Grafana datasource module : tls_ca_cert or tls_skip_verify options (#36945)

* Allow to set tls_ca_cert or skip verify for grafana datasources

* version_added in documentation for new options tls_skip_verify

* Added default value for tls_skip_verify option in doc

* Fixed author git account

* Updated author

lib/ansible/modules/monitoring/grafana_datasource.py

@@ -1,7 +1,7 @@
 #!/usr/bin/python
 # -*- coding: utf-8 -*-
 
-# Copyright: (c) 2017, Thierry Sallé (@tsalle)
+# Copyright: (c) 2017, Thierry Sallé (@seuf)
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
 
 from __future__ import absolute_import, division, print_function
@@ -16,7 +16,7 @@ DOCUMENTATION = '''
 ---
 module: grafana_datasource
 author:
-  - Thierry Sallé (@tsalle)
+  - Thierry Sallé (@seuf)
 version_added: "2.5"
 short_description: Manage Grafana datasources
 description:
@@ -92,6 +92,12 @@ options:
     description:
       - The TLS CA certificate for self signed certificates.
       - Only used when C(tls_client_cert) and C(tls_client_key) are set.
+  tls_skip_verify:
+    description:
+      - Skip the TLS datasource certificate verification.
+    type: bool
+    default: False
+    version_added: 2.6
   is_default:
     description:
       - Make this datasource the default one.
@@ -156,15 +162,35 @@ EXAMPLES = '''
 ---
 - name: Create elasticsearch datasource
   grafana_datasource:
-    name: my_elastic
+    name: "datasource-elastic"
-    grafana_url: http://grafana.company.com
+    grafana_url: "https://grafana.company.com"
-    ds_type: elasticsearch
+    grafana_user: "admin"
-    url: https://elasticsearch.company.com:9200
+    grafana_password: "xxxxxx"
-    database: my-index_*
+    org_id: "1"
-    basic_auth_user: grafana
+    ds_type: "elasticisearch"
-    basic_auth_password: xxxxxxxx
+    url: "https://elastic.company.com:9200"
-    json_data: '{"esVersion":5, "timeField": "@timestamp"}'
+    database: "[logstash_]YYYY.MM.DD"
-    state: present
+    basic_auth_user: "grafana"
+    basic_auth_password: "******"
+    time_field: "@timestamp"
+    time_interval: "1m"
+    interval: "Daily"
+    es_version: 56
+    max_concurrent_shard_requests: 42
+    tls_ca_cert: "/etc/ssl/certs/ca.pem"
+
+- name: Create influxdb datasource
+  grafana_datasource:
+    name: "datasource-influxdb"
+    grafana_url: "https://grafana.company.com"
+    grafana_user: "admin"
+    grafana_password: "xxxxxx"
+    org_id: "1"
+    ds_type: "influxdb"
+    url: "https://influx.company.com:8086"
+    database: "telegraf"
+    time_interval: ">10s"
+    tls_ca_cert: "/etc/ssl/certs/ca.pem"
 '''
 
 RETURN = '''
@@ -298,6 +324,13 @@ def grafana_create_datasource(module, data):
     else:
         json_data['tlsAuth'] = False
         json_data['tlsAuthWithCACert'] = False
+        if data.get('tls_ca_cert'):
+            payload['secureJsonData'] = {
+                'tlsCACert': data['tls_ca_cert']
+            }
+
+    if data.get('tls_skip_verify'):
+        json_data['tlsSkipVerify'] = True
 
     # datasource type related parameters
     if data['ds_type'] == 'elasticsearch':
@@ -446,6 +479,7 @@ def main():
             tls_client_cert=dict(type='str', no_log=True),
             tls_client_key=dict(type='str', no_log=True),
             tls_ca_cert=dict(type='str', no_log=True),
+            tls_skip_verify=dict(type='bool', default=False),
             is_default=dict(default=False, type='bool'),
             org_id=dict(default=1, type='int'),
             es_version=dict(type='int', default=5, choices=[2, 5, 56]),
@@ -460,7 +494,7 @@ def main():
         ),
         supports_check_mode=False,
         required_together=[['grafana_user', 'grafana_password', 'org_id'], ['tls_client_cert', 'tls_client_key']],
-        mutually_exclusive=[['grafana_user', 'grafana_api_key']],
+        mutually_exclusive=[['grafana_user', 'grafana_api_key'], ['tls_ca_cert', 'tls_skip_verify']],
         required_if=[
             ['ds_type', 'opentsdb', ['tsdb_version', 'tsdb_resolution']],
             ['ds_type', 'influxdb', ['database']],