#!/usr/bin/python # -*- coding: utf-8 -*- # Copyright 2015 Cristian van Ee # Copyright 2015 Igor Gnatenko # # This file is part of Ansible # # Ansible is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # Ansible is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . # DOCUMENTATION = ''' --- module: dnf version_added: 1.9 short_description: Manages packages with the I(dnf) package manager description: - Installs, upgrade, removes, and lists packages and groups with the I(dnf) package manager. options: name: description: - "Package name, or package specifier with version, like C(name-1.0). When using state=latest, this can be '*' which means run: dnf -y update. You can also pass a url or a local path to a rpm file." required: true default: null aliases: [] list: description: - Various (non-idempotent) commands for usage with C(/usr/bin/ansible) and I(not) playbooks. See examples. required: false default: null state: description: - Whether to install (C(present), C(latest)), or remove (C(absent)) a package. required: false choices: [ "present", "latest", "absent" ] default: "present" enablerepo: description: - I(Repoid) of repositories to enable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a ",". required: false default: null aliases: [] disablerepo: description: - I(Repoid) of repositories to disable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a ",". required: false default: null aliases: [] conf_file: description: - The remote dnf configuration file to use for the transaction. required: false default: null aliases: [] disable_gpg_check: description: - Whether to disable the GPG checking of signatures of packages being installed. Has an effect only if state is I(present) or I(latest). required: false default: "no" choices: ["yes", "no"] aliases: [] notes: [] # informational: requirements for nodes requirements: - "python >= 2.6" - python-dnf author: - '"Igor Gnatenko (@ignatenkobrain)" ' - '"Cristian van Ee (@DJMuggs)" ' ''' EXAMPLES = ''' - name: install the latest version of Apache dnf: name=httpd state=latest - name: remove the Apache package dnf: name=httpd state=absent - name: install the latest version of Apache from the testing repo dnf: name=httpd enablerepo=testing state=present - name: upgrade all packages dnf: name=* state=latest - name: install the nginx rpm from a remote repo dnf: name=http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm state=present - name: install nginx rpm from a local file dnf: name=/usr/local/src/nginx-release-centos-6-0.el6.ngx.noarch.rpm state=present - name: install the 'Development tools' package group dnf: name="@Development tools" state=present ''' import os try: import dnf from dnf import cli, const, exceptions, subject, util HAS_DNF = True except ImportError: HAS_DNF = False def _fail_if_no_dnf(module): """Fail if unable to import dnf.""" if not HAS_DNF: module.fail_json( msg="`python2-dnf` is not installed, but it is required for the Ansible dnf module.") def _configure_base(module, base, conf_file, disable_gpg_check): """Configure the dnf Base object.""" conf = base.conf # Turn off debug messages in the output conf.debuglevel = 0 # Set whether to check gpg signatures conf.gpgcheck = not disable_gpg_check # Don't prompt for user confirmations conf.assumeyes = True # Change the configuration file path if provided if conf_file: # Fail if we can't read the configuration file. if not os.access(conf_file, os.R_OK): module.fail_json( msg="cannot read configuration file", conf_file=conf_file) else: conf.config_file_path = conf_file # Read the configuration file conf.read() def _specify_repositories(base, disablerepo, enablerepo): """Enable and disable repositories matching the provided patterns.""" base.read_all_repos() repos = base.repos # Disable repositories for repo_pattern in disablerepo: for repo in repos.get_matching(repo_pattern): repo.disable() # Enable repositories for repo_pattern in enablerepo: for repo in repos.get_matching(repo_pattern): repo.enable() def _base(module, conf_file, disable_gpg_check, disablerepo, enablerepo): """Return a fully configured dnf Base object.""" base = dnf.Base() _configure_base(module, base, conf_file, disable_gpg_check) _specify_repositories(base, disablerepo, enablerepo) base.fill_sack() return base def _package_dict(package): """Return a dictionary of information for the package.""" # NOTE: This no longer contains the 'dnfstate' field because it is # already known based on the query type. result = { 'name': package.name, 'arch': package.arch, 'epoch': str(package.epoch), 'release': package.release, 'version': package.version, 'repo': package.repoid} result['nevra'] = '{epoch}:{name}-{version}-{release}.{arch}'.format( **result) return result def list_items(module, base, command): """List package info based on the command.""" # Rename updates to upgrades if command == 'updates': command = 'upgrades' # Return the corresponding packages if command in ['installed', 'upgrades', 'available']: results = [ _package_dict(package) for package in getattr(base.sack.query(), command)()] # Return the enabled repository ids elif command in ['repos', 'repositories']: results = [ {'repoid': repo.id, 'state': 'enabled'} for repo in base.repos.iter_enabled()] # Return any matching packages else: packages = subject.Subject(command).get_best_query(base.sack) results = [_package_dict(package) for package in packages] module.exit_json(results=results) def _mark_package_install(module, base, pkg_spec): """Mark the package for install.""" try: base.install(pkg_spec) except exceptions.MarkingError: module.fail_json(msg="No package {} available.".format(pkg_spec)) def ensure(module, base, state, names): allow_erasing = False if names == ['*'] and state == 'latest': base.upgrade_all() else: pkg_specs, group_specs, filenames = cli.commands.parse_spec_group_file( names) if group_specs: base.read_comps() groups = [] for group_spec in group_specs: group = base.comps.group_by_pattern(group_spec) if group: groups.append(group) else: module.fail_json( msg="No group {} available.".format(group_spec)) if state in ['installed', 'present']: # Install files. for filename in filenames: base.package_install(base.add_remote_rpm(filename)) # Install groups. for group in groups: base.group_install(group, const.GROUP_PACKAGE_TYPES) # Install packages. for pkg_spec in pkg_specs: _mark_package_install(module, base, pkg_spec) elif state == 'latest': # "latest" is same as "installed" for filenames. for filename in filenames: base.package_install(base.add_remote_rpm(filename)) for group in groups: try: base.group_upgrade(group) except exceptions.CompsError: # If not already installed, try to install. base.group_install(group, const.GROUP_PACKAGE_TYPES) for pkg_spec in pkg_specs: # best effort causes to install the latest package # even if not previously installed base.conf.best = True base.install(pkg_spec) else: # state == absent if filenames: module.fail_json( msg="Cannot remove paths -- please specify package name.") installed = base.sack.query().installed() for group in groups: if installed.filter(name=group.name): base.group_remove(group) for pkg_spec in pkg_specs: if installed.filter(name=pkg_spec): base.remove(pkg_spec) # Like the dnf CLI we want to allow recursive removal of dependent # packages allow_erasing = True if not base.resolve(allow_erasing=allow_erasing): module.exit_json(msg="Nothing to do") else: if module.check_mode: module.exit_json(changed=True) base.download_packages(base.transaction.install_set) base.do_transaction() response = {'changed': True, 'results': []} for package in base.transaction.install_set: response['results'].append("Installed: {}".format(package)) for package in base.transaction.remove_set: response['results'].append("Removed: {}".format(package)) module.exit_json(**response) def main(): """The main function.""" module = AnsibleModule( argument_spec=dict( name=dict(aliases=['pkg'], type='list'), state=dict( default='installed', choices=[ 'absent', 'present', 'installed', 'removed', 'latest']), enablerepo=dict(type='list', default=[]), disablerepo=dict(type='list', default=[]), list=dict(), conf_file=dict(default=None, type='path'), disable_gpg_check=dict(default=False, type='bool'), ), required_one_of=[['name', 'list']], mutually_exclusive=[['name', 'list']], supports_check_mode=True) params = module.params _fail_if_no_dnf(module) if params['list']: base = _base( module, params['conf_file'], params['disable_gpg_check'], params['disablerepo'], params['enablerepo']) list_items(module, base, params['list']) else: # Note: base takes a long time to run so we want to check for failure # before running it. if not util.am_i_root(): module.fail_json(msg="This command has to be run under the root user.") base = _base( module, params['conf_file'], params['disable_gpg_check'], params['disablerepo'], params['enablerepo']) ensure(module, base, params['state'], params['name']) # import module snippets from ansible.module_utils.basic import * if __name__ == '__main__': main()