2013-10-02 12:39:45 +05:30
#!/usr/bin/python
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
DOCUMENTATION = '''
- - -
2013-10-04 16:30:54 +05:30
module : gc_storage
2013-10-17 10:49:51 -04:00
version_added : " 1.4 "
2015-04-08 03:20:11 -04:00
short_description : This module manages objects / buckets in Google Cloud Storage .
2013-10-02 12:39:45 +05:30
description :
2013-10-17 10:49:51 -04:00
- This module allows users to manage their objects / buckets in Google Cloud Storage . It allows upload and download operations and can set some canned permissions . It also allows retrieval of URLs for objects for use in playbooks , and retrieval of string contents of objects . This module requires setting the default project in GCS prior to playbook usage . See U ( https : / / developers . google . com / storage / docs / reference / v1 / apiversion1 ) for information about setting the default project .
2013-10-02 12:39:45 +05:30
options :
bucket :
description :
2015-04-08 03:20:11 -04:00
- Bucket name .
2013-10-02 12:39:45 +05:30
required : true
object :
description :
2013-10-17 10:49:51 -04:00
- Keyname of the object inside the bucket . Can be also be used to create " virtual directories " ( see examples ) .
2013-10-02 12:39:45 +05:30
required : false
default : null
src :
description :
- The source file path when performing a PUT operation .
required : false
default : null
dest :
description :
- The destination file path when downloading an object / key with a GET operation .
required : false
2013-10-17 10:49:51 -04:00
force :
2013-10-02 12:39:45 +05:30
description :
2013-10-17 10:49:51 -04:00
- Forces an overwrite either locally on the filesystem or remotely with the object / key . Used with PUT and GET operations .
2013-10-02 12:39:45 +05:30
required : false
2013-10-17 10:49:51 -04:00
default : true
aliases : [ ' overwrite ' ]
2013-10-02 12:39:45 +05:30
permission :
description :
- This option let ' s the user set the canned permissions on the object/bucket that are created. The permissions that can be set are ' private ' , ' public - read ' , ' authenticated - read ' .
required : false
2015-04-08 03:20:11 -04:00
default : private
2015-03-26 23:02:35 +00:00
headers :
2015-07-28 14:00:37 -04:00
version_added : " 2.0 "
2015-03-26 23:02:35 +00:00
description :
- Headers to attach to object .
required : false
2015-04-08 03:20:11 -04:00
default : ' {} '
2013-10-17 10:49:51 -04:00
expiration :
2013-10-04 16:30:54 +05:30
description :
2015-05-04 12:54:03 +01:00
- Time limit ( in seconds ) for the URL generated and returned by GCA when performing a mode = put or mode = get_url operation . This url is only available when public - read is the acl for the object .
2013-10-04 16:30:54 +05:30
required : false
default : null
2013-10-02 12:39:45 +05:30
mode :
description :
2015-04-08 03:20:11 -04:00
- Switches the module behaviour between upload , download , get_url ( return download url ) , get_str ( download object as string ) , create ( bucket ) and delete ( bucket ) .
2013-10-02 12:39:45 +05:30
required : true
default : null
2013-10-21 09:46:21 +05:30
choices : [ ' get ' , ' put ' , ' get_url ' , ' get_str ' , ' delete ' , ' create ' ]
2013-10-02 12:39:45 +05:30
gcs_secret_key :
description :
2015-04-08 03:20:11 -04:00
- GCS secret key . If not set then the value of the GCS_SECRET_KEY environment variable is used .
2013-10-04 16:30:54 +05:30
required : true
2013-10-02 12:39:45 +05:30
default : null
gcs_access_key :
description :
- GCS access key . If not set then the value of the GCS_ACCESS_KEY environment variable is used .
2013-10-04 16:30:54 +05:30
required : true
2013-10-02 12:39:45 +05:30
default : null
2013-10-04 16:30:54 +05:30
2015-05-11 12:15:53 -07:00
requirements :
- " python >= 2.6 "
- " boto >= 2.9 "
2013-10-04 16:30:54 +05:30
2015-06-15 14:41:22 -04:00
author : " Benno Joy (@bennojoy) "
2013-10-02 12:39:45 +05:30
'''
EXAMPLES = '''
2013-10-17 10:49:51 -04:00
# upload some content
2013-10-21 09:46:21 +05:30
- gc_storage : bucket = mybucket object = key . txt src = / usr / local / myfile . txt mode = put permission = public - read
2013-10-17 10:49:51 -04:00
2015-03-26 23:02:35 +00:00
# upload some headers
- gc_storage : bucket = mybucket object = key . txt src = / usr / local / myfile . txt headers = ' { " Content-Encoding " : " gzip " } '
2013-10-17 10:49:51 -04:00
# download some content
2013-10-21 09:46:21 +05:30
- gc_storage : bucket = mybucket object = key . txt dest = / usr / local / myfile . txt mode = get
2013-10-17 10:49:51 -04:00
2013-10-02 12:39:45 +05:30
# Download an object as a string to use else where in your playbook
2013-10-17 10:49:51 -04:00
- gc_storage : bucket = mybucket object = key . txt mode = get_str
2013-10-02 12:39:45 +05:30
# Create an empty bucket
2013-10-17 10:49:51 -04:00
- gc_storage : bucket = mybucket mode = create
2013-10-02 12:39:45 +05:30
# Create a bucket with key as directory
2013-10-17 10:49:51 -04:00
- gc_storage : bucket = mybucket object = / my / directory / path mode = create
2013-10-02 12:39:45 +05:30
# Delete a bucket and all contents
2013-10-17 10:49:51 -04:00
- gc_storage : bucket = mybucket mode = delete
2013-10-02 12:39:45 +05:30
'''
import os
import urlparse
import hashlib
try :
import boto
2015-05-11 12:15:53 -07:00
HAS_BOTO = True
2013-10-02 12:39:45 +05:30
except ImportError :
2015-05-11 12:15:53 -07:00
HAS_BOTO = False
2013-10-02 12:39:45 +05:30
def grant_check ( module , gs , obj ) :
try :
acp = obj . get_acl ( )
if module . params . get ( ' permission ' ) == ' public-read ' :
grant = [ x for x in acp . entries . entry_list if x . scope . type == ' AllUsers ' ]
if not grant :
obj . set_acl ( ' public-read ' )
2013-10-04 16:47:09 +05:30
module . exit_json ( changed = True , result = " The objects permission as been set to public-read " )
2013-10-02 12:39:45 +05:30
if module . params . get ( ' permission ' ) == ' authenticated-read ' :
grant = [ x for x in acp . entries . entry_list if x . scope . type == ' AllAuthenticatedUsers ' ]
if not grant :
obj . set_acl ( ' authenticated-read ' )
2013-10-04 16:47:09 +05:30
module . exit_json ( changed = True , result = " The objects permission as been set to authenticated-read " )
2013-10-02 12:39:45 +05:30
except gs . provider . storage_response_error , e :
module . fail_json ( msg = str ( e ) )
return True
def key_check ( module , gs , bucket , obj ) :
try :
bucket = gs . lookup ( bucket )
key_check = bucket . get_key ( obj )
except gs . provider . storage_response_error , e :
module . fail_json ( msg = str ( e ) )
if key_check :
grant_check ( module , gs , key_check )
return True
else :
return False
def keysum ( module , gs , bucket , obj ) :
bucket = gs . lookup ( bucket )
key_check = bucket . get_key ( obj )
2014-03-28 22:47:46 +02:00
if not key_check :
return None
md5_remote = key_check . etag [ 1 : - 1 ]
etag_multipart = ' - ' in md5_remote # Check for multipart, etag is not md5
if etag_multipart is True :
module . fail_json ( msg = " Files uploaded with multipart of gs are not supported with checksum, unable to compute checksum. " )
2013-10-02 12:39:45 +05:30
return md5_remote
def bucket_check ( module , gs , bucket ) :
try :
result = gs . lookup ( bucket )
except gs . provider . storage_response_error , e :
module . fail_json ( msg = str ( e ) )
if result :
grant_check ( module , gs , result )
return True
else :
return False
def create_bucket ( module , gs , bucket ) :
try :
bucket = gs . create_bucket ( bucket )
bucket . set_acl ( module . params . get ( ' permission ' ) )
except gs . provider . storage_response_error , e :
module . fail_json ( msg = str ( e ) )
if bucket :
return True
def delete_bucket ( module , gs , bucket ) :
try :
bucket = gs . lookup ( bucket )
bucket_contents = bucket . list ( )
for key in bucket_contents :
bucket . delete_key ( key . name )
bucket . delete ( )
return True
except gs . provider . storage_response_error , e :
module . fail_json ( msg = str ( e ) )
def delete_key ( module , gs , bucket , obj ) :
try :
bucket = gs . lookup ( bucket )
bucket . delete_key ( obj )
module . exit_json ( msg = " Object deleted from bucket " , changed = True )
except gs . provider . storage_response_error , e :
module . fail_json ( msg = str ( e ) )
def create_dirkey ( module , gs , bucket , obj ) :
try :
bucket = gs . lookup ( bucket )
key = bucket . new_key ( obj )
key . set_contents_from_string ( ' ' )
module . exit_json ( msg = " Virtual directory %s created in bucket %s " % ( obj , bucket . name ) , changed = True )
except gs . provider . storage_response_error , e :
module . fail_json ( msg = str ( e ) )
def path_check ( path ) :
if os . path . exists ( path ) :
return True
else :
return False
2015-03-26 23:02:35 +00:00
def transform_headers ( headers ) :
"""
Boto url - encodes values unless we convert the value to ` str ` , so doing
this prevents ' max-age=100000 ' from being converted to " max-age % 3D100000 " .
: param headers : Headers to convert
: type headers : dict
: rtype : dict
"""
2015-04-03 16:35:16 -05:00
for key , value in headers . items ( ) :
headers [ key ] = str ( value )
return headers
2015-03-26 23:02:35 +00:00
2013-10-02 12:39:45 +05:30
def upload_gsfile ( module , gs , bucket , obj , src , expiry ) :
try :
bucket = gs . lookup ( bucket )
key = bucket . new_key ( obj )
2015-03-26 23:02:35 +00:00
key . set_contents_from_filename (
filename = src ,
headers = transform_headers ( module . params . get ( ' headers ' ) )
)
2013-10-02 12:39:45 +05:30
key . set_acl ( module . params . get ( ' permission ' ) )
url = key . generate_url ( expiry )
module . exit_json ( msg = " PUT operation complete " , url = url , changed = True )
except gs . provider . storage_copy_error , e :
module . fail_json ( msg = str ( e ) )
def download_gsfile ( module , gs , bucket , obj , dest ) :
try :
bucket = gs . lookup ( bucket )
key = bucket . lookup ( obj )
key . get_contents_to_filename ( dest )
module . exit_json ( msg = " GET operation complete " , changed = True )
except gs . provider . storage_copy_error , e :
module . fail_json ( msg = str ( e ) )
def download_gsstr ( module , gs , bucket , obj ) :
try :
bucket = gs . lookup ( bucket )
key = bucket . lookup ( obj )
contents = key . get_contents_as_string ( )
module . exit_json ( msg = " GET operation complete " , contents = contents , changed = True )
except gs . provider . storage_copy_error , e :
module . fail_json ( msg = str ( e ) )
def get_download_url ( module , gs , bucket , obj , expiry ) :
try :
bucket = gs . lookup ( bucket )
key = bucket . lookup ( obj )
url = key . generate_url ( expiry )
2013-10-17 10:49:51 -04:00
module . exit_json ( msg = " Download url: " , url = url , expiration = expiry , changed = True )
2013-10-02 12:39:45 +05:30
except gs . provider . storage_response_error , e :
module . fail_json ( msg = str ( e ) )
2013-10-04 16:30:54 +05:30
def handle_get ( module , gs , bucket , obj , overwrite , dest ) :
md5_remote = keysum ( module , gs , bucket , obj )
2014-11-13 20:58:00 -05:00
md5_local = module . md5 ( dest )
2013-10-22 09:03:52 +05:30
if md5_local == md5_remote :
2013-10-17 10:49:51 -04:00
module . exit_json ( changed = False )
2013-10-21 09:46:21 +05:30
if md5_local != md5_remote and not overwrite :
module . exit_json ( msg = " WARNING: Checksums do not match. Use overwrite parameter to force download. " , failed = True )
2013-10-04 16:30:54 +05:30
else :
2013-10-17 10:49:51 -04:00
download_gsfile ( module , gs , bucket , obj , dest )
2013-10-04 16:30:54 +05:30
2013-10-17 10:49:51 -04:00
def handle_put ( module , gs , bucket , obj , overwrite , src , expiration ) :
2013-10-04 16:30:54 +05:30
# Lets check to see if bucket exists to get ground truth.
bucket_rc = bucket_check ( module , gs , bucket )
key_rc = key_check ( module , gs , bucket , obj )
# Lets check key state. Does it exist and if it does, compute the etag md5sum.
if bucket_rc and key_rc :
md5_remote = keysum ( module , gs , bucket , obj )
2014-11-13 20:58:00 -05:00
md5_local = module . md5 ( src )
2013-10-22 09:03:52 +05:30
if md5_local == md5_remote :
module . exit_json ( msg = " Local and remote object are identical " , changed = False )
2013-10-21 09:46:21 +05:30
if md5_local != md5_remote and not overwrite :
module . exit_json ( msg = " WARNING: Checksums do not match. Use overwrite parameter to force upload. " , failed = True )
2013-10-04 16:30:54 +05:30
else :
2013-10-21 09:46:21 +05:30
upload_gsfile ( module , gs , bucket , obj , src , expiration )
2013-10-04 16:30:54 +05:30
if not bucket_rc :
create_bucket ( module , gs , bucket )
2013-10-17 10:49:51 -04:00
upload_gsfile ( module , gs , bucket , obj , src , expiration )
2013-10-04 16:30:54 +05:30
# If bucket exists but key doesn't, just upload.
if bucket_rc and not key_rc :
2013-10-17 10:49:51 -04:00
upload_gsfile ( module , gs , bucket , obj , src , expiration )
2013-10-04 16:30:54 +05:30
def handle_delete ( module , gs , bucket , obj ) :
if bucket and not obj :
if bucket_check ( module , gs , bucket ) :
module . exit_json ( msg = " Bucket %s and all keys have been deleted. " % bucket , changed = delete_bucket ( module , gs , bucket ) )
else :
module . exit_json ( msg = " Bucket does not exist. " , changed = False )
if bucket and obj :
if bucket_check ( module , gs , bucket ) :
if key_check ( module , gs , bucket , obj ) :
module . exit_json ( msg = " Object has been deleted. " , changed = delete_key ( module , gs , bucket , obj ) )
else :
module . exit_json ( msg = " Object does not exists. " , changed = False )
else :
module . exit_json ( msg = " Bucket does not exist. " , changed = False )
else :
module . fail_json ( msg = " Bucket or Bucket & object parameter is required. " , failed = True )
def handle_create ( module , gs , bucket , obj ) :
if bucket and not obj :
if bucket_check ( module , gs , bucket ) :
module . exit_json ( msg = " Bucket already exists. " , changed = False )
else :
2014-04-29 10:41:05 -04:00
module . exit_json ( msg = " Bucket created successfully " , changed = create_bucket ( module , gs , bucket ) )
2013-10-04 16:30:54 +05:30
if bucket and obj :
2014-12-12 11:22:20 -08:00
if obj . endswith ( ' / ' ) :
dirobj = obj
else :
dirobj = obj + " / "
2013-10-04 16:30:54 +05:30
if bucket_check ( module , gs , bucket ) :
if key_check ( module , gs , bucket , dirobj ) :
module . exit_json ( msg = " Bucket %s and key %s already exists. " % ( bucket , obj ) , changed = False )
else :
create_dirkey ( module , gs , bucket , dirobj )
else :
create_bucket ( module , gs , bucket )
create_dirkey ( module , gs , bucket , dirobj )
2013-10-02 12:39:45 +05:30
def main ( ) :
module = AnsibleModule (
argument_spec = dict (
bucket = dict ( required = True ) ,
object = dict ( default = None ) ,
src = dict ( default = None ) ,
dest = dict ( default = None ) ,
2013-10-17 10:49:51 -04:00
expiration = dict ( default = 600 , aliases = [ ' expiry ' ] ) ,
mode = dict ( choices = [ ' get ' , ' put ' , ' delete ' , ' create ' , ' get_url ' , ' get_str ' ] , required = True ) ,
2013-10-02 12:39:45 +05:30
permission = dict ( choices = [ ' private ' , ' public-read ' , ' authenticated-read ' ] , default = ' private ' ) ,
2015-03-26 23:02:35 +00:00
headers = dict ( type = ' dict ' , default = { } ) ,
2013-10-04 16:30:54 +05:30
gs_secret_key = dict ( no_log = True , required = True ) ,
gs_access_key = dict ( required = True ) ,
2013-10-17 10:49:51 -04:00
overwrite = dict ( default = True , type = ' bool ' , aliases = [ ' force ' ] ) ,
2013-10-02 12:39:45 +05:30
) ,
)
2015-05-11 12:15:53 -07:00
if not HAS_BOTO :
module . fail_json ( msg = ' boto 2.9+ required for this module ' )
2013-10-04 16:30:54 +05:30
bucket = module . params . get ( ' bucket ' )
obj = module . params . get ( ' object ' )
src = module . params . get ( ' src ' )
dest = module . params . get ( ' dest ' )
2013-10-02 12:39:45 +05:30
if dest :
2013-10-04 16:30:54 +05:30
dest = os . path . expanduser ( dest )
mode = module . params . get ( ' mode ' )
2013-10-21 09:46:21 +05:30
expiry = module . params . get ( ' expiration ' )
2013-10-02 12:39:45 +05:30
gs_secret_key = module . params . get ( ' gs_secret_key ' )
gs_access_key = module . params . get ( ' gs_access_key ' )
2013-10-04 16:30:54 +05:30
overwrite = module . params . get ( ' overwrite ' )
2013-10-02 12:39:45 +05:30
if mode == ' put ' :
2013-10-04 16:30:54 +05:30
if not src or not object :
2014-04-29 10:41:05 -04:00
module . fail_json ( msg = " When using PUT, src, bucket, object are mandatory parameters " )
2013-10-02 12:39:45 +05:30
if mode == ' get ' :
2013-10-04 16:30:54 +05:30
if not dest or not object :
2014-04-29 10:41:05 -04:00
module . fail_json ( msg = " When using GET, dest, bucket, object are mandatory parameters " )
2013-10-02 12:39:45 +05:30
if obj :
obj = os . path . expanduser ( module . params [ ' object ' ] )
try :
gs = boto . connect_gs ( gs_access_key , gs_secret_key )
except boto . exception . NoAuthHandlerFound , e :
module . fail_json ( msg = str ( e ) )
if mode == ' get ' :
2013-10-04 16:30:54 +05:30
if not bucket_check ( module , gs , bucket ) or not key_check ( module , gs , bucket , obj ) :
module . fail_json ( msg = " Target bucket/key cannot be found " , failed = True )
if not path_check ( dest ) :
2013-10-02 12:39:45 +05:30
download_gsfile ( module , gs , bucket , obj , dest )
2013-10-04 16:30:54 +05:30
else :
handle_get ( module , gs , bucket , obj , overwrite , dest )
2013-10-02 12:39:45 +05:30
if mode == ' put ' :
2013-10-04 16:30:54 +05:30
if not path_check ( src ) :
2013-10-02 12:39:45 +05:30
module . fail_json ( msg = " Local object for PUT does not exist " , failed = True )
2013-10-04 16:30:54 +05:30
handle_put ( module , gs , bucket , obj , overwrite , src , expiry )
2013-10-02 12:39:45 +05:30
# Support for deleting an object if we have both params.
if mode == ' delete ' :
2013-10-04 16:30:54 +05:30
handle_delete ( module , gs , bucket , obj )
2013-10-02 12:39:45 +05:30
if mode == ' create ' :
2013-10-04 16:30:54 +05:30
handle_create ( module , gs , bucket , obj )
2013-10-17 10:49:51 -04:00
if mode == ' get_url ' :
2013-10-02 12:39:45 +05:30
if bucket and obj :
2013-10-04 16:30:54 +05:30
if bucket_check ( module , gs , bucket ) and key_check ( module , gs , bucket , obj ) :
get_download_url ( module , gs , bucket , obj , expiry )
2013-10-02 12:39:45 +05:30
else :
2013-10-17 10:49:51 -04:00
module . fail_json ( msg = " Key/Bucket does not exist " , failed = True )
2013-10-02 12:39:45 +05:30
else :
module . fail_json ( msg = " Bucket and Object parameters must be set " , failed = True )
2013-10-04 16:30:54 +05:30
# --------------------------- Get the String contents of an Object -------------------------
2013-10-17 10:49:51 -04:00
if mode == ' get_str ' :
2013-10-02 12:39:45 +05:30
if bucket and obj :
2013-10-04 16:30:54 +05:30
if bucket_check ( module , gs , bucket ) and key_check ( module , gs , bucket , obj ) :
download_gsstr ( module , gs , bucket , obj )
2013-10-02 12:39:45 +05:30
else :
2013-10-17 10:49:51 -04:00
module . fail_json ( msg = " Key/Bucket does not exist " , failed = True )
2013-10-04 16:30:54 +05:30
else :
module . fail_json ( msg = " Bucket and Object parameters must be set " , failed = True )
2013-10-02 12:39:45 +05:30
2013-12-02 15:13:49 -05:00
# import module snippets
2013-12-02 15:11:23 -05:00
from ansible . module_utils . basic import *
2015-05-11 12:15:53 -07:00
if __name__ == ' __main__ ' :
main ( )