Merge pull request #2715 from viglesiasce/gce-json-credentials

Use JSON credentials for GCE modules
2016-01-11 18:36:21 -05:00 · 2016-01-11 18:36:21 -05:00 · e5d0c015eb
commit e5d0c015eb
parent 4d19ee903c 5a0965cfcd
4 changed files with 93 additions and 31 deletions
--- a/cloud/google/gce.py
+++ b/cloud/google/gce.py
@ -72,8 +72,15 @@ options:
    version_added: "1.5.1"
    description:
      - path to the pem file associated with the service account email
+        This option is deprecated. Use 'credentials_file'.
    required: false
    default: null
+  credentials_file:
+    version_added: "2.1.0"
+    description:
+      - path to the JSON file associated with the service account email
+    default: null
+    required: false
  project_id:
    version_added: "1.5.1"
    description:
@ -141,7 +148,7 @@ options:

 requirements:
    - "python >= 2.6"
-    - "apache-libcloud >= 0.13.3"
+    - "apache-libcloud >= 0.13.3, >= 0.17.0 if using JSON credentials"
 notes:
  - Either I(name) or I(instance_names) is required.
 author: "Eric Johnson (@erjohnso) <erjohnso@google.com>"
@ -166,6 +173,9 @@ EXAMPLES = '''

 # Launch instances from a control node, runs some tasks on the new instances,
 # and then terminate them
+# This example uses JSON credentials with the credentials_file parameter
+# rather than the deprecated pem_file option with PEM formatted credentials.
+
 - name: Create a sandbox instance
  hosts: localhost
  vars:
@ -174,14 +184,15 @@ EXAMPLES = '''
    image: debian-6
    zone: us-central1-a
    service_account_email: unique-email@developer.gserviceaccount.com
-    pem_file: /path/to/pem_file
+    credentials_file: /path/to/json_file
    project_id: project-id
  tasks:
    - name: Launch instances
      local_action: gce instance_names={{names}} machine_type={{machine_type}}
-                    image={{image}} zone={{zone}}
+                    image={{image}} zone={{zone}} 
                    service_account_email={{ service_account_email }}
-                    pem_file={{ pem_file }} project_id={{ project_id }}
+                    credentials_file={{ credentials_file }}
+                    project_id={{ project_id }}
      register: gce
    - name: Wait for SSH to come up
      local_action: wait_for host={{item.public_ip}} port=22 delay=10
@ -205,6 +216,30 @@ EXAMPLES = '''
        state: 'absent'
        instance_names: {{gce.instance_names}}

+# The deprecated PEM file credentials can be used as follows
+- name: Create a sandbox instance with PEM credentials
+  hosts: localhost
+  vars:
+    names: foo,bar
+    machine_type: n1-standard-1
+    image: debian-6
+    zone: us-central1-a
+    service_account_email: unique-email@developer.gserviceaccount.com
+    pem_file: /path/to/pem_file
+    project_id: project-id
+  tasks:
+    - name: Launch instances
+      local_action: gce instance_names={{names}} machine_type={{machine_type}}
+                    image={{image}} zone={{zone}}
+                    service_account_email={{ service_account_email }}
+                    pem_file={{ pem_file }}
+                    project_id={{ project_id }}
+      register: gce
+    - name: Wait for SSH to come up
+      local_action: wait_for host={{item.public_ip}} port=22 delay=10
+                    timeout=60 state=started
+      with_items: {{gce.instance_data}}
+
 '''

 try:
@ -453,34 +488,35 @@ def terminate_instances(module, gce, instance_names, zone_name):

 def main():
    module = AnsibleModule(
-        argument_spec=dict(
-            image=dict(default='debian-7'),
-            instance_names=dict(),
-            machine_type=dict(default='n1-standard-1'),
-            metadata=dict(),
-            name=dict(),
-            network=dict(default='default'),
-            persistent_boot_disk=dict(type='bool', default=False),
-            disks=dict(type='list'),
-            state=dict(choices=['active', 'present', 'absent', 'deleted'],
-                       default='present'),
-            tags=dict(type='list'),
-            zone=dict(default='us-central1-a'),
-            service_account_email=dict(),
-            service_account_permissions=dict(type='list'),
-            pem_file=dict(),
-            project_id=dict(),
-            ip_forward=dict(type='bool', default=False),
-            external_ip=dict(choices=['ephemeral', 'none'],
-                             default='ephemeral'),
-            disk_auto_delete=dict(type='bool', default=True),
+        argument_spec = dict(
+            image = dict(default='debian-7'),
+            instance_names = dict(),
+            machine_type = dict(default='n1-standard-1'),
+            metadata = dict(),
+            name = dict(),
+            network = dict(default='default'),
+            persistent_boot_disk = dict(type='bool', default=False),
+            disks = dict(type='list'),
+            state = dict(choices=['active', 'present', 'absent', 'deleted'],
+                         default='present'),
+            tags = dict(type='list'),
+            zone = dict(default='us-central1-a'),
+            service_account_email = dict(),
+            service_account_permissions = dict(type='list'),
+            pem_file = dict(),
+            credentials_file = dict(),
+            project_id = dict(),
+            ip_forward = dict(type='bool', default=False),
+            external_ip = dict(choices=['ephemeral', 'none'],
+                               default='ephemeral'),
+            disk_auto_delete = dict(type='bool', default=True),
        )
    )

    if not HAS_PYTHON26:
        module.fail_json(msg="GCE module requires python's 'ast' module, python v2.6+")
    if not HAS_LIBCLOUD:
-        module.fail_json(msg='libcloud with GCE support (0.13.3+) required for this module')
+        module.fail_json(msg='libcloud with GCE support (0.17.0+) required for this module')

    gce = gce_connect(module)

--- a/cloud/google/gce_lb.py
+++ b/cloud/google/gce_lb.py
@ -120,9 +120,16 @@ options:
    version_added: "1.6"
    description:
      - path to the pem file associated with the service account email
+        This option is deprecated. Use 'credentials_file'.
    required: false
    default: null
    aliases: []
+  credentials_file:
+    version_added: "2.1.0"
+    description:
+      - path to the JSON file associated with the service account email
+    default: null
+    required: false
  project_id:
    version_added: "1.6"
    description:
@ -133,7 +140,7 @@ options:

 requirements:
    - "python >= 2.6"
-    - "apache-libcloud >= 0.13.3"
+    - "apache-libcloud >= 0.13.3, >= 0.17.0 if using JSON credentials"
 author: "Eric Johnson (@erjohnso) <erjohnso@google.com>"
 '''

@ -182,6 +189,7 @@ def main():
            state = dict(default='present'),
            service_account_email = dict(),
            pem_file = dict(),
+            credentials_file = dict(),
            project_id = dict(),
        )
    )
--- a/cloud/google/gce_net.py
+++ b/cloud/google/gce_net.py
@ -92,6 +92,14 @@ options:
    version_added: "1.6"
    description:
      - path to the pem file associated with the service account email
+        This option is deprecated. Use 'credentials_file'.
+    required: false
+    default: null
+    aliases: []
+  credentials_file:
+    version_added: "2.1.0"
+    description:
+      - path to the JSON file associated with the service account email
    required: false
    default: null
    aliases: []
@ -105,7 +113,7 @@ options:

 requirements:
    - "python >= 2.6"
-    - "apache-libcloud >= 0.13.3"
+    - "apache-libcloud >= 0.13.3, >= 0.17.0 if using JSON credentials"
 author: "Eric Johnson (@erjohnso) <erjohnso@google.com>"
 '''

@ -178,12 +186,13 @@ def main():
            state = dict(default='present'),
            service_account_email = dict(),
            pem_file = dict(),
+            credentials_file = dict(),
            project_id = dict(),
        )
    )

    if not HAS_LIBCLOUD:
-        module.exit_json(msg='libcloud with GCE support (0.13.3+) required for this module')
+        module.exit_json(msg='libcloud with GCE support (0.17.0+) required for this module')

    gce = gce_connect(module)

--- a/cloud/google/gce_pd.py
+++ b/cloud/google/gce_pd.py
@ -98,6 +98,14 @@ options:
    version_added: "1.6"
    description:
      - path to the pem file associated with the service account email
+        This option is deprecated. Use 'credentials_file'.
+    required: false
+    default: null
+    aliases: []
+  credentials_file:
+    version_added: "2.1.0"
+    description:
+      - path to the JSON file associated with the service account email
    required: false
    default: null
    aliases: []
@ -119,7 +127,7 @@ options:

 requirements:
    - "python >= 2.6"
-    - "apache-libcloud >= 0.13.3"
+    - "apache-libcloud >= 0.13.3, >= 0.17.0 if using JSON credentials"
 author: "Eric Johnson (@erjohnso) <erjohnso@google.com>"
 '''

@ -158,11 +166,12 @@ def main():
            zone = dict(default='us-central1-b'),
            service_account_email = dict(),
            pem_file = dict(),
+            credentials_file = dict(),
            project_id = dict(),
        )
    )
    if not HAS_LIBCLOUD:
-        module.fail_json(msg='libcloud with GCE support (0.13.3+) is required for this module')
+        module.fail_json(msg='libcloud with GCE support (0.17.0+) is required for this module')

    gce = gce_connect(module)