cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

New Pure Storage FlashBlade module to create S3 users (#47452)

Browse source
This commit is contained in:
Simon Dodsley 2018-10-30 05:49:53 -04:00 committed by John R Barker
parent e09bb00e1d
commit 30e9a21472
1 changed files with 197 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

197
lib/ansible/modules/storage/purestorage/purefb_s3user.py Normal file
View file

@ -0,0 +1,197 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
# (c) 2018, Simon Dodsley (simon@purestorage.com)
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
DOCUMENTATION = r'''
---
module: purefb_s3user
version_added: '2.8'
short_description: Create or delete FlashBlade Object Store account users
description:
- Create or delete object store account users on a Pure Stoage FlashBlade.
author:
- Simon Dodsley (@sdodsley)
options:
state:
description:
- Create or delete object store account user
default: present
choices: [ absent, present ]
name:
description:
- The name of object store user
account:
description:
- The name of object store account associated with user
access_key:
description:
- Create secret access key.
- Key can be exposed using the I(debug) module
type: bool
default: true
extends_documentation_fragment:
- purestorage.fb
'''
EXAMPLES = r'''
- name: Crrate object store user (with access ID and key) foo in account bar
purefb_s3user:
name: foo
account: bar
fb_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
debug:
var: ansible_facts.fb_s3user
- name: Delete object store user foo in account bar
purefb_s3user:
name: foo
account: bar
state: absent
fb_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
'''
RETURN = r'''
'''
HAS_PURITY_FB = True
try:
from purity_fb import ObjectStoreAccessKey
except ImportError:
HAS_PURITY_FB = False
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.pure import get_blade, purefb_argument_spec
MIN_REQUIRED_API_VERSION = '1.3'
def get_s3acc(module, blade):
"""Return Object Store Account or None"""
s3acc = None
accts = blade.object_store_accounts.list_object_store_accounts()
for acct in range(0, len(accts.items)):
if accts.items[acct].name == module.params['account']:
s3acc = accts.items[acct]
return s3acc
def get_s3user(module, blade):
"""Return Object Store Account or None"""
full_user = module.params['account'] + "/" + module.params['name']
s3user = None
s3users = blade.object_store_users.list_object_store_users()
for user in range(0, len(s3users.items)):
if s3users.items[user].name == full_user:
s3user = s3users.items[user]
return s3user
def update_s3user(module, blade):
"""Update Object Store User"""
changed = False
s3user_facts = {}
user = module.params['account'] + "/" + module.params['name']
if module.params['access_key']:
try:
result = blade.object_store_access_keys.create_object_store_access_keys(
object_store_access_key=ObjectStoreAccessKey(user={'name': user}))
s3user_facts['fb_s3user'] = {'user': user,
'access_key': result.items[0].secret_access_key,
'access_id': result.items[0].name}
except:
delete_s3user(module, blade)
module.fail_json(msg='Object Store User {0}: Creation failed'.format(user))
changed = True
module.exit_json(changed=changed, ansible_facts=s3user_facts)
def create_s3user(module, blade):
"""Create Object Store Account"""
s3user_facts = {}
changed = False
user = module.params['account'] + "/" + module.params['name']
try:
blade.object_store_users.create_object_store_users(names=[user])
if module.params['access_key']:
try:
result = blade.object_store_access_keys.create_object_store_access_keys(
object_store_access_key=ObjectStoreAccessKey(user={'name': user}))
s3user_facts['fb_s3user'] = {'user': user,
'access_key': result.items[0].secret_access_key,
'access_id': result.items[0].name}
except:
delete_s3user(module, blade)
module.fail_json(msg='Object Store User {0}: Creation failed'.format(user))
changed = True
except:
module.fail_json(msg='Object Store User {0}: Creation failed'.format(user))
module.exit_json(changed=changed, ansible_facts=s3user_facts)
def delete_s3user(module, blade):
"""Delete Object Store Account"""
changed = False
user = module.params['account'] + "/" + module.params['name']
try:
blade.object_store_users.delete_object_store_users(names=[user])
changed = True
except:
module.fail_json(msg='Object Store Account {0}: Deletion failed'.format(module.params['name']))
module.exit_json(changed=changed)
def main():
argument_spec = purefb_argument_spec()
argument_spec.update(dict(
name=dict(required=True, type='str'),
account=dict(required=True, type='str'),
access_key=dict(default='true', type='bool'),
state=dict(default='present', choices=['present', 'absent']),
))
module = AnsibleModule(argument_spec,
supports_check_mode=False)
if not HAS_PURITY_FB:
module.fail_json(msg='purity_fb sdk is required for this module')
state = module.params['state']
blade = get_blade(module)
versions = blade.api_version.list_versions().versions
if MIN_REQUIRED_API_VERSION not in versions:
module.fail_json(msg='FlashBlade REST version not supported. Minimum version required: {0}'.format(MIN_REQUIRED_API_VERSION))
s3acc = get_s3acc(module, blade)
if not s3acc:
module.fail_json(msg='Object Store Account {0} does not exist'.format(module.params['account']))
s3user = get_s3user(module, blade)
if state == 'absent' and s3user:
delete_s3user(module, blade)
elif state == 'present' and s3user:
update_s3user(module, blade)
elif not s3user and state == 'present':
create_s3user(module, blade)
else:
module.exit_json(changed=False)
if __name__ == '__main__':
main()