diff --git a/plugins/doc_fragments/k8s_auth_options.py b/plugins/doc_fragments/k8s_auth_options.py deleted file mode 100644 index 518c303..0000000 --- a/plugins/doc_fragments/k8s_auth_options.py +++ /dev/null @@ -1,144 +0,0 @@ -# -*- coding: utf-8 -*- - -# Copyright: (c) 2018, Red Hat | Ansible -# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - -# Options for authenticating with the API. - -# DO NOT CHANGE THIS FILE -# Direct copy of: -# https://github.com/ansible-collections/kubernetes.core/blob/23e94b60c1202e67d35903d8f6d298fbb15f35cc/plugins/doc_fragments/k8s_auth_options.py -# Because it is not possible to refer to doc_fragments of dependency collections we need this copy. - -from __future__ import absolute_import, division, print_function - -__metaclass__ = type - - -class ModuleDocFragment(object): - DOCUMENTATION = r""" -options: - host: - description: - - Provide a URL for accessing the API. Can also be specified via K8S_AUTH_HOST environment variable. - type: str - api_key: - description: - - Token used to authenticate with the API. Can also be specified via K8S_AUTH_API_KEY environment variable. - type: str - kubeconfig: - description: - - Path to an existing Kubernetes config file. If not provided, and no other connection - options are provided, the Kubernetes client will attempt to load the default - configuration file from I(~/.kube/config). Can also be specified via K8S_AUTH_KUBECONFIG environment - variable. - - Multiple Kubernetes config file can be provided using separator ';' for Windows platform or ':' for others platforms. - - The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version >= 17.17.0. Added in version 2.2.0. - type: raw - context: - description: - - The name of a context found in the config file. Can also be specified via K8S_AUTH_CONTEXT environment variable. - type: str - username: - description: - - Provide a username for authenticating with the API. Can also be specified via K8S_AUTH_USERNAME environment - variable. - - Please note that this only works with clusters configured to use HTTP Basic Auth. If your cluster has a - different form of authentication (e.g. OAuth2 in OpenShift), this option will not work as expected and you - should look into the M(community.okd.k8s_auth) module, as that might do what you need. - type: str - password: - description: - - Provide a password for authenticating with the API. Can also be specified via K8S_AUTH_PASSWORD environment - variable. - - Please read the description of the C(username) option for a discussion of when this option is applicable. - type: str - client_cert: - description: - - Path to a certificate used to authenticate with the API. Can also be specified via K8S_AUTH_CERT_FILE environment - variable. - type: path - aliases: [ cert_file ] - client_key: - description: - - Path to a key file used to authenticate with the API. Can also be specified via K8S_AUTH_KEY_FILE environment - variable. - type: path - aliases: [ key_file ] - ca_cert: - description: - - Path to a CA certificate used to authenticate with the API. The full certificate chain must be provided to - avoid certificate validation errors. Can also be specified via K8S_AUTH_SSL_CA_CERT environment variable. - type: path - aliases: [ ssl_ca_cert ] - validate_certs: - description: - - Whether or not to verify the API server's SSL certificates. Can also be specified via K8S_AUTH_VERIFY_SSL - environment variable. - type: bool - aliases: [ verify_ssl ] - proxy: - description: - - The URL of an HTTP proxy to use for the connection. Can also be specified via K8S_AUTH_PROXY environment variable. - - Please note that this module does not pick up typical proxy settings from the environment (e.g. HTTP_PROXY). - type: str - no_proxy: - description: - - The comma separated list of hosts/domains/IP/CIDR that shouldn't go through proxy. Can also be specified via K8S_AUTH_NO_PROXY environment variable. - - Please note that this module does not pick up typical proxy settings from the environment (e.g. NO_PROXY). - - This feature requires kubernetes>=19.15.0. When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct. - - example value is "localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16" - type: str - version_added: 2.3.0 - proxy_headers: - description: - - The Header used for the HTTP proxy. - - Documentation can be found here U(https://urllib3.readthedocs.io/en/latest/reference/urllib3.util.html?highlight=proxy_headers#urllib3.util.make_headers). - type: dict - version_added: 2.0.0 - suboptions: - proxy_basic_auth: - type: str - description: - - Colon-separated username:password for proxy basic authentication header. - - Can also be specified via K8S_AUTH_PROXY_HEADERS_PROXY_BASIC_AUTH environment. - basic_auth: - type: str - description: - - Colon-separated username:password for basic authentication header. - - Can also be specified via K8S_AUTH_PROXY_HEADERS_BASIC_AUTH environment. - user_agent: - type: str - description: - - String representing the user-agent you want, such as foo/1.0. - - Can also be specified via K8S_AUTH_PROXY_HEADERS_USER_AGENT environment. - persist_config: - description: - - Whether or not to save the kube config refresh tokens. - Can also be specified via K8S_AUTH_PERSIST_CONFIG environment variable. - - When the k8s context is using a user credentials with refresh tokens (like oidc or gke/gcloud auth), - the token is refreshed by the k8s python client library but not saved by default. So the old refresh token can - expire and the next auth might fail. Setting this flag to true will tell the k8s python client to save the - new refresh token to the kube config file. - - Default to false. - - Please note that the current version of the k8s python client library does not support setting this flag to True yet. - - "The fix for this k8s python library is here: https://github.com/kubernetes-client/python-base/pull/169" - type: bool - impersonate_user: - description: - - Username to impersonate for the operation. - - Can also be specified via K8S_AUTH_IMPERSONATE_USER environment. - type: str - version_added: 2.3.0 - impersonate_groups: - description: - - Group(s) to impersonate for the operation. - - "Can also be specified via K8S_AUTH_IMPERSONATE_GROUPS environment. Example: Group1,Group2" - type: list - elements: str - version_added: 2.3.0 -notes: - - "To avoid SSL certificate validation errors when C(validate_certs) is I(True), the full - certificate chain for the API server must be provided via C(ca_cert) or in the - kubeconfig file." -""" diff --git a/plugins/doc_fragments/k8s_delete_options.py b/plugins/doc_fragments/k8s_delete_options.py deleted file mode 100644 index 2f5447b..0000000 --- a/plugins/doc_fragments/k8s_delete_options.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- - -# Copyright: (c) 2020, Red Hat | Ansible -# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - -# Options for specifying object wait - -# DO NOT CHANGE THIS FILE -# Direct copy of: -# https://github.com/ansible-collections/kubernetes.core/blob/23e94b60c1202e67d35903d8f6d298fbb15f35cc/plugins/doc_fragments/k8s_delete_options.py -# Because it is not possible to refer to doc_fragments of dependency collections we need this copy. - -from __future__ import absolute_import, division, print_function - -__metaclass__ = type - - -class ModuleDocFragment(object): - DOCUMENTATION = r""" -options: - delete_options: - type: dict - version_added: '1.2.0' - description: - - Configure behavior when deleting an object. - - Only used when I(state=absent). - suboptions: - propagationPolicy: - type: str - description: - - Use to control how dependent objects are deleted. - - If not specified, the default policy for the object type will be used. This may vary across object types. - choices: - - "Foreground" - - "Background" - - "Orphan" - gracePeriodSeconds: - type: int - description: - - Specify how many seconds to wait before forcefully terminating. - - Only implemented for Pod resources. - - If not specified, the default grace period for the object type will be used. - preconditions: - type: dict - description: - - Specify condition that must be met for delete to proceed. - suboptions: - resourceVersion: - type: str - description: - - Specify the resource version of the target object. - uid: - type: str - description: - - Specify the UID of the target object. -""" diff --git a/plugins/doc_fragments/k8s_state_options.py b/plugins/doc_fragments/k8s_state_options.py deleted file mode 100644 index 90cbf3a..0000000 --- a/plugins/doc_fragments/k8s_state_options.py +++ /dev/null @@ -1,35 +0,0 @@ -# -*- coding: utf-8 -*- - -# Copyright: (c) 2018, Red Hat | Ansible -# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - -# Options for specifying object state - -# DO NOT CHANGE THIS FILE -# Direct copy of: -# https://github.com/ansible-collections/kubernetes.core/blob/23e94b60c1202e67d35903d8f6d298fbb15f35cc/plugins/doc_fragments/k8s_state_options.py -# Because it is not possible to refer to doc_fragments of dependency collections we need this copy. - -from __future__ import absolute_import, division, print_function - -__metaclass__ = type - - -class ModuleDocFragment(object): - DOCUMENTATION = r""" -options: - state: - description: - - Determines if an object should be created, patched, or deleted. When set to C(present), an object will be - created, if it does not already exist. If set to C(absent), an existing object will be deleted. If set to - C(present), an existing object will be patched, if its attributes differ from those specified using - I(resource_definition) or I(src). - type: str - default: present - choices: [ absent, present ] - force: - description: - - If set to C(yes), and I(state) is C(present), an existing object will be replaced. - type: bool - default: no -""" diff --git a/plugins/doc_fragments/kubevirt_auth_options.py b/plugins/doc_fragments/kubevirt_auth_options.py new file mode 100644 index 0000000..712abee --- /dev/null +++ b/plugins/doc_fragments/kubevirt_auth_options.py @@ -0,0 +1,134 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Red Hat, Inc. +# Based on the kubernetes.core.k8s_auth_options doc fragment +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + + +class ModuleDocFragment(object): + DOCUMENTATION = """ +options: + host: + description: + - Provide a URL for accessing the API. + - Can also be specified via E(K8S_AUTH_HOST) environment variable. + type: str + api_key: + description: + - Token used to authenticate with the API. + - Can also be specified via E(K8S_AUTH_API_KEY) environment variable. + type: str + kubeconfig: + description: + - Path to an existing Kubernetes config file. If not provided, and no other connection + options are provided, the Kubernetes client will attempt to load the default + configuration file from I(~/.kube/config). + - Can also be specified via E(K8S_AUTH_KUBECONFIG) environment variable. + - Multiple Kubernetes config file can be provided using separator C(;) for Windows platform or C(:) for others platforms. + - The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version >= 17.17.0. Added in version 2.2.0. + type: raw + context: + description: + - The name of a context found in the config file. + - Can also be specified via E(K8S_AUTH_CONTEXT) environment variable. + type: str + username: + description: + - Provide a username for authenticating with the API. + - Can also be specified via E(K8S_AUTH_USERNAME) environment variable. + type: str + password: + description: + - Provide a password for authenticating with the API. + - Can also be specified via E(K8S_AUTH_PASSWORD) environment variable. + - Please read the description of the O(username) option for a discussion of when this option is applicable. + type: str + client_cert: + description: + - Path to a certificate used to authenticate with the API. + - Can also be specified via E(K8S_AUTH_CERT_FILE) environment variable. + type: path + aliases: [ cert_file ] + client_key: + description: + - Path to a key file used to authenticate with the API. + - Can also be specified via E(K8S_AUTH_KEY_FILE) environment variable. + type: path + aliases: [ key_file ] + ca_cert: + description: + - Path to a CA certificate used to authenticate with the API. The full certificate chain must be provided to + avoid certificate validation errors. + - Can also be specified via E(K8S_AUTH_SSL_CA_CERT) environment variable. + type: path + aliases: [ ssl_ca_cert ] + validate_certs: + description: + - Whether or not to verify the API server's SSL certificates. + - Can also be specified via E(K8S_AUTH_VERIFY_SSL) environment variable. + type: bool + aliases: [ verify_ssl ] + proxy: + description: + - The URL of an HTTP proxy to use for the connection. + - Can also be specified via E(K8S_AUTH_PROXY) environment variable. + - Please note that this module does not pick up typical proxy settings from the environment (e.g. E(HTTP_PROXY)). + type: str + no_proxy: + description: + - The comma separated list of hosts/domains/IP/CIDR that shouldn't go through proxy. + - Can also be specified via E(K8S_AUTH_NO_PROXY) environment variable. + - Please note that this module does not pick up typical proxy settings from the environment (e.g. E(NO_PROXY)). + - This feature requires C(kubernetes>=19.15.0). When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct. + - Example value is C(localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16). + type: str + proxy_headers: + description: + - The Header used for the HTTP proxy. + - Documentation can be found here U(https://urllib3.readthedocs.io/en/latest/reference/urllib3.util.html?highlight=proxy_headers#urllib3.util.make_headers). + type: dict + suboptions: + proxy_basic_auth: + description: + - Colon-separated username:password for proxy basic authentication header. + - Can also be specified via E(K8S_AUTH_PROXY_HEADERS_PROXY_BASIC_AUTH) environment variable. + type: str + basic_auth: + description: + - Colon-separated username:password for basic authentication header. + - Can also be specified via E(K8S_AUTH_PROXY_HEADERS_BASIC_AUTH) environment variable. + type: str + user_agent: + description: + - String representing the user-agent you want, such as foo/1.0. + - Can also be specified via E(K8S_AUTH_PROXY_HEADERS_USER_AGENT) environment variable. + type: str + persist_config: + description: + - Whether or not to save the kube config refresh tokens. + - Can also be specified via E(K8S_AUTH_PERSIST_CONFIG) environment variable. + - When the k8s context is using a user credentials with refresh tokens (like oidc or gke/gcloud auth), + the token is refreshed by the k8s python client library but not saved by default. So the old refresh token can + expire and the next auth might fail. Setting this flag to true will tell the k8s python client to save the + new refresh token to the kube config file. + - Disabled by default. + type: bool + impersonate_user: + description: + - Username to impersonate for the operation. + - Can also be specified via E(K8S_AUTH_IMPERSONATE_USER) environment variable. + type: str + impersonate_groups: + description: + - Group(s) to impersonate for the operation. + - Can also be specified via E(K8S_AUTH_IMPERSONATE_GROUPS) environment variable, e.g. C(Group1,Group2). + type: list + elements: str +notes: + - "To avoid SSL certificate validation errors when O(validate_certs=yes), the full + certificate chain for the API server must be provided via O(ca_cert) or in the + O(kubeconfig) file." +""" diff --git a/plugins/modules/kubevirt_vm.py b/plugins/modules/kubevirt_vm.py index 7f742ef..07f07b9 100644 --- a/plugins/modules/kubevirt_vm.py +++ b/plugins/modules/kubevirt_vm.py @@ -23,9 +23,7 @@ description: - Supports check mode. extends_documentation_fragment: -- kubevirt.core.k8s_auth_options -- kubevirt.core.k8s_state_options -- kubevirt.core.k8s_delete_options +- kubevirt.core.kubevirt_auth_options options: api_version: @@ -103,6 +101,50 @@ options: - Ignored if O(wait) is not set. default: 120 type: int + delete_options: + description: + - Configure behavior when deleting an object. + - Only used when O(state=absent). + type: dict + suboptions: + propagationPolicy: + description: + - Use to control how dependent objects are deleted. + - If not specified, the default policy for the object type will be used. This may vary across object types. + type: str + choices: + - Foreground + - Background + - Orphan + preconditions: + description: + - Specify condition that must be met for delete to proceed. + type: dict + suboptions: + resourceVersion: + description: + - Specify the resource version of the target object. + type: str + uid: + description: + - Specify the C(UID) of the target object. + type: str + state: + description: + - Determines if an object should be created, patched, or deleted. + - When set to O(state=present), an object will be created, if it does not already exist. + - If set to O(state=absent), an existing object will be deleted. + - If set to O(state=present), an existing object will be patched, if its attributes differ from those specified. + type: str + default: present + choices: + - absent + - present + force: + description: + - If set to O(force=yes), and O(state=present) is set, an existing object will be replaced. + type: bool + default: no requirements: - "python >= 3.9" @@ -229,7 +271,6 @@ from ansible_collections.kubernetes.core.plugins.module_utils.ansiblemodule impo from ansible_collections.kubernetes.core.plugins.module_utils.args_common import ( AUTH_ARG_SPEC, COMMON_ARG_SPEC, - DELETE_OPTS_ARG_SPEC, ) from ansible_collections.kubernetes.core.plugins.module_utils.k8s import ( runner, @@ -347,14 +388,25 @@ def arg_spec() -> Dict: "wait": {"type": "bool", "default": False}, "wait_sleep": {"type": "int", "default": 5}, "wait_timeout": {"type": "int", "default": 120}, + "delete_options": { + "type": "dict", + "default": None, + "options": { + "propagationPolicy": { + "choices": ["Foreground", "Background", "Orphan"] + }, + "preconditions": { + "type": "dict", + "options": { + "resourceVersion": {"type": "str"}, + "uid": {"type": "str"}, + }, + }, + }, + }, } spec.update(deepcopy(AUTH_ARG_SPEC)) spec.update(deepcopy(COMMON_ARG_SPEC)) - spec["delete_options"] = { - "type": "dict", - "default": None, - "options": deepcopy(DELETE_OPTS_ARG_SPEC), - } return spec diff --git a/plugins/modules/kubevirt_vm_info.py b/plugins/modules/kubevirt_vm_info.py index 422849b..97f12d3 100644 --- a/plugins/modules/kubevirt_vm_info.py +++ b/plugins/modules/kubevirt_vm_info.py @@ -22,6 +22,9 @@ description: - Authenticate using either a config file, certificates, password or token. - Supports check mode. +extends_documentation_fragment: + - kubevirt.core.kubevirt_auth_options + options: api_version: description: @@ -72,9 +75,6 @@ options: default: 120 type: int -extends_documentation_fragment: - - kubevirt.core.k8s_auth_options - requirements: - "python >= 3.9" - "kubernetes >= 28.1.0"