cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #2715 from viglesiasce/gce-json-credentials

Browse source 
Use JSON credentials for GCE modules
This commit is contained in:
Brian Coca 2016-01-11 18:36:21 -05:00
commit e5d0c015eb
4 changed files with 93 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

88
cloud/google/gce.py
View file

@ -72,8 +72,15 @@ options:
version_added: "1.5.1" version_added: "1.5.1"
description: description:
- path to the pem file associated with the service account email - path to the pem file associated with the service account email
This option is deprecated. Use 'credentials_file'.
required: false required: false
default: null default: null
credentials_file:
version_added: "2.1.0"
description:
- path to the JSON file associated with the service account email
default: null
required: false
project_id: project_id:
version_added: "1.5.1" version_added: "1.5.1"
description: description:
@ -141,7 +148,7 @@ options:
requirements: requirements:
- "python >= 2.6" - "python >= 2.6"
- "apache-libcloud >= 0.13.3" - "apache-libcloud >= 0.13.3, >= 0.17.0 if using JSON credentials"
notes: notes:
- Either I(name) or I(instance_names) is required. - Either I(name) or I(instance_names) is required.
author: "Eric Johnson (@erjohnso) <erjohnso@google.com>" author: "Eric Johnson (@erjohnso) <erjohnso@google.com>"
@ -166,6 +173,9 @@ EXAMPLES = '''
# Launch instances from a control node, runs some tasks on the new instances, # Launch instances from a control node, runs some tasks on the new instances,
# and then terminate them # and then terminate them
# This example uses JSON credentials with the credentials_file parameter
# rather than the deprecated pem_file option with PEM formatted credentials.
- name: Create a sandbox instance - name: Create a sandbox instance
hosts: localhost hosts: localhost
vars: vars:
@ -174,14 +184,15 @@ EXAMPLES = '''
image: debian-6 image: debian-6
zone: us-central1-a zone: us-central1-a
service_account_email: unique-email@developer.gserviceaccount.com service_account_email: unique-email@developer.gserviceaccount.com
pem_file: /path/to/pem_file credentials_file: /path/to/json_file
project_id: project-id project_id: project-id
tasks: tasks:
- name: Launch instances - name: Launch instances
local_action: gce instance_names={{names}} machine_type={{machine_type}} local_action: gce instance_names={{names}} machine_type={{machine_type}}
image={{image}} zone={{zone}} image={{image}} zone={{zone}}
service_account_email={{ service_account_email }} service_account_email={{ service_account_email }}
pem_file={{ pem_file }} project_id={{ project_id }} credentials_file={{ credentials_file }}
project_id={{ project_id }}
register: gce register: gce
- name: Wait for SSH to come up - name: Wait for SSH to come up
local_action: wait_for host={{item.public_ip}} port=22 delay=10 local_action: wait_for host={{item.public_ip}} port=22 delay=10
@ -205,6 +216,30 @@ EXAMPLES = '''
state: 'absent' state: 'absent'
instance_names: {{gce.instance_names}} instance_names: {{gce.instance_names}}
# The deprecated PEM file credentials can be used as follows
- name: Create a sandbox instance with PEM credentials
hosts: localhost
vars:
names: foo,bar
machine_type: n1-standard-1
image: debian-6
zone: us-central1-a
service_account_email: unique-email@developer.gserviceaccount.com
pem_file: /path/to/pem_file
project_id: project-id
tasks:
- name: Launch instances
local_action: gce instance_names={{names}} machine_type={{machine_type}}
image={{image}} zone={{zone}}
service_account_email={{ service_account_email }}
pem_file={{ pem_file }}
project_id={{ project_id }}
register: gce
- name: Wait for SSH to come up
local_action: wait_for host={{item.public_ip}} port=22 delay=10
timeout=60 state=started
with_items: {{gce.instance_data}}
''' '''
try: try:
@ -453,34 +488,35 @@ def terminate_instances(module, gce, instance_names, zone_name):
def main(): def main():
module = AnsibleModule( module = AnsibleModule(
argument_spec=dict( argument_spec = dict(
image=dict(default='debian-7'), image = dict(default='debian-7'),
instance_names=dict(), instance_names = dict(),
machine_type=dict(default='n1-standard-1'), machine_type = dict(default='n1-standard-1'),
metadata=dict(), metadata = dict(),
name=dict(), name = dict(),
network=dict(default='default'), network = dict(default='default'),
persistent_boot_disk=dict(type='bool', default=False), persistent_boot_disk = dict(type='bool', default=False),
disks=dict(type='list'), disks = dict(type='list'),
state=dict(choices=['active', 'present', 'absent', 'deleted'], state = dict(choices=['active', 'present', 'absent', 'deleted'],
default='present'), default='present'),
tags=dict(type='list'), tags = dict(type='list'),
zone=dict(default='us-central1-a'), zone = dict(default='us-central1-a'),
service_account_email=dict(), service_account_email = dict(),
service_account_permissions=dict(type='list'), service_account_permissions = dict(type='list'),
pem_file=dict(), pem_file = dict(),
project_id=dict(), credentials_file = dict(),
ip_forward=dict(type='bool', default=False), project_id = dict(),
external_ip=dict(choices=['ephemeral', 'none'], ip_forward = dict(type='bool', default=False),
default='ephemeral'), external_ip = dict(choices=['ephemeral', 'none'],
disk_auto_delete=dict(type='bool', default=True), default='ephemeral'),
disk_auto_delete = dict(type='bool', default=True),
) )
) )
if not HAS_PYTHON26: if not HAS_PYTHON26:
module.fail_json(msg="GCE module requires python's 'ast' module, python v2.6+") module.fail_json(msg="GCE module requires python's 'ast' module, python v2.6+")
if not HAS_LIBCLOUD: if not HAS_LIBCLOUD:
module.fail_json(msg='libcloud with GCE support (0.13.3+) required for this module') module.fail_json(msg='libcloud with GCE support (0.17.0+) required for this module')
gce = gce_connect(module) gce = gce_connect(module)

10
cloud/google/gce_lb.py
View file

@ -120,9 +120,16 @@ options:
version_added: "1.6" version_added: "1.6"
description: description:
- path to the pem file associated with the service account email - path to the pem file associated with the service account email
This option is deprecated. Use 'credentials_file'.
required: false required: false
default: null default: null
aliases: [] aliases: []
credentials_file:
version_added: "2.1.0"
description:
- path to the JSON file associated with the service account email
default: null
required: false
project_id: project_id:
version_added: "1.6" version_added: "1.6"
description: description:
@ -133,7 +140,7 @@ options:
requirements: requirements:
- "python >= 2.6" - "python >= 2.6"
- "apache-libcloud >= 0.13.3" - "apache-libcloud >= 0.13.3, >= 0.17.0 if using JSON credentials"
author: "Eric Johnson (@erjohnso) <erjohnso@google.com>" author: "Eric Johnson (@erjohnso) <erjohnso@google.com>"
''' '''
@ -182,6 +189,7 @@ def main():
state = dict(default='present'), state = dict(default='present'),
service_account_email = dict(), service_account_email = dict(),
pem_file = dict(), pem_file = dict(),
credentials_file = dict(),
project_id = dict(), project_id = dict(),
) )
) )

13
cloud/google/gce_net.py
View file

@ -92,6 +92,14 @@ options:
version_added: "1.6" version_added: "1.6"
description: description:
- path to the pem file associated with the service account email - path to the pem file associated with the service account email
This option is deprecated. Use 'credentials_file'.
required: false
default: null
aliases: []
credentials_file:
version_added: "2.1.0"
description:
- path to the JSON file associated with the service account email
required: false required: false
default: null default: null
aliases: [] aliases: []
@ -105,7 +113,7 @@ options:
requirements: requirements:
- "python >= 2.6" - "python >= 2.6"
- "apache-libcloud >= 0.13.3" - "apache-libcloud >= 0.13.3, >= 0.17.0 if using JSON credentials"
author: "Eric Johnson (@erjohnso) <erjohnso@google.com>" author: "Eric Johnson (@erjohnso) <erjohnso@google.com>"
''' '''
@ -178,12 +186,13 @@ def main():
state = dict(default='present'), state = dict(default='present'),
service_account_email = dict(), service_account_email = dict(),
pem_file = dict(), pem_file = dict(),
credentials_file = dict(),
project_id = dict(), project_id = dict(),
) )
) )
if not HAS_LIBCLOUD: if not HAS_LIBCLOUD:
module.exit_json(msg='libcloud with GCE support (0.13.3+) required for this module') module.exit_json(msg='libcloud with GCE support (0.17.0+) required for this module')
gce = gce_connect(module) gce = gce_connect(module)

13
cloud/google/gce_pd.py
View file

@ -98,6 +98,14 @@ options:
version_added: "1.6" version_added: "1.6"
description: description:
- path to the pem file associated with the service account email - path to the pem file associated with the service account email
This option is deprecated. Use 'credentials_file'.
required: false
default: null
aliases: []
credentials_file:
version_added: "2.1.0"
description:
- path to the JSON file associated with the service account email
required: false required: false
default: null default: null
aliases: [] aliases: []
@ -119,7 +127,7 @@ options:
requirements: requirements:
- "python >= 2.6" - "python >= 2.6"
- "apache-libcloud >= 0.13.3" - "apache-libcloud >= 0.13.3, >= 0.17.0 if using JSON credentials"
author: "Eric Johnson (@erjohnso) <erjohnso@google.com>" author: "Eric Johnson (@erjohnso) <erjohnso@google.com>"
''' '''
@ -158,11 +166,12 @@ def main():
zone = dict(default='us-central1-b'), zone = dict(default='us-central1-b'),
service_account_email = dict(), service_account_email = dict(),
pem_file = dict(), pem_file = dict(),
credentials_file = dict(),
project_id = dict(), project_id = dict(),
) )
) )
if not HAS_LIBCLOUD: if not HAS_LIBCLOUD:
module.fail_json(msg='libcloud with GCE support (0.13.3+) is required for this module') module.fail_json(msg='libcloud with GCE support (0.17.0+) is required for this module')
gce = gce_connect(module) gce = gce_connect(module)