documentation_fragment:
- kubernetes.core.helm_common_options - kubernetes.core.helm_common_options
""" """
@@ -310,6 +344,17 @@ EXAMPLES = r"""
enabled: True enabled: True
logging: logging:
enabled: True enabled: True
# Deploy latest version
- name: Deploy latest version of Grafana chart using reuse_values
kubernetes.core.helm:
name: test
chart_ref: stable/grafana
release_namespace: monitoring
reuse_values: true
values:
replicas: 2
version: 3e8ec0b2dffa40fb97d5342e4af887de95faa8c61a62480dd7f8aa03dffcf533
""" """
RETURN = r""" RETURN = r"""
@@ -367,10 +412,11 @@ command:
sample: helm upgrade ... sample: helm upgrade ...
""" """
import copy
import re import re
import tempfile import tempfile
import traceback import traceback
import copy
from ansible_collections.kubernetes.core.plugins.module_utils.version import ( from ansible_collections.kubernetes.core.plugins.module_utils.version import (
LooseVersion, LooseVersion,
) )
@@ -406,14 +452,20 @@ def get_release(state, release_name):
return None return None
def get_release_status(module, release_name): def get_release_status(module, release_name, all_status=False):
""" """
Get Release state from deployed release Get Release state from all release status (deployed, failed, pending-install, etc)
""" """
list_command = ( list_command = [
module.get_helm_binary() + " list --output=yaml --filter " + release_name module.get_helm_binary(),
) "list",
"--output=yaml",
"--filter",
release_name,
]
if all_status:
list_command.append("--all")
rc, out, err = module.run_helm_command(list_command) rc, out, err = module.run_helm_command(list_command)
@@ -439,15 +491,18 @@ def run_dep_update(module, chart_ref):
""" """
Run dependency update Run dependency update
""" """
dep_update = module.get_helm_binary() + " dependency update " + chart_ref dep_update = module.get_helm_binary() + f" dependency update '{chart_ref}'"
rc, out, err = module.run_helm_command(dep_update) rc, out, err = module.run_helm_command(dep_update)
def fetch_chart_info(module, command, chart_ref): def fetch_chart_info(module, command, chart_ref, insecure_skip_tls_verify=False):
""" """
Get chart info Get chart info
""" """
inspect_command = command + " show chart " + chart_ref inspect_command = command + f" show chart '{chart_ref}'"
if insecure_skip_tls_verify:
inspect_command += " --insecure-skip-tls-verify"
rc, out, err = module.run_helm_command(inspect_command) rc, out, err = module.run_helm_command(inspect_command)
@@ -455,6 +510,7 @@ def fetch_chart_info(module, command, chart_ref):
def deploy( def deploy(
module,
command, command,
release_name, release_name,
release_values, release_values,
@@ -473,6 +529,10 @@ def deploy(
timeout=None, timeout=None,
dependency_update=None, dependency_update=None,
set_value_args=None, set_value_args=None,
reuse_values=None,
reset_values=True,
reset_then_reuse_values=False,
insecure_skip_tls_verify=False,
): ):
""" """
Install/upgrade/rollback release chart Install/upgrade/rollback release chart
@@ -484,9 +544,22 @@ def deploy(
deploy_command += " --dependency-update" deploy_command += " --dependency-update"
else: else:
deploy_command = command + " upgrade -i" # install/upgrade deploy_command = command + " upgrade -i" # install/upgrade
if reset_values:
deploy_command += " --reset-values"
# Always reset values to keep release_values equal to values released if reuse_values is not None:
deploy_command += " --reset-values" deploy_command += " --reuse-values=" + str(reuse_values)
if reset_then_reuse_values:
helm_version = module.get_helm_version()
if LooseVersion(helm_version) < LooseVersion("3.14.0"):
module.fail_json(
msg="reset_then_reuse_values requires helm >= 3.14.0, current version is {0}".format(
helm_version
)
)
else:
deploy_command += " --reset-then-reuse-values"
if wait: if wait:
deploy_command += " --wait" deploy_command += " --wait"
@@ -511,6 +584,17 @@ def deploy(
if create_namespace: if create_namespace:
deploy_command += " --create-namespace" deploy_command += " --create-namespace"
if insecure_skip_tls_verify:
helm_version = module.get_helm_version()
if LooseVersion(helm_version) < LooseVersion("3.16.0"):
module.fail_json(
msg="insecure_skip_tls_verify requires helm >= 3.16.0, current version is {0}".format(
helm_version
)
)
else:
deploy_command += " --insecure-skip-tls-verify"
if values_files: if values_files:
for value_file in values_files: for value_file in values_files:
deploy_command += " --values=" + value_file deploy_command += " --values=" + value_file
@@ -520,9 +604,10 @@ def deploy(
with open(path, "w") as yaml_file: with open(path, "w") as yaml_file:
yaml.dump(release_values, yaml_file, default_flow_style=False) yaml.dump(release_values, yaml_file, default_flow_style=False)
deploy_command += " -f=" + path deploy_command += " -f=" + path
module.add_cleanup_file(path)
if post_renderer: if post_renderer:
deploy_command = " --post-renderer=" + post_renderer deploy_command += " --post-renderer=" + post_renderer
if skip_crds: if skip_crds:
deploy_command += " --skip-crds" deploy_command += " --skip-crds"
@@ -533,7 +618,7 @@ def deploy(
if set_value_args: if set_value_args:
deploy_command += " " + set_value_args deploy_command += " " + set_value_args
deploy_command += " " + release_name + " " + chart_name deploy_command += " " + release_name + f" '{chart_name}'"
return deploy_command return deploy_command
@@ -599,6 +684,12 @@ def helmdiff_check(
chart_version=None, chart_version=None,
replace=False, replace=False,
chart_repo_url=None, chart_repo_url=None,
post_renderer=False,
set_value_args=None,
reuse_values=None,
reset_values=True,
reset_then_reuse_values=False,
insecure_skip_tls_verify=False,
): ):
""" """
Use helm diff to determine if a release would change by upgrading a chart. Use helm diff to determine if a release would change by upgrading a chart.
@@ -612,7 +703,13 @@ def helmdiff_check(
if chart_version is not None: if chart_version is not None:
cmd += " " + "--version=" + chart_version cmd += " " + "--version=" + chart_version
if not replace: if not replace:
cmd += " " + "--reset-values" cmd += " " + "--reset-values=" + str(reset_values)
if post_renderer:
cmd += " --post-renderer=" + post_renderer
if values_files:
for value_file in values_files:
cmd += " --values=" + value_file
if release_values != {}: if release_values != {}:
fd, path = tempfile.mkstemp(suffix=".yml") fd, path = tempfile.mkstemp(suffix=".yml")
@@ -621,9 +718,32 @@ def helmdiff_check(
cmd += " -f=" + path cmd += " -f=" + path
module.add_cleanup_file(path) module.add_cleanup_file(path)
if values_files: if set_value_args:
for values_file in values_files: cmd += " " + set_value_args
cmd += " -f=" + values_file
if reuse_values:
cmd += " --reuse-values"
if reset_then_reuse_values:
helm_diff_version = get_plugin_version("diff")
helm_version = module.get_helm_version()
fail_msg = ""
if LooseVersion(helm_diff_version) < LooseVersion("3.9.12"):
fail_msg = "reset_then_reuse_values requires helm diff >= 3.9.12, current version is {0}\n".format(
helm_diff_version
)
if LooseVersion(helm_version) < LooseVersion("3.14.0"):
fail_msg += "reset_then_reuse_values requires helm >= 3.14.0, current version is {0}\n".format(
helm_version
)
if fail_msg:
module.fail_json(msg=fail_msg)
else:
cmd += " --reset-then-reuse-values"
if insecure_skip_tls_verify:
cmd += " --insecure-skip-tls-verify"
rc, out, err = module.run_helm_command(cmd) rc, out, err = module.run_helm_command(cmd)
return (len(out.strip()) > 0, out.strip()) return (len(out.strip()) > 0, out.strip())
@@ -682,6 +802,12 @@ def argument_spec():
skip_crds=dict(type="bool", default=False), skip_crds=dict(type="bool", default=False),
history_max=dict(type="int"), history_max=dict(type="int"),
set_values=dict(type="list", elements="dict"), set_values=dict(type="list", elements="dict"),
reuse_values=dict(type="bool"),
reset_values=dict(type="bool", default=True),
reset_then_reuse_values=dict(type="bool", default=False),
insecure_skip_tls_verify=dict(
type="bool", default=False, aliases=["skip_tls_certs_check"]
),
) )
) )
return arg_spec return arg_spec
@@ -732,34 +858,40 @@ def main():
history_max = module.params.get("history_max") history_max = module.params.get("history_max")
timeout = module.params.get("timeout") timeout = module.params.get("timeout")
set_values = module.params.get("set_values") set_values = module.params.get("set_values")
reuse_values = module.params.get("reuse_values")
reset_values = module.params.get("reset_values")
reset_then_reuse_values = module.params.get("reset_then_reuse_values")
insecure_skip_tls_verify = module.params.get("insecure_skip_tls_verify")
if update_repo_cache: if update_repo_cache:
run_repo_update(module) run_repo_update(module)
# Get real/deployed release status # Get real/deployed release status
release_status = get_release_status(module, release_name) all_status = release_state == "absent"
release_status = get_release_status(module, release_name, all_status=all_status)
helm_cmd = module.get_helm_binary() helm_cmd = module.get_helm_binary()
opt_result = {} opt_result = {}
if release_state == "absent" and release_status is not None: if release_state == "absent" and release_status is not None:
if replace: # skip release statuses 'uninstalled' and 'uninstalling'
module.fail_json(msg="replace is not applicable when state is absent") if not release_status["status"].startswith("uninstall"):
if replace:
module.fail_json(msg="replace is not applicable when state is absent")
if wait: if wait:
helm_version = module.get_helm_version() helm_version = module.get_helm_version()
if LooseVersion(helm_version) < LooseVersion("3.7.0"): if LooseVersion(helm_version) < LooseVersion("3.7.0"):
opt_result["warnings"] = [] opt_result["warnings"] = []
opt_result["warnings"].append( opt_result["warnings"].append(
"helm uninstall support option --wait for helm release >= 3.7.0" "helm uninstall support option --wait for helm release >= 3.7.0"
) )
wait = False wait = False
helm_cmd = delete( helm_cmd = delete(
helm_cmd, release_name, purge, disable_hook, wait, wait_timeout helm_cmd, release_name, purge, disable_hook, wait, wait_timeout
) )
changed = True changed = True
elif release_state == "present": elif release_state == "present":
if chart_version is not None: if chart_version is not None:
helm_cmd += " --version=" + chart_version helm_cmd += " --version=" + chart_version
@@ -767,7 +899,9 @@ def main():
helm_cmd += " --repo=" + chart_repo_url helm_cmd += " --repo=" + chart_repo_url
# Fetch chart info to have real version and real name for chart_ref from archive, folder or url # Fetch chart info to have real version and real name for chart_ref from archive, folder or url
chart_info = fetch_chart_info(module, helm_cmd, chart_ref) chart_info = fetch_chart_info(
module, helm_cmd, chart_ref, insecure_skip_tls_verify
)
if dependency_update: if dependency_update:
if chart_info.get("dependencies"): if chart_info.get("dependencies"):
@@ -799,12 +933,13 @@ def main():
"Please consider add dependencies block or disable dependency_update to remove this warning." "Please consider add dependencies block or disable dependency_update to remove this warning."
) )
if release_status is None: # Not installed set_value_args = None
set_value_args = None if set_values:
if set_values: set_value_args = module.get_helm_set_values_args(set_values)
set_value_args = module.get_helm_set_values_args(set_values)
if release_status is None: # Not installed
helm_cmd = deploy( helm_cmd = deploy(
module,
helm_cmd, helm_cmd,
release_name, release_name,
release_values, release_values,
@@ -823,11 +958,14 @@ def main():
history_max=history_max, history_max=history_max,
timeout=timeout, timeout=timeout,
set_value_args=set_value_args, set_value_args=set_value_args,
reuse_values=reuse_values,
reset_values=reset_values,
reset_then_reuse_values=reset_then_reuse_values,
insecure_skip_tls_verify=insecure_skip_tls_verify,
) )
changed = True changed = True
else: else:
helm_diff_version = get_plugin_version("diff") helm_diff_version = get_plugin_version("diff")
if helm_diff_version and ( if helm_diff_version and (
not chart_repo_url not chart_repo_url
@@ -845,6 +983,12 @@ def main():
chart_version, chart_version,
replace, replace,
chart_repo_url, chart_repo_url,
post_renderer,
set_value_args,
reuse_values=reuse_values,
reset_values=reset_values,
reset_then_reuse_values=reset_then_reuse_values,
insecure_skip_tls_verify=insecure_skip_tls_verify,
) )
if would_change and module._diff: if would_change and module._diff:
opt_result["diff"] = {"prepared": prepared} opt_result["diff"] = {"prepared": prepared}
@@ -858,11 +1002,8 @@ def main():
) )
if force or would_change: if force or would_change:
set_value_args = None
if set_values:
set_value_args = module.get_helm_set_values_args(set_values)
helm_cmd = deploy( helm_cmd = deploy(
module,
helm_cmd, helm_cmd,
release_name, release_name,
release_values, release_values,
@@ -881,6 +1022,10 @@ def main():
timeout=timeout, timeout=timeout,
dependency_update=dependency_update, dependency_update=dependency_update,
set_value_args=set_value_args, set_value_args=set_value_args,
reuse_values=reuse_values,
reset_values=reset_values,
reset_then_reuse_values=reset_then_reuse_values,
insecure_skip_tls_verify=insecure_skip_tls_verify,
) )
changed = True changed = True
@@ -914,7 +1059,7 @@ def main():
changed=changed, changed=changed,
stdout=out, stdout=out,
stderr=err, stderr=err,
status=get_release_status(module, release_name), status=get_release_status(module, release_name, all_status=True),
command=helm_cmd, command=helm_cmd,
**opt_result, **opt_result,
) )

14
plugins/modules/helm_info.py
View File

@@ -14,7 +14,7 @@ module: helm_info
short_description: Get information from Helm package deployed inside the cluster short_description: Get information from Helm package deployed inside the cluster
version_added: "0.11.0" version_added: 0.11.0
author: author:
- Lucas Boisserie (@LucasBoisserie) - Lucas Boisserie (@LucasBoisserie)
@@ -53,7 +53,7 @@ options:
type: list type: list
elements: str elements: str
default: [] default: []
version_added: "2.3.0" version_added: 2.3.0
get_all_values: get_all_values:
description: description:
- Set to C(True) if you want to get all (computed) values of the release. - Set to C(True) if you want to get all (computed) values of the release.
@@ -61,7 +61,7 @@ options:
required: false required: false
default: false default: false
type: bool type: bool
version_added: "2.4.0" version_added: 2.4.0
extends_documentation_fragment: extends_documentation_fragment:
- kubernetes.core.helm_common_options - kubernetes.core.helm_common_options
""" """
@@ -123,22 +123,22 @@ status:
elements: dict elements: dict
description: Hooks of the release description: Hooks of the release
returned: always returned: always
version_added: "2.4.0" version_added: 2.4.0
notes: notes:
type: str type: str
description: Notes of the release description: Notes of the release
returned: always returned: always
version_added: "2.4.0" version_added: 2.4.0
manifest: manifest:
type: list type: list
elements: dict elements: dict
description: Manifest of the release description: Manifest of the release
returned: always returned: always
version_added: "2.4.0" version_added: 2.4.0
""" """
import traceback
import copy import copy
import traceback
try: try:
import yaml import yaml

5
plugins/modules/helm_plugin.py
View File

@@ -12,7 +12,7 @@ DOCUMENTATION = r"""
--- ---
module: helm_plugin module: helm_plugin
short_description: Manage Helm plugins short_description: Manage Helm plugins
version_added: "1.0.0" version_added: 1.0.0
author: author:
- Abhijeet Kasurde (@Akasurde) - Abhijeet Kasurde (@Akasurde)
requirements: requirements:
@@ -47,7 +47,7 @@ options:
- Ignored when C(state=absent) or C(state=latest). - Ignored when C(state=absent) or C(state=latest).
required: false required: false
type: str type: str
version_added: "2.3.0" version_added: 2.3.0
extends_documentation_fragment: extends_documentation_fragment:
- kubernetes.core.helm_common_options - kubernetes.core.helm_common_options
""" """
@@ -109,6 +109,7 @@ rc:
""" """
import copy import copy
from ansible_collections.kubernetes.core.plugins.module_utils.helm import ( from ansible_collections.kubernetes.core.plugins.module_utils.helm import (
AnsibleHelmModule, AnsibleHelmModule,
parse_helm_plugin_list, parse_helm_plugin_list,

6
plugins/modules/helm_plugin_info.py
View File

@@ -12,7 +12,7 @@ DOCUMENTATION = r"""
--- ---
module: helm_plugin_info module: helm_plugin_info
short_description: Gather information about Helm plugins short_description: Gather information about Helm plugins
version_added: "1.0.0" version_added: 1.0.0
author: author:
- Abhijeet Kasurde (@Akasurde) - Abhijeet Kasurde (@Akasurde)
requirements: requirements:
@@ -71,9 +71,10 @@ rc:
""" """
import copy import copy
from ansible_collections.kubernetes.core.plugins.module_utils.helm import ( from ansible_collections.kubernetes.core.plugins.module_utils.helm import (
parse_helm_plugin_list,
AnsibleHelmModule, AnsibleHelmModule,
parse_helm_plugin_list,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.helm_args_common import ( from ansible_collections.kubernetes.core.plugins.module_utils.helm_args_common import (
HELM_AUTH_ARG_SPEC, HELM_AUTH_ARG_SPEC,
@@ -82,7 +83,6 @@ from ansible_collections.kubernetes.core.plugins.module_utils.helm_args_common i
def main(): def main():
argument_spec = copy.deepcopy(HELM_AUTH_ARG_SPEC) argument_spec = copy.deepcopy(HELM_AUTH_ARG_SPEC)
argument_spec.update( argument_spec.update(
dict( dict(

11
plugins/modules/helm_pull.py
View File

@@ -12,7 +12,7 @@ DOCUMENTATION = r"""
--- ---
module: helm_pull module: helm_pull
short_description: download a chart from a repository and (optionally) unpack it in local directory. short_description: download a chart from a repository and (optionally) unpack it in local directory.
version_added: "2.4.0" version_added: 2.4.0
author: author:
- Aubin Bikouo (@abikouo) - Aubin Bikouo (@abikouo)
description: description:
@@ -75,9 +75,10 @@ options:
skip_tls_certs_check: skip_tls_certs_check:
description: description:
- Whether or not to check tls certificate for the chart download. - Whether or not to check tls certificate for the chart download.
- Requires helm >= 3.3.0. - Requires helm >= 3.3.0. Alias C(insecure_skip_tls_verify) added in 5.3.0.
type: bool type: bool
default: False default: False
aliases: [ insecure_skip_tls_verify ]
chart_devel: chart_devel:
description: description:
- Use development versions, too. Equivalent to version '>0.0.0-0'. - Use development versions, too. Equivalent to version '>0.0.0-0'.
@@ -189,8 +190,10 @@ def main():
repo_password=dict( repo_password=dict(
type="str", no_log=True, aliases=["password", "chart_repo_password"] type="str", no_log=True, aliases=["password", "chart_repo_password"]
), ),
pass_credentials=dict(type="bool", default=False), pass_credentials=dict(type="bool", default=False, no_log=False),
skip_tls_certs_check=dict(type="bool", default=False), skip_tls_certs_check=dict(
type="bool", default=False, aliases=["insecure_skip_tls_verify"]
),
chart_devel=dict(type="bool"), chart_devel=dict(type="bool"),
untar_chart=dict(type="bool", default=False), untar_chart=dict(type="bool", default=False),
destination=dict(type="path", required=True), destination=dict(type="path", required=True),

249
plugins/modules/helm_registry_auth.py Normal file
View File

@@ -0,0 +1,249 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
# Copyright: © Ericsson AB 2024
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = r"""
---
module: helm_registry_auth
short_description: Helm registry authentication module
version_added: 5.1.0
author:
- Yuriy Novostavskiy (@yurnov)
requirements:
- "helm (https://github.com/helm/helm/releases) => 3.8.0"
description:
- Helm registry authentication module allows you to login C(helm registry login) and logout C(helm registry logout) from a Helm registry.
options:
state:
description:
- Desired state of the registry.
- If set to V(present) attempt to log in to the remote registry server using the URL specified in O(host).
- If set to V(absent) attempt to log out from the remote registry server using the URL specified in O(host).
- As helm >= 3.18.0 reports successful logout even if the user is not logged in, this module will report a change regardless of the current state.
required: false
default: present
choices: ['present', 'absent']
type: str
host:
description:
- Provide a URL for accessing the registry.
required: true
aliases: [ registry_url ]
type: str
insecure:
description:
- Allow connections to SSL sites without certs.
required: false
default: false
type: bool
username:
description:
- Username for the registry.
required: false
type: str
aliases: [ repo_username ]
password:
description:
- Password for the registry.
required: false
type: str
aliases: [ repo_password ]
key_file:
description:
- Path to the client key SSL file for identify registry client using this key file.
required: false
type: path
cert_file:
description:
- Path to the client certificate SSL file for identify registry client using this certificate file.
required: false
type: path
ca_file:
description:
- Path to the CA certificate SSL file for verify registry server certificate.
required: false
type: path
binary_path:
description:
- The path of a helm binary to use.
required: false
type: path
"""
EXAMPLES = r"""
- name: Login to remote registry
kubernetes.core.helm_registry_auth:
username: admin
password: "sample_password"
host: localhost:5000
- name: Logout from remote registry
kubernetes.core.helm_registry_auth:
state: absent
host: localhost:5000
"""
RETURN = r"""
stdout:
type: str
description: Full C(helm) command stdout, in case you want to display it or examine the event log
returned: always
stout_lines:
type: list
description: Full C(helm) command stdout, in case you want to display it or examine the event log
returned: always
stderr:
type: str
description: >-
Full C(helm) command stderr, in case you want to display it or examine the event log.
Please be note that helm binnary may print messages to stderr even if the command is successful.
returned: always
sample: 'Login Succeeded\n'
stderr_lines:
type: list
description: Full C(helm) command stderr, in case you want to display it or examine the event log
returned: always
command:
type: str
description: Full C(helm) command executed
returned: always
sample: '/usr/local/bin/helm registry login oci-registry.domain.example --username=admin --password-stdin --insecure'
failed:
type: bool
description: Indicate if the C(helm) command failed
returned: always
sample: false
"""
from ansible_collections.kubernetes.core.plugins.module_utils.helm import (
AnsibleHelmModule,
)
from ansible_collections.kubernetes.core.plugins.module_utils.version import (
LooseVersion,
)
def arg_spec():
return dict(
binary_path=dict(type="path", required=False),
host=dict(type="str", aliases=["registry_url"], required=True),
state=dict(default="present", choices=["present", "absent"], required=False),
insecure=dict(type="bool", default=False, required=False),
username=dict(type="str", aliases=["repo_username"], required=False),
password=dict(
type="str", aliases=["repo_password"], no_log=True, required=False
),
key_file=dict(type="path", required=False),
cert_file=dict(type="path", required=False),
ca_file=dict(type="path", required=False),
)
def login(
command,
host,
insecure,
username,
password,
key_file,
cert_file,
ca_file,
):
login_command = command + " registry login " + host
if username is not None and password is not None:
login_command += " --username=" + username + " --password-stdin"
if insecure:
login_command += " --insecure"
if key_file is not None:
login_command += " --key-file=" + key_file
if cert_file is not None:
login_command += " --cert-file=" + cert_file
if ca_file is not None:
login_command += " --ca-file=" + ca_file
return login_command
def logout(command, host):
return command + " registry logout " + host
def main():
global module
module = AnsibleHelmModule(
argument_spec=arg_spec(),
required_together=[["username", "password"]],
supports_check_mode=True,
)
changed = False
host = module.params.get("host")
state = module.params.get("state")
insecure = module.params.get("insecure")
username = module.params.get("username")
password = module.params.get("password")
key_file = module.params.get("key_file")
cert_file = module.params.get("cert_file")
ca_file = module.params.get("ca_file")
helm_cmd = module.get_helm_binary()
if state == "absent":
helm_cmd = logout(helm_cmd, host)
changed = True
elif state == "present":
helm_cmd = login(
helm_cmd, host, insecure, username, password, key_file, cert_file, ca_file
)
changed = True
if module.check_mode:
module.exit_json(changed=changed, command=helm_cmd)
rc, out, err = module.run_helm_command(
helm_cmd, data=password, fails_on_error=False
)
if rc != 0:
if state == "absent" and "Error: not logged in" in err:
changed = False
else:
module.fail_json(
msg="Failure when executing Helm command. Exited {0}.\nstdout: {1}\nstderr: {2}".format(
rc, out, err
),
stderr=err,
command=helm_cmd,
)
helm_version = module.get_helm_version()
if LooseVersion(helm_version) >= LooseVersion("3.18.0") and state == "absent":
# https://github.com/ansible-collections/kubernetes.core/issues/944
module.warn(
"The helm_registry_auth is not idempotent with helm >= 3.18.0, always report a change."
)
module.exit_json(changed=changed, stdout=out, stderr=err, command=helm_cmd)
if __name__ == "__main__":
main()

34
plugins/modules/helm_repository.py
View File

@@ -14,7 +14,7 @@ module: helm_repository
short_description: Manage Helm repositories. short_description: Manage Helm repositories.
version_added: "0.11.0" version_added: 0.11.0
author: author:
- Lucas Boisserie (@LucasBoisserie) - Lucas Boisserie (@LucasBoisserie)
@@ -76,12 +76,12 @@ options:
description: description:
- Provide a URL for accessing the API. Can also be specified via C(K8S_AUTH_HOST) environment variable. - Provide a URL for accessing the API. Can also be specified via C(K8S_AUTH_HOST) environment variable.
type: str type: str
version_added: "2.3.0" version_added: 2.3.0
api_key: api_key:
description: description:
- Token used to authenticate with the API. Can also be specified via C(K8S_AUTH_API_KEY) environment variable. - Token used to authenticate with the API. Can also be specified via C(K8S_AUTH_API_KEY) environment variable.
type: str type: str
version_added: "2.3.0" version_added: 2.3.0
validate_certs: validate_certs:
description: description:
- Whether or not to verify the API server's SSL certificates. Can also be specified via C(K8S_AUTH_VERIFY_SSL) - Whether or not to verify the API server's SSL certificates. Can also be specified via C(K8S_AUTH_VERIFY_SSL)
@@ -89,21 +89,21 @@ options:
type: bool type: bool
aliases: [ verify_ssl ] aliases: [ verify_ssl ]
default: True default: True
version_added: "2.3.0" version_added: 2.3.0
ca_cert: ca_cert:
description: description:
- Path to a CA certificate used to authenticate with the API. The full certificate chain must be provided to - Path to a CA certificate used to authenticate with the API. The full certificate chain must be provided to
avoid certificate validation errors. Can also be specified via C(K8S_AUTH_SSL_CA_CERT) environment variable. avoid certificate validation errors. Can also be specified via C(K8S_AUTH_SSL_CA_CERT) environment variable.
type: path type: path
aliases: [ ssl_ca_cert ] aliases: [ ssl_ca_cert ]
version_added: "2.3.0" version_added: 2.3.0
context: context:
description: description:
- Helm option to specify which kubeconfig context to use. - Helm option to specify which kubeconfig context to use.
- If the value is not specified in the task, the value of environment variable C(K8S_AUTH_CONTEXT) will be used instead. - If the value is not specified in the task, the value of environment variable C(K8S_AUTH_CONTEXT) will be used instead.
type: str type: str
aliases: [ kube_context ] aliases: [ kube_context ]
version_added: "2.4.0" version_added: 2.4.0
kubeconfig: kubeconfig:
description: description:
- Helm option to specify kubeconfig path to use. - Helm option to specify kubeconfig path to use.
@@ -111,14 +111,21 @@ options:
- The configuration can be provided as dictionary. - The configuration can be provided as dictionary.
type: raw type: raw
aliases: [ kubeconfig_path ] aliases: [ kubeconfig_path ]
version_added: "2.4.0" version_added: 2.4.0
force_update: force_update:
description: description:
- Whether or not to replace (overwrite) the repo if it already exists. - Whether or not to replace (overwrite) the repo if it already exists.
type: bool type: bool
aliases: [ force ] aliases: [ force ]
default: False default: False
version_added: "2.4.0" version_added: 2.4.0
insecure_skip_tls_verify:
description:
- Skip tls certificate checks for the repository url.
type: bool
default: False
aliases: [ skip_tls_certs_check ]
version_added: "5.3.0"
""" """
EXAMPLES = r""" EXAMPLES = r"""
@@ -166,8 +173,8 @@ msg:
sample: 'Repository already have a repository named bitnami' sample: 'Repository already have a repository named bitnami'
""" """
import traceback
import copy import copy
import traceback
try: try:
import yaml import yaml
@@ -226,6 +233,7 @@ def install_repository(
repository_password, repository_password,
pass_credentials, pass_credentials,
force_update, force_update,
insecure_skip_tls_verify,
): ):
install_command = command + " repo add " + repository_name + " " + repository_url install_command = command + " repo add " + repository_name + " " + repository_url
@@ -239,6 +247,9 @@ def install_repository(
if force_update: if force_update:
install_command += " --force-update" install_command += " --force-update"
if insecure_skip_tls_verify:
install_command += " --insecure-skip-tls-verify"
return install_command return install_command
@@ -262,6 +273,9 @@ def argument_spec():
), ),
pass_credentials=dict(type="bool", default=False, no_log=True), pass_credentials=dict(type="bool", default=False, no_log=True),
force_update=dict(type="bool", default=False, aliases=["force"]), force_update=dict(type="bool", default=False, aliases=["force"]),
insecure_skip_tls_verify=dict(
type="bool", default=False, aliases=["skip_tls_certs_check"]
),
) )
) )
return arg_spec return arg_spec
@@ -290,6 +304,7 @@ def main():
repo_state = module.params.get("repo_state") repo_state = module.params.get("repo_state")
pass_credentials = module.params.get("pass_credentials") pass_credentials = module.params.get("pass_credentials")
force_update = module.params.get("force_update") force_update = module.params.get("force_update")
insecure_skip_tls_verify = module.params.get("insecure_skip_tls_verify")
helm_cmd = module.get_helm_binary() helm_cmd = module.get_helm_binary()
@@ -308,6 +323,7 @@ def main():
repo_password, repo_password,
pass_credentials, pass_credentials,
force_update, force_update,
insecure_skip_tls_verify,
) )
changed = True changed = True
elif repository_status["url"] != repo_url: elif repository_status["url"] != repo_url:

18
plugins/modules/helm_template.py
View File

@@ -53,7 +53,7 @@ options:
default: false default: false
type: bool type: bool
aliases: [ dep_up ] aliases: [ dep_up ]
version_added: "2.4.0" version_added: 2.4.0
disable_hook: disable_hook:
description: description:
- Prevent hooks from running during install. - Prevent hooks from running during install.
@@ -72,6 +72,13 @@ options:
- If the directory already exists, it will be overwritten. - If the directory already exists, it will be overwritten.
required: false required: false
type: path type: path
insecure_registry:
description:
- Skip TLS certificate checks for the chart download
required: false
type: bool
default: false
version_added: 5.1.0
release_name: release_name:
description: description:
- Release name to use in rendered templates. - Release name to use in rendered templates.
@@ -139,7 +146,7 @@ options:
- string - string
- json - json
- file - file
version_added: '2.4.0' version_added: 2.4.0
""" """
EXAMPLES = r""" EXAMPLES = r"""
@@ -221,6 +228,7 @@ def template(
dependency_update=None, dependency_update=None,
disable_hook=None, disable_hook=None,
output_dir=None, output_dir=None,
insecure_registry=None,
show_only=None, show_only=None,
release_name=None, release_name=None,
release_namespace=None, release_namespace=None,
@@ -251,6 +259,9 @@ def template(
if output_dir: if output_dir:
cmd += " --output-dir=" + output_dir cmd += " --output-dir=" + output_dir
if insecure_registry:
cmd += " --insecure-skip-tls-verify"
if show_only: if show_only:
for template in show_only: for template in show_only:
cmd += " -s " + template cmd += " -s " + template
@@ -289,6 +300,7 @@ def main():
include_crds=dict(type="bool", default=False), include_crds=dict(type="bool", default=False),
release_name=dict(type="str", aliases=["name"]), release_name=dict(type="str", aliases=["name"]),
output_dir=dict(type="path"), output_dir=dict(type="path"),
insecure_registry=dict(type="bool", default=False),
release_namespace=dict(type="str"), release_namespace=dict(type="str"),
release_values=dict(type="dict", default={}, aliases=["values"]), release_values=dict(type="dict", default={}, aliases=["values"]),
show_only=dict(type="list", default=[], elements="str"), show_only=dict(type="list", default=[], elements="str"),
@@ -308,6 +320,7 @@ def main():
include_crds = module.params.get("include_crds") include_crds = module.params.get("include_crds")
release_name = module.params.get("release_name") release_name = module.params.get("release_name")
output_dir = module.params.get("output_dir") output_dir = module.params.get("output_dir")
insecure_registry = module.params.get("insecure_registry")
show_only = module.params.get("show_only") show_only = module.params.get("show_only")
release_namespace = module.params.get("release_namespace") release_namespace = module.params.get("release_namespace")
release_values = module.params.get("release_values") release_values = module.params.get("release_values")
@@ -337,6 +350,7 @@ def main():
disable_hook=disable_hook, disable_hook=disable_hook,
release_name=release_name, release_name=release_name,
output_dir=output_dir, output_dir=output_dir,
insecure_registry=insecure_registry,
release_namespace=release_namespace, release_namespace=release_namespace,
release_values=release_values, release_values=release_values,
show_only=show_only, show_only=show_only,

51
plugins/modules/k8s.py
View File

@@ -57,15 +57,14 @@ options:
- Whether to override the default patch merge approach with a specific type. By default, the strategic - Whether to override the default patch merge approach with a specific type. By default, the strategic
merge will typically be used. merge will typically be used.
- For example, Custom Resource Definitions typically aren't updatable by the usual strategic merge. You may - For example, Custom Resource Definitions typically aren't updatable by the usual strategic merge. You may
want to use C(merge) if you see "strategic merge patch format is not supported" want to use C(merge) if you see "strategic merge patch format is not supported".
- See U(https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment) - See U(https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment)
- If more than one C(merge_type) is given, the merge_types will be tried in order. This defaults to - If more than one C(merge_type) is given, the merge_types will be tried in order. This defaults to
C(['strategic-merge', 'merge']), which is ideal for using the same parameters on resource kinds that C(['strategic-merge', 'merge']), which is ideal for using the same parameters on resource kinds that
combine Custom Resources and built-in resources. combine Custom Resources and built-in resources.
- mutually exclusive with C(apply) - Mutually exclusive with C(apply).
- I(merge_type=json) is deprecated and will be removed in version 3.0.0. Please use M(kubernetes.core.k8s_json_patch) instead. - I(merge_type=json) has been removed in version 4.0.0. Please use M(kubernetes.core.k8s_json_patch) instead.
choices: choices:
- json
- merge - merge
- strategic-merge - strategic-merge
type: list type: list
@@ -101,7 +100,7 @@ options:
- C(apply) compares the desired resource definition with the previously supplied resource definition, - C(apply) compares the desired resource definition with the previously supplied resource definition,
ignoring properties that are automatically generated ignoring properties that are automatically generated
- C(apply) works better with Services than 'force=yes' - C(apply) works better with Services than 'force=yes'
- mutually exclusive with C(merge_type) - Mutually exclusive with C(merge_type).
default: False default: False
type: bool type: bool
template: template:
@@ -172,10 +171,32 @@ options:
- When set to True, server-side apply will force the changes against conflicts. - When set to True, server-side apply will force the changes against conflicts.
type: bool type: bool
default: False default: False
delete_all:
description:
- When this option is set to I(true) and I(state=absent),
module will delete all resources of the specified resource type in the requested namespace.
- Ignored when C(state) is not set to I(absent) or when one of (src),
C(name) or C(resource_definition) is provided.
- Parameter C(kind) is required to use this option.
- This parameter can be used with C(label_selectors) to restrict the resources to be deleted.
type: bool
default: false
version_added: 3.0.0
aliases:
- all
hidden_fields:
description:
- Hide fields matching this option in the result
- An example might be C(hidden_fields=[metadata.managedFields])
or V(hidden_fields=[spec.containers[0].env[3].value])
or V(hidden_fields=[metadata.annotations[kubectl.kubernetes.io/last-applied-configuration]])
type: list
elements: str
version_added: 3.0.0
requirements: requirements:
- "python >= 3.6" - "python >= 3.9"
- "kubernetes >= 12.0.0" - "kubernetes >= 24.2.0"
- "PyYAML >= 3.11" - "PyYAML >= 3.11"
- "jsonpatch" - "jsonpatch"
""" """
@@ -343,6 +364,14 @@ EXAMPLES = r"""
apply: yes apply: yes
server_side_apply: server_side_apply:
field_manager: ansible field_manager: ansible
# Delete all Deployment from specified namespace
- name: Delete all Deployment from specified namespace
kubernetes.core.k8s:
api_version: apps/v1
namespace: testing
kind: Deployment
delete_all: true
""" """
RETURN = r""" RETURN = r"""
@@ -394,10 +423,10 @@ from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule impo
) )
from ansible_collections.kubernetes.core.plugins.module_utils.args_common import ( from ansible_collections.kubernetes.core.plugins.module_utils.args_common import (
AUTH_ARG_SPEC, AUTH_ARG_SPEC,
WAIT_ARG_SPEC, DELETE_OPTS_ARG_SPEC,
NAME_ARG_SPEC, NAME_ARG_SPEC,
RESOURCE_ARG_SPEC, RESOURCE_ARG_SPEC,
DELETE_OPTS_ARG_SPEC, WAIT_ARG_SPEC,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.core import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.core import (
AnsibleK8SModule, AnsibleK8SModule,
@@ -431,7 +460,7 @@ def argspec():
argument_spec.update(copy.deepcopy(AUTH_ARG_SPEC)) argument_spec.update(copy.deepcopy(AUTH_ARG_SPEC))
argument_spec.update(copy.deepcopy(WAIT_ARG_SPEC)) argument_spec.update(copy.deepcopy(WAIT_ARG_SPEC))
argument_spec["merge_type"] = dict( argument_spec["merge_type"] = dict(
type="list", elements="str", choices=["json", "merge", "strategic-merge"] type="list", elements="str", choices=["merge", "strategic-merge"]
) )
argument_spec["validate"] = dict(type="dict", default=None, options=validate_spec()) argument_spec["validate"] = dict(type="dict", default=None, options=validate_spec())
argument_spec["append_hash"] = dict(type="bool", default=False) argument_spec["append_hash"] = dict(type="bool", default=False)
@@ -450,6 +479,8 @@ def argspec():
argument_spec["server_side_apply"] = dict( argument_spec["server_side_apply"] = dict(
type="dict", default=None, options=server_apply_spec() type="dict", default=None, options=server_apply_spec()
) )
argument_spec["delete_all"] = dict(type="bool", default=False, aliases=["all"])
argument_spec["hidden_fields"] = dict(type="list", elements="str")
return argument_spec return argument_spec

12
plugins/modules/k8s_cluster_info.py
View File

@@ -11,7 +11,7 @@ __metaclass__ = type
DOCUMENTATION = r""" DOCUMENTATION = r"""
module: k8s_cluster_info module: k8s_cluster_info
version_added: "0.11.1" version_added: 0.11.1
short_description: Describe Kubernetes (K8s) cluster, APIs available and their respective versions short_description: Describe Kubernetes (K8s) cluster, APIs available and their respective versions
@@ -34,8 +34,8 @@ extends_documentation_fragment:
- kubernetes.core.k8s_auth_options - kubernetes.core.k8s_auth_options
requirements: requirements:
- "python >= 3.6" - "python >= 3.9"
- "kubernetes >= 12.0.0" - "kubernetes >= 24.2.0"
- "PyYAML >= 3.11" - "PyYAML >= 3.11"
""" """
@@ -154,15 +154,15 @@ except ImportError:
from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import ( from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import (
AnsibleModule, AnsibleModule,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.args_common import (
AUTH_ARG_SPEC,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.core import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.core import (
AnsibleK8SModule, AnsibleK8SModule,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import (
CoreException, CoreException,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.args_common import (
AUTH_ARG_SPEC,
)
def execute_module(module, client): def execute_module(module, client):

25
plugins/modules/k8s_cp.py
View File

@@ -14,7 +14,7 @@ module: k8s_cp
short_description: Copy files and directories to and from pod. short_description: Copy files and directories to and from pod.
version_added: "2.2.0" version_added: 2.2.0
author: author:
- Aubin Bikouo (@abikouo) - Aubin Bikouo (@abikouo)
@@ -26,8 +26,8 @@ extends_documentation_fragment:
- kubernetes.core.k8s_auth_options - kubernetes.core.k8s_auth_options
requirements: requirements:
- "python >= 3.6" - "python >= 3.9"
- "kubernetes >= 12.0.0" - "kubernetes >= 24.2.0"
options: options:
namespace: namespace:
@@ -139,9 +139,18 @@ result:
import copy import copy
from ansible.module_utils._text import to_native
from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import ( from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import (
AnsibleModule, AnsibleModule,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.args_common import (
AUTH_ARG_SPEC,
)
from ansible_collections.kubernetes.core.plugins.module_utils.copy import (
K8SCopyFromPod,
K8SCopyToPod,
check_pod,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import (
get_api_client, get_api_client,
) )
@@ -155,16 +164,6 @@ from ansible_collections.kubernetes.core.plugins.module_utils.k8s.service import
K8sService, K8sService,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.args_common import (
AUTH_ARG_SPEC,
)
from ansible_collections.kubernetes.core.plugins.module_utils.copy import (
K8SCopyFromPod,
K8SCopyToPod,
check_pod,
)
from ansible.module_utils._text import to_native
def argspec(): def argspec():
argument_spec = copy.deepcopy(AUTH_ARG_SPEC) argument_spec = copy.deepcopy(AUTH_ARG_SPEC)

84
plugins/modules/k8s_drain.py
View File

@@ -15,7 +15,7 @@ module: k8s_drain
short_description: Drain, Cordon, or Uncordon node in k8s cluster short_description: Drain, Cordon, or Uncordon node in k8s cluster
version_added: "2.2.0" version_added: 2.2.0
author: Aubin Bikouo (@abikouo) author: Aubin Bikouo (@abikouo)
@@ -41,12 +41,21 @@ options:
- The name of the node. - The name of the node.
required: true required: true
type: str type: str
pod_selectors:
description:
- Label selector to filter pods on the node.
- This option has effect only when C(state) is set to I(drain).
type: list
elements: str
version_added: 3.0.0
aliases:
- label_selectors
delete_options: delete_options:
type: dict type: dict
default: {}
description: description:
- Specify options to delete pods. - Specify options to delete pods.
- This option has effect only when C(state) is set to I(drain). - This option has effect only when C(state) is set to I(drain).
default: {}
suboptions: suboptions:
terminate_grace_period: terminate_grace_period:
description: description:
@@ -88,8 +97,8 @@ options:
type: int type: int
requirements: requirements:
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
""" """
EXAMPLES = r""" EXAMPLES = r"""
@@ -97,7 +106,8 @@ EXAMPLES = r"""
kubernetes.core.k8s_drain: kubernetes.core.k8s_drain:
state: drain state: drain
name: foo name: foo
force: yes delete_options:
force: yes
- name: Drain node "foo", but abort if there are pods not managed by a ReplicationController, Job, or DaemonSet, and use a grace period of 15 minutes. - name: Drain node "foo", but abort if there are pods not managed by a ReplicationController, Job, or DaemonSet, and use a grace period of 15 minutes.
kubernetes.core.k8s_drain: kubernetes.core.k8s_drain:
@@ -115,6 +125,14 @@ EXAMPLES = r"""
kubernetes.core.k8s_drain: kubernetes.core.k8s_drain:
state: cordon state: cordon
name: foo name: foo
- name: Drain node "foo" using label selector to filter the list of pods to be drained.
kubernetes.core.k8s_drain:
state: drain
name: foo
pod_selectors:
- 'app!=csi-attacher'
- 'app!=csi-provisioner'
""" """
RETURN = r""" RETURN = r"""
@@ -126,10 +144,12 @@ result:
""" """
import copy import copy
import json
import time import time
import traceback import traceback
from datetime import datetime from datetime import datetime
from ansible.module_utils._text import to_native
from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import ( from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import (
AnsibleModule, AnsibleModule,
) )
@@ -146,12 +166,10 @@ from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions imp
CoreException, CoreException,
) )
from ansible.module_utils._text import to_native
try: try:
from kubernetes.client.api import core_v1_api from kubernetes.client.api import core_v1_api
from kubernetes.client.models import V1DeleteOptions, V1ObjectMeta
from kubernetes.client.exceptions import ApiException from kubernetes.client.exceptions import ApiException
from kubernetes.client.models import V1DeleteOptions, V1ObjectMeta
except ImportError: except ImportError:
# ImportError are managed by the common module already. # ImportError are managed by the common module already.
pass pass
@@ -171,6 +189,17 @@ except ImportError:
HAS_EVICTION_API = False HAS_EVICTION_API = False
def format_dynamic_api_exc(exc):
if exc.body:
if exc.headers and exc.headers.get("Content-Type") == "application/json":
message = json.loads(exc.body).get("message")
if message:
return message
return exc.body
else:
return "%s Reason: %s" % (exc.status, exc.reason)
def filter_pods(pods, force, ignore_daemonset, delete_emptydir_data): def filter_pods(pods, force, ignore_daemonset, delete_emptydir_data):
k8s_kind_mirror = "kubernetes.io/config.mirror" k8s_kind_mirror = "kubernetes.io/config.mirror"
daemonSet, unmanaged, mirror, localStorage, to_delete = [], [], [], [], [] daemonSet, unmanaged, mirror, localStorage, to_delete = [], [], [], [], []
@@ -275,16 +304,19 @@ class K8sDrainAnsible(object):
return (datetime.now() - start).seconds return (datetime.now() - start).seconds
response = None response = None
pod = pods.pop() pod = None
while (_elapsed_time() < wait_timeout or wait_timeout == 0) and pods: while (_elapsed_time() < wait_timeout or wait_timeout == 0) and pods:
if not pod: if not pod:
pod = pods.pop() pod = pods[-1]
try: try:
response = self._api_instance.read_namespaced_pod( response = self._api_instance.read_namespaced_pod(
namespace=pod[0], name=pod[1] namespace=pod[0], name=pod[1]
) )
if not response: if not response or response.spec.node_name != self._module.params.get(
"name"
):
pod = None pod = None
del pods[-1]
time.sleep(wait_sleep) time.sleep(wait_sleep)
except ApiException as exc: except ApiException as exc:
if exc.reason != "Not Found": if exc.reason != "Not Found":
@@ -292,6 +324,7 @@ class K8sDrainAnsible(object):
msg="Exception raised: {0}".format(exc.reason) msg="Exception raised: {0}".format(exc.reason)
) )
pod = None pod = None
del pods[-1]
except Exception as e: except Exception as e:
self._module.fail_json(msg="Exception raised: {0}".format(to_native(e))) self._module.fail_json(msg="Exception raised: {0}".format(to_native(e)))
if not pods: if not pods:
@@ -318,7 +351,7 @@ class K8sDrainAnsible(object):
if exc.reason != "Not Found": if exc.reason != "Not Found":
self._module.fail_json( self._module.fail_json(
msg="Failed to delete pod {0}/{1} due to: {2}".format( msg="Failed to delete pod {0}/{1} due to: {2}".format(
namespace, name, exc.reason namespace, name, to_native(format_dynamic_api_exc(exc))
) )
) )
except Exception as exc: except Exception as exc:
@@ -328,6 +361,17 @@ class K8sDrainAnsible(object):
) )
) )
def list_pods(self):
params = {
"field_selector": "spec.nodeName={name}".format(
name=self._module.params.get("name")
)
}
pod_selectors = self._module.params.get("pod_selectors")
if pod_selectors:
params["label_selector"] = ",".join(pod_selectors)
return self._api_instance.list_pod_for_all_namespaces(**params)
def delete_or_evict_pods(self, node_unschedulable): def delete_or_evict_pods(self, node_unschedulable):
# Mark node as unschedulable # Mark node as unschedulable
result = [] result = []
@@ -350,12 +394,7 @@ class K8sDrainAnsible(object):
self.patch_node(unschedulable=False) self.patch_node(unschedulable=False)
try: try:
field_selector = "spec.nodeName={name}".format( pod_list = self.list_pods()
name=self._module.params.get("name")
)
pod_list = self._api_instance.list_pod_for_all_namespaces(
field_selector=field_selector
)
# Filter pods # Filter pods
force = self._drain_options.get("force", False) force = self._drain_options.get("force", False)
ignore_daemonset = self._drain_options.get("ignore_daemonsets", False) ignore_daemonset = self._drain_options.get("ignore_daemonsets", False)
@@ -406,7 +445,6 @@ class K8sDrainAnsible(object):
return dict(result=" ".join(result)) return dict(result=" ".join(result))
def patch_node(self, unschedulable): def patch_node(self, unschedulable):
body = {"spec": {"unschedulable": unschedulable}} body = {"spec": {"unschedulable": unschedulable}}
try: try:
self._api_instance.patch_node( self._api_instance.patch_node(
@@ -418,7 +456,6 @@ class K8sDrainAnsible(object):
) )
def execute_module(self): def execute_module(self):
state = self._module.params.get("state") state = self._module.params.get("state")
name = self._module.params.get("name") name = self._module.params.get("name")
try: try:
@@ -486,6 +523,11 @@ def argspec():
wait_sleep=dict(type="int", default=5), wait_sleep=dict(type="int", default=5),
), ),
), ),
pod_selectors=dict(
type="list",
elements="str",
aliases=["label_selectors"],
),
) )
) )
return argument_spec return argument_spec

24
plugins/modules/k8s_exec.py
View File

@@ -15,7 +15,7 @@ module: k8s_exec
short_description: Execute command in Pod short_description: Execute command in Pod
version_added: "0.10.0" version_added: 0.10.0
author: "Tristan de Cacqueray (@tristanC)" author: "Tristan de Cacqueray (@tristanC)"
@@ -26,8 +26,8 @@ extends_documentation_fragment:
- kubernetes.core.k8s_auth_options - kubernetes.core.k8s_auth_options
requirements: requirements:
- "python >= 3.6" - "python >= 3.9"
- "kubernetes >= 12.0.0" - "kubernetes >= 24.2.0"
- "PyYAML >= 3.11" - "PyYAML >= 3.11"
notes: notes:
@@ -131,27 +131,27 @@ except ImportError:
# ImportError are managed by the common module already. # ImportError are managed by the common module already.
pass pass
from ansible.module_utils._text import to_native
from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import ( from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import (
AnsibleModule, AnsibleModule,
) )
from ansible.module_utils._text import to_native from ansible_collections.kubernetes.core.plugins.module_utils.args_common import (
from ansible_collections.kubernetes.core.plugins.module_utils.common import (
AUTH_ARG_SPEC, AUTH_ARG_SPEC,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.core import (
AnsibleK8SModule,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import (
get_api_client, get_api_client,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.core import (
AnsibleK8SModule,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import (
CoreException, CoreException,
) )
try: try:
from kubernetes.client.apis import core_v1_api from kubernetes.client.apis import core_v1_api
from kubernetes.stream import stream
from kubernetes.client.exceptions import ApiException from kubernetes.client.exceptions import ApiException
from kubernetes.stream import stream
except ImportError: except ImportError:
# ImportError are managed by the common module already. # ImportError are managed by the common module already.
pass pass
@@ -219,12 +219,6 @@ def execute_module(module, client):
else: else:
rc = int(err["details"]["causes"][0]["message"]) rc = int(err["details"]["causes"][0]["message"])
module.deprecate(
"The 'return_code' return key is being renamed to 'rc'. "
"Both keys are being returned for now to allow users to migrate their automation.",
version="4.0.0",
collection_name="kubernetes.core",
)
module.exit_json( module.exit_json(
# Some command might change environment, but ultimately failing at end # Some command might change environment, but ultimately failing at end
changed=True, changed=True,

21
plugins/modules/k8s_info.py
View File

@@ -44,6 +44,15 @@ options:
type: list type: list
elements: str elements: str
default: [] default: []
hidden_fields:
description:
- Hide fields matching any of the field definitions in the result
- An example might be C(hidden_fields=[metadata.managedFields])
or V(hidden_fields=[spec.containers[0].env[3].value])
or V(hidden_fields=[metadata.annotations[kubectl.kubernetes.io/last-applied-configuration]])
type: list
elements: str
version_added: 3.0.0
extends_documentation_fragment: extends_documentation_fragment:
- kubernetes.core.k8s_auth_options - kubernetes.core.k8s_auth_options
@@ -51,8 +60,8 @@ extends_documentation_fragment:
- kubernetes.core.k8s_wait_options - kubernetes.core.k8s_wait_options
requirements: requirements:
- "python >= 3.6" - "python >= 3.9"
- "kubernetes >= 12.0.0" - "kubernetes >= 24.2.0"
- "PyYAML >= 3.11" - "PyYAML >= 3.11"
""" """
@@ -157,12 +166,12 @@ from ansible_collections.kubernetes.core.plugins.module_utils.args_common import
AUTH_ARG_SPEC, AUTH_ARG_SPEC,
WAIT_ARG_SPEC, WAIT_ARG_SPEC,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.core import (
AnsibleK8SModule,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import (
get_api_client, get_api_client,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.core import (
AnsibleK8SModule,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import (
CoreException, CoreException,
) )
@@ -183,6 +192,7 @@ def execute_module(module, svc):
wait_sleep=module.params["wait_sleep"], wait_sleep=module.params["wait_sleep"],
wait_timeout=module.params["wait_timeout"], wait_timeout=module.params["wait_timeout"],
condition=module.params["wait_condition"], condition=module.params["wait_condition"],
hidden_fields=module.params["hidden_fields"],
) )
module.exit_json(changed=False, **facts) module.exit_json(changed=False, **facts)
@@ -198,6 +208,7 @@ def argspec():
namespace=dict(), namespace=dict(),
label_selectors=dict(type="list", elements="str", default=[]), label_selectors=dict(type="list", elements="str", default=[]),
field_selectors=dict(type="list", elements="str", default=[]), field_selectors=dict(type="list", elements="str", default=[]),
hidden_fields=dict(type="list", elements="str"),
) )
) )
return args return args

7
plugins/modules/k8s_json_patch.py
View File

@@ -62,8 +62,8 @@ extends_documentation_fragment:
- kubernetes.core.k8s_wait_options - kubernetes.core.k8s_wait_options
requirements: requirements:
- "python >= 3.6" - "python >= 3.9"
- "kubernetes >= 12.0.0" - "kubernetes >= 24.2.0"
- "PyYAML >= 3.11" - "PyYAML >= 3.11"
- "jsonpatch" - "jsonpatch"
""" """
@@ -127,8 +127,8 @@ error:
import copy import copy
import traceback import traceback
from ansible.module_utils.basic import missing_required_lib
from ansible.module_utils._text import to_native from ansible.module_utils._text import to_native
from ansible.module_utils.basic import missing_required_lib
from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import ( from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import (
AnsibleModule, AnsibleModule,
) )
@@ -152,7 +152,6 @@ from ansible_collections.kubernetes.core.plugins.module_utils.k8s.waiter import
get_waiter, get_waiter,
) )
try: try:
from kubernetes.dynamic.exceptions import DynamicApiError from kubernetes.dynamic.exceptions import DynamicApiError
except ImportError: except ImportError:

14
plugins/modules/k8s_log.py
View File

@@ -14,7 +14,7 @@ module: k8s_log
short_description: Fetch logs from Kubernetes resources short_description: Fetch logs from Kubernetes resources
version_added: "0.10.0" version_added: 0.10.0
author: author:
- "Fabian von Feilitzsch (@fabianvf)" - "Fabian von Feilitzsch (@fabianvf)"
@@ -61,30 +61,30 @@ options:
- A relative time in seconds before the current time from which to show logs. - A relative time in seconds before the current time from which to show logs.
required: no required: no
type: str type: str
version_added: '2.2.0' version_added: 2.2.0
previous: previous:
description: description:
- If C(true), print the logs for the previous instance of the container in a pod if it exists. - If C(true), print the logs for the previous instance of the container in a pod if it exists.
required: no required: no
type: bool type: bool
default: False default: False
version_added: '2.4.0' version_added: 2.4.0
tail_lines: tail_lines:
description: description:
- A number of lines from the end of the logs to retrieve. - A number of lines from the end of the logs to retrieve.
required: no required: no
type: int type: int
version_added: '2.4.0' version_added: 2.4.0
all_containers: all_containers:
description: description:
- If set to C(true), retrieve all containers' logs in the pod(s). - If set to C(true), retrieve all containers' logs in the pod(s).
- mutually exclusive with C(container). - mutually exclusive with C(container).
type: bool type: bool
version_added: '2.4.0' version_added: 2.4.0
requirements: requirements:
- "python >= 3.6" - "python >= 3.9"
- "kubernetes >= 12.0.0" - "kubernetes >= 24.2.0"
- "PyYAML >= 3.11" - "PyYAML >= 3.11"
""" """

6
plugins/modules/k8s_rollback.py
View File

@@ -12,7 +12,7 @@ __metaclass__ = type
DOCUMENTATION = r""" DOCUMENTATION = r"""
module: k8s_rollback module: k8s_rollback
short_description: Rollback Kubernetes (K8S) Deployments and DaemonSets short_description: Rollback Kubernetes (K8S) Deployments and DaemonSets
version_added: "1.0.0" version_added: 1.0.0
author: author:
- "Julien Huon (@julienhuon)" - "Julien Huon (@julienhuon)"
description: description:
@@ -34,8 +34,8 @@ extends_documentation_fragment:
- kubernetes.core.k8s_auth_options - kubernetes.core.k8s_auth_options
- kubernetes.core.k8s_name_options - kubernetes.core.k8s_name_options
requirements: requirements:
- "python >= 3.6" - "python >= 3.9"
- "kubernetes >= 12.0.0" - "kubernetes >= 24.2.0"
- "PyYAML >= 3.11" - "PyYAML >= 3.11"
""" """

16
plugins/modules/k8s_scale.py
View File

@@ -6,7 +6,6 @@
from __future__ import absolute_import, division, print_function from __future__ import absolute_import, division, print_function
__metaclass__ = type __metaclass__ = type
@@ -46,8 +45,8 @@ options:
version_added: 2.0.0 version_added: 2.0.0
requirements: requirements:
- "python >= 3.6" - "python >= 3.9"
- "kubernetes >= 12.0.0" - "kubernetes >= 24.2.0"
- "PyYAML >= 3.11" - "PyYAML >= 3.11"
""" """
@@ -151,14 +150,13 @@ except ImportError:
pass pass
from ansible.module_utils._text import to_native from ansible.module_utils._text import to_native
from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import ( from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import (
AnsibleModule, AnsibleModule,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.args_common import ( from ansible_collections.kubernetes.core.plugins.module_utils.args_common import (
AUTH_ARG_SPEC, AUTH_ARG_SPEC,
RESOURCE_ARG_SPEC,
NAME_ARG_SPEC, NAME_ARG_SPEC,
RESOURCE_ARG_SPEC,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import (
get_api_client, get_api_client,
@@ -170,15 +168,15 @@ from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions imp
CoreException, CoreException,
ResourceTimeout, ResourceTimeout,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.resource import (
create_definitions,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.service import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.service import (
diff_objects, diff_objects,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.waiter import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.waiter import (
get_waiter, get_waiter,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.resource import (
create_definitions,
)
SCALE_ARG_SPEC = { SCALE_ARG_SPEC = {
"replicas": {"type": "int", "required": True}, "replicas": {"type": "int", "required": True},
@@ -391,7 +389,7 @@ def scale(
namespace=namespace, namespace=namespace,
) )
if not success: if not success:
raise ResourceTimeout("Resource scaling timed out", **result) raise ResourceTimeout("Resource scaling timed out", result)
match, diffs = diff_objects(existing.to_dict(), result["result"]) match, diffs = diff_objects(existing.to_dict(), result["result"])
result["changed"] = not match result["changed"] = not match

18
plugins/modules/k8s_service.py
View File

@@ -83,8 +83,8 @@ options:
type: bool type: bool
requirements: requirements:
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
""" """
EXAMPLES = r""" EXAMPLES = r"""
@@ -143,7 +143,6 @@ result:
""" """
import copy import copy
from collections import defaultdict from collections import defaultdict
from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import ( from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import (
@@ -154,25 +153,24 @@ from ansible_collections.kubernetes.core.plugins.module_utils.args_common import
COMMON_ARG_SPEC, COMMON_ARG_SPEC,
RESOURCE_ARG_SPEC, RESOURCE_ARG_SPEC,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.core import (
AnsibleK8SModule,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import (
get_api_client, get_api_client,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.core import (
AnsibleK8SModule,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions import (
CoreException, CoreException,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.service import (
K8sService,
)
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.resource import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.resource import (
create_definitions, create_definitions,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.runner import ( from ansible_collections.kubernetes.core.plugins.module_utils.k8s.runner import (
perform_action, perform_action,
) )
from ansible_collections.kubernetes.core.plugins.module_utils.k8s.service import (
K8sService,
)
SERVICE_ARG_SPEC = { SERVICE_ARG_SPEC = {
"apply": {"type": "bool", "default": False}, "apply": {"type": "bool", "default": False},

7
plugins/modules/k8s_taint.py
View File

@@ -13,7 +13,7 @@ __metaclass__ = type
DOCUMENTATION = r""" DOCUMENTATION = r"""
module: k8s_taint module: k8s_taint
short_description: Taint a node in a Kubernetes/OpenShift cluster short_description: Taint a node in a Kubernetes/OpenShift cluster
version_added: "2.3.0" version_added: 2.3.0
author: Alina Buzachis (@alinabuzachis) author: Alina Buzachis (@alinabuzachis)
description: description:
- Taint allows a node to refuse Pod to be scheduled unless that Pod has a matching toleration. - Taint allows a node to refuse Pod to be scheduled unless that Pod has a matching toleration.
@@ -60,8 +60,8 @@ options:
default: false default: false
type: bool type: bool
requirements: requirements:
- python >= 3.6 - python >= 3.9
- kubernetes >= 12.0.0 - kubernetes >= 24.2.0
""" """
EXAMPLES = r""" EXAMPLES = r"""
@@ -127,7 +127,6 @@ result:
import copy import copy
from ansible.module_utils._text import to_native from ansible.module_utils._text import to_native
from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import ( from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule import (
AnsibleModule, AnsibleModule,
) )

2
requirements.txt
View File

@@ -1,3 +1,3 @@
kubernetes>=12.0.0 kubernetes>=24.2.0
requests-oauthlib requests-oauthlib
jsonpatch jsonpatch

5
tests/integration/targets/helm/defaults/main.yml
View File

@@ -3,6 +3,7 @@ helm_default_archive_name: "helm-{{ helm_version }}-{{ ansible_system | lower }}
helm_binary: "/tmp/helm/{{ ansible_system | lower }}-amd64/helm" helm_binary: "/tmp/helm/{{ ansible_system | lower }}-amd64/helm"
chart_test: "ingress-nginx" chart_test: "ingress-nginx"
chart_test_oci: "oci://registry-1.docker.io/bitnamicharts/redis"
chart_test_local_path: "nginx-ingress" chart_test_local_path: "nginx-ingress"
chart_test_version: 4.2.4 chart_test_version: 4.2.4
chart_test_version_local_path: 1.32.0 chart_test_version_local_path: 1.32.0
@@ -24,3 +25,7 @@ test_namespace:
- "helm-local-path-003" - "helm-local-path-003"
- "helm-from-repository" - "helm-from-repository"
- "helm-from-url" - "helm-from-url"
- "helm-reuse-values"
- "helm-chart-with-space-into-name"
- "helm-reset-then-reuse-values"
- "helm-insecure"

130
tests/integration/targets/helm/library/helm_test_pending.py Normal file
View File

@@ -0,0 +1,130 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
# Copyright: (c) 2023, Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = r"""
---
module: helm_test_pending
short_description: created pending-install release
author:
- Aubin Bikouo (@abikouo)
requirements:
- "helm (https://github.com/helm/helm/releases)"
description:
- This module is used to create a pending install release for integration testing
- The scope of this module is the integration testing of the kubernetes.core collection only.
options:
binary_path:
description:
- The path of a helm binary to use.
required: true
type: path
chart_ref:
description:
- chart reference on chart repository (e.g. my-repo/my-chart-ref)
required: true
type: str
chart_release:
description:
- Release name to manage.
required: true
type: str
chart_release_namespace:
description:
- Kubernetes namespace where the chart should be installed.
required: true
type: str
"""
EXAMPLES = r"""
"""
RETURN = r"""
"""
import json
import subprocess
import time
from ansible.module_utils.basic import AnsibleModule
class HelmReleaseNotFoundError(Exception):
def __init__(self, message):
super().__init__(message)
def create_pending_install_release(helm_binary, chart_ref, chart_release, namespace):
# create pending-install release
command = [
helm_binary,
"install",
chart_release,
chart_ref,
"--namespace",
namespace,
"--wait",
]
proc = subprocess.Popen(command)
time.sleep(2)
proc.kill()
# ensure release status is pending-install
command = [
helm_binary,
"list",
"--all",
"--output=json",
"--namespace",
namespace,
"--filter",
chart_release,
]
cmd = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
out, err = cmd.communicate()
data = json.loads(out)
if not data:
error = "Release %s not found." % chart_release
raise HelmReleaseNotFoundError(message=error)
return data[0]["status"] == "pending-install", data[0]["status"]
def main():
module = AnsibleModule(
argument_spec=dict(
binary_path=dict(type="path", required=True),
chart_ref=dict(type="str", required=True),
chart_release=dict(type="str", required=True),
chart_release_namespace=dict(type="str", required=True),
),
)
params = dict(
helm_binary=module.params.get("binary_path"),
chart_release=module.params.get("chart_release"),
chart_ref=module.params.get("chart_ref"),
namespace=module.params.get("chart_release_namespace"),
)
try:
result, status = create_pending_install_release(**params)
if not result:
module.fail_json(
msg="unable to create pending-install release, current status is %s"
% status
)
module.exit_json(changed=True, msg="Release created with status '%s'" % status)
except HelmReleaseNotFoundError as err:
module.fail_json(
msg="Error while trying to create pending-install release due to '%s'" % err
)
if __name__ == "__main__":
main()

4
tests/integration/targets/helm/library/helm_test_version.py
View File

@@ -52,12 +52,12 @@ result:
""" """
import re import re
from ansible.module_utils.basic import AnsibleModule
from ansible_collections.kubernetes.core.plugins.module_utils.version import ( from ansible_collections.kubernetes.core.plugins.module_utils.version import (
LooseVersion, LooseVersion,
) )
from ansible.module_utils.basic import AnsibleModule
def main(): def main():
module = AnsibleModule( module = AnsibleModule(

7
tests/integration/targets/helm/playbook.yaml Normal file
View File

@@ -0,0 +1,7 @@
---
- connection: local
gather_facts: true
hosts: localhost
roles:
- helm

5
tests/integration/targets/helm/runme.sh Executable file
View File

@@ -0,0 +1,5 @@
#!/usr/bin/env bash
set -eux
export ANSIBLE_CALLBACKS_ENABLED=profile_tasks
export ANSIBLE_ROLES_PATH=../
ansible-playbook playbook.yaml "$@"

3
tests/integration/targets/helm/tasks/main.yml
View File

@@ -4,4 +4,5 @@
loop_control: loop_control:
loop_var: helm_version loop_var: helm_version
with_items: with_items:
- "v3.7.0" - "v3.15.4"
- "v3.16.0"

Some files were not shown because too many files have changed in this diff Show More