Add auth key for OpenStack Volume Provider (#40294)
* Add auth key for OpenStack Volume Provider For adding OpenStack Volume Provider we need to also add auth key, value, for Ceph. This patch allows to add/update/remove auth keys. Also fixing the issue for attach cinder SD to the datacenter. * Fixing documentation * Small fixes in ovirt_external_provider module. Fixed doc for param and small changes. * Fix comments from review. Adds conditions for check mode. * Move update auth key method in the module * Remove empty line which pep8 complains about
This commit is contained in:
parent
143bcee962
commit
f224afde49
1 changed files with 136 additions and 10 deletions
|
@ -39,6 +39,8 @@ options:
|
|||
state:
|
||||
description:
|
||||
- "Should the external be present or absent"
|
||||
- "When you are using absent for I(os_volume), you need to make
|
||||
sure that SD is not attached to the data center!"
|
||||
choices: ['present', 'absent']
|
||||
default: present
|
||||
description:
|
||||
|
@ -84,6 +86,15 @@ options:
|
|||
- "Applicable if C(type) is I(network)."
|
||||
choices: ['external', 'neutron']
|
||||
default: ['external']
|
||||
authentication_keys:
|
||||
description:
|
||||
- "List of authentication keys. Each key is represented by dict
|
||||
like {'uuid': 'our-uuid', 'value': 'YourSecretValue=='}"
|
||||
- "When you will not pass these keys and there are already some
|
||||
of them defined in the system they will be removed."
|
||||
- "Applicable for I(os_volume)."
|
||||
default: []
|
||||
version_added: "2.6"
|
||||
extends_documentation_fragment: ovirt
|
||||
'''
|
||||
|
||||
|
@ -95,11 +106,25 @@ EXAMPLES = '''
|
|||
- ovirt_external_provider:
|
||||
name: image_provider
|
||||
type: os_image
|
||||
url: http://10.34.63.71:9292
|
||||
url: http://1.2.3.4:9292
|
||||
username: admin
|
||||
password: 123456
|
||||
tenant: admin
|
||||
auth_url: http://10.34.63.71:35357/v2.0/
|
||||
auth_url: http://1.2.3.4:35357/v2.0
|
||||
|
||||
# Add volume external provider:
|
||||
- ovirt_external_provider:
|
||||
name: image_provider
|
||||
type: os_volume
|
||||
url: http://1.2.3.4:9292
|
||||
username: admin
|
||||
password: 123456
|
||||
tenant: admin
|
||||
auth_url: http://1.2.3.4:5000/v2.0
|
||||
authentication_keys:
|
||||
-
|
||||
uuid: "1234567-a1234-12a3-a234-123abc45678"
|
||||
value: "ABCD00000000111111222333445w=="
|
||||
|
||||
# Add foreman provider:
|
||||
- ovirt_external_provider:
|
||||
|
@ -169,23 +194,49 @@ from ansible.module_utils.ovirt import (
|
|||
)
|
||||
|
||||
|
||||
OS_VOLUME = 'os_volume'
|
||||
OS_IMAGE = 'os_image'
|
||||
NETWORK = 'network'
|
||||
FOREMAN = 'foreman'
|
||||
|
||||
|
||||
class ExternalProviderModule(BaseModule):
|
||||
|
||||
non_provider_params = ['type', 'authentication_keys', 'data_center']
|
||||
|
||||
def provider_type(self, provider_type):
|
||||
self._provider_type = provider_type
|
||||
|
||||
def provider_module_params(self):
|
||||
provider_params = [
|
||||
(key, value) for key, value in self._module.params.items() if key
|
||||
not in self.non_provider_params
|
||||
]
|
||||
provider_params.append(('data_center', self.get_data_center()))
|
||||
return provider_params
|
||||
|
||||
def get_data_center(self):
|
||||
dc_name = self._module.params.get("data_center", None)
|
||||
if dc_name:
|
||||
system_service = self._connection.system_service()
|
||||
data_centers_service = system_service.data_centers_service()
|
||||
return data_centers_service.list(
|
||||
search='name=%s' % dc_name,
|
||||
)[0]
|
||||
return dc_name
|
||||
|
||||
def build_entity(self):
|
||||
provider_type = self._provider_type(
|
||||
requires_authentication=self._module.params.get('username') is not None,
|
||||
)
|
||||
if self._module.params.pop('type') == 'network':
|
||||
if self._module.params.pop('type') == NETWORK:
|
||||
setattr(
|
||||
provider_type,
|
||||
'type',
|
||||
otypes.OpenStackNetworkProviderType(self._module.params.pop('network_type'))
|
||||
)
|
||||
|
||||
for key, value in self._module.params.items():
|
||||
for key, value in self.provider_module_params():
|
||||
if hasattr(provider_type, key):
|
||||
setattr(provider_type, key, value)
|
||||
|
||||
|
@ -200,15 +251,76 @@ class ExternalProviderModule(BaseModule):
|
|||
equal(self._module.params.get('username'), entity.username)
|
||||
)
|
||||
|
||||
def update_volume_provider_auth_keys(
|
||||
self, provider, providers_service, keys
|
||||
):
|
||||
"""
|
||||
Update auth keys for volume provider, if not exist add them or remove
|
||||
if they are not specified and there are already defined in the external
|
||||
volume provider.
|
||||
|
||||
Args:
|
||||
provider (dict): Volume provider details.
|
||||
providers_service (openstack_volume_providers_service): Provider
|
||||
service.
|
||||
keys (list): Keys to be updated/added to volume provider, each key
|
||||
is represented as dict with keys: uuid, value.
|
||||
"""
|
||||
|
||||
provider_service = providers_service.provider_service(provider['id'])
|
||||
auth_keys_service = provider_service.authentication_keys_service()
|
||||
provider_keys = auth_keys_service.list()
|
||||
# removing keys which are not defined
|
||||
for key in [
|
||||
k.id for k in provider_keys if k.uuid not in [
|
||||
defined_key['uuid'] for defined_key in keys
|
||||
]
|
||||
]:
|
||||
self.changed = True
|
||||
if not self._module.check_mode:
|
||||
auth_keys_service.key_service(key).remove()
|
||||
if not (provider_keys or keys):
|
||||
# Nothing need to do when both are empty.
|
||||
return
|
||||
for key in keys:
|
||||
key_id_for_update = None
|
||||
for existing_key in provider_keys:
|
||||
if key['uuid'] == existing_key.uuid:
|
||||
key_id_for_update = existing_key.id
|
||||
|
||||
auth_key_usage_type = (
|
||||
otypes.OpenstackVolumeAuthenticationKeyUsageType("ceph")
|
||||
)
|
||||
auth_key = otypes.OpenstackVolumeAuthenticationKey(
|
||||
usage_type=auth_key_usage_type,
|
||||
uuid=key['uuid'],
|
||||
value=key['value'],
|
||||
)
|
||||
|
||||
if not key_id_for_update:
|
||||
self.changed = True
|
||||
if not self._module.check_mode:
|
||||
auth_keys_service.add(auth_key)
|
||||
else:
|
||||
# We cannot really distinguish here if it was really updated cause
|
||||
# we cannot take key value to check if it was changed or not. So
|
||||
# for sure we update here always.
|
||||
self.changed = True
|
||||
if not self._module.check_mode:
|
||||
auth_key_service = (
|
||||
auth_keys_service.key_service(key_id_for_update)
|
||||
)
|
||||
auth_key_service.update(auth_key)
|
||||
|
||||
|
||||
def _external_provider_service(provider_type, system_service):
|
||||
if provider_type == 'os_image':
|
||||
if provider_type == OS_IMAGE:
|
||||
return otypes.OpenStackImageProvider, system_service.openstack_image_providers_service()
|
||||
elif provider_type == 'network':
|
||||
elif provider_type == NETWORK:
|
||||
return otypes.OpenStackNetworkProvider, system_service.openstack_network_providers_service()
|
||||
elif provider_type == 'os_volume':
|
||||
elif provider_type == OS_VOLUME:
|
||||
return otypes.OpenStackVolumeProvider, system_service.openstack_volume_providers_service()
|
||||
elif provider_type == 'foreman':
|
||||
elif provider_type == FOREMAN:
|
||||
return otypes.ExternalHostProvider, system_service.external_host_providers_service()
|
||||
|
||||
|
||||
|
@ -224,7 +336,7 @@ def main():
|
|||
default=None,
|
||||
required=True,
|
||||
choices=[
|
||||
'os_image', 'network', 'os_volume', 'foreman',
|
||||
OS_IMAGE, NETWORK, OS_VOLUME, FOREMAN,
|
||||
],
|
||||
aliases=['provider'],
|
||||
),
|
||||
|
@ -239,6 +351,9 @@ def main():
|
|||
default='external',
|
||||
choices=['external', 'neutron'],
|
||||
),
|
||||
authentication_keys=dict(
|
||||
default=[], aliases=['auth_keys'], type='list', no_log=True,
|
||||
),
|
||||
)
|
||||
module = AnsibleModule(
|
||||
argument_spec=argument_spec,
|
||||
|
@ -254,8 +369,9 @@ def main():
|
|||
try:
|
||||
auth = module.params.pop('auth')
|
||||
connection = create_connection(auth)
|
||||
provider_type_param = module.params.get('type')
|
||||
provider_type, external_providers_service = _external_provider_service(
|
||||
provider_type=module.params.get('type'),
|
||||
provider_type=provider_type_param,
|
||||
system_service=connection.system_service(),
|
||||
)
|
||||
external_providers_module = ExternalProviderModule(
|
||||
|
@ -270,8 +386,18 @@ def main():
|
|||
ret = external_providers_module.remove()
|
||||
elif state == 'present':
|
||||
ret = external_providers_module.create()
|
||||
openstack_volume_provider_id = ret.get('id')
|
||||
if (
|
||||
provider_type_param == OS_VOLUME and
|
||||
openstack_volume_provider_id
|
||||
):
|
||||
external_providers_module.update_volume_provider_auth_keys(
|
||||
ret, external_providers_service,
|
||||
module.params.get('authentication_keys'),
|
||||
)
|
||||
|
||||
module.exit_json(**ret)
|
||||
|
||||
except Exception as e:
|
||||
module.fail_json(msg=str(e), exception=traceback.format_exc())
|
||||
finally:
|
||||
|
|
Loading…
Add table
Reference in a new issue