diff options
Diffstat (limited to 'filter_plugins')
-rw-r--r-- | filter_plugins/oo_filters.py | 285 | ||||
-rw-r--r-- | filter_plugins/openshift_node.py | 43 | ||||
-rw-r--r-- | filter_plugins/openshift_version.py | 4 |
3 files changed, 245 insertions, 87 deletions
diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py index 8b279981d..f9564499d 100644 --- a/filter_plugins/oo_filters.py +++ b/filter_plugins/oo_filters.py @@ -194,10 +194,10 @@ def oo_select_keys_from_list(data, keys): """ if not isinstance(data, list): - raise errors.AnsibleFilterError("|failed expects to filter on a list") + raise errors.AnsibleFilterError("|oo_select_keys_from_list failed expects to filter on a list") if not isinstance(keys, list): - raise errors.AnsibleFilterError("|failed expects first param is a list") + raise errors.AnsibleFilterError("|oo_select_keys_from_list failed expects first param is a list") # Gather up the values for the list of keys passed in retval = [oo_select_keys(item, keys) for item in data] @@ -213,10 +213,10 @@ def oo_select_keys(data, keys): """ if not isinstance(data, Mapping): - raise errors.AnsibleFilterError("|failed expects to filter on a dict or object") + raise errors.AnsibleFilterError("|oo_select_keys failed expects to filter on a dict or object") if not isinstance(keys, list): - raise errors.AnsibleFilterError("|failed expects first param is a list") + raise errors.AnsibleFilterError("|oo_select_keys failed expects first param is a list") # Gather up the values for the list of keys passed in retval = [data[key] for key in keys if key in data] @@ -707,33 +707,31 @@ def oo_openshift_env(hostvars): if regex.match(key): facts[key] = hostvars[key] - migrations = {'openshift_router_selector': 'openshift_hosted_router_selector', - 'openshift_registry_selector': 'openshift_hosted_registry_selector'} - for old_fact, new_fact in migrations.items(): - if old_fact in facts and new_fact not in facts: - facts[new_fact] = facts[old_fact] return facts -# pylint: disable=too-many-branches, too-many-nested-blocks -def oo_persistent_volumes(hostvars, groups, persistent_volumes=None): +# pylint: disable=too-many-branches, too-many-nested-blocks, too-many-statements, too-many-locals +def oo_component_persistent_volumes(hostvars, groups, component, subcomponent=None): """ Generate list of persistent volumes based on oo_openshift_env - storage options set in host variables. + storage options set in host variables for a specific component. """ if not issubclass(type(hostvars), dict): raise errors.AnsibleFilterError("|failed expects hostvars is a dict") if not issubclass(type(groups), dict): raise errors.AnsibleFilterError("|failed expects groups is a dict") - if persistent_volumes is not None and not issubclass(type(persistent_volumes), list): - raise errors.AnsibleFilterError("|failed expects persistent_volumes is a list") - if persistent_volumes is None: - persistent_volumes = [] - if 'hosted' in hostvars['openshift']: - for component in hostvars['openshift']['hosted']: - if 'storage' in hostvars['openshift']['hosted'][component]: - params = hostvars['openshift']['hosted'][component]['storage'] - kind = params['kind'] + persistent_volume = None + + if component in hostvars['openshift']: + if subcomponent is not None: + storage_component = hostvars['openshift'][component][subcomponent] + else: + storage_component = hostvars['openshift'][component] + + if 'storage' in storage_component: + params = storage_component['storage'] + kind = params['kind'] + if 'create_pv' in params: create_pv = params['create_pv'] if kind is not None and create_pv: if kind == 'nfs': @@ -747,34 +745,48 @@ def oo_persistent_volumes(hostvars, groups, persistent_volumes=None): volume = params['volume']['name'] path = directory + '/' + volume size = params['volume']['size'] + if 'labels' in params: + labels = params['labels'] + else: + labels = dict() access_modes = params['access']['modes'] persistent_volume = dict( name="{0}-volume".format(volume), capacity=size, + labels=labels, access_modes=access_modes, storage=dict( nfs=dict( server=host, path=path))) - persistent_volumes.append(persistent_volume) + elif kind == 'openstack': volume = params['volume']['name'] size = params['volume']['size'] + if 'labels' in params: + labels = params['labels'] + else: + labels = dict() access_modes = params['access']['modes'] filesystem = params['openstack']['filesystem'] volume_id = params['openstack']['volumeID'] persistent_volume = dict( name="{0}-volume".format(volume), capacity=size, + labels=labels, access_modes=access_modes, storage=dict( cinder=dict( fsType=filesystem, volumeID=volume_id))) - persistent_volumes.append(persistent_volume) + elif kind == 'glusterfs': volume = params['volume']['name'] size = params['volume']['size'] + if 'labels' in params: + labels = params['labels'] + else: + labels = dict() access_modes = params['access']['modes'] endpoints = params['glusterfs']['endpoints'] path = params['glusterfs']['path'] @@ -782,21 +794,101 @@ def oo_persistent_volumes(hostvars, groups, persistent_volumes=None): persistent_volume = dict( name="{0}-volume".format(volume), capacity=size, + labels=labels, access_modes=access_modes, storage=dict( glusterfs=dict( endpoints=endpoints, path=path, readOnly=read_only))) - persistent_volumes.append(persistent_volume) + elif not (kind == 'object' or kind == 'dynamic'): msg = "|failed invalid storage kind '{0}' for component '{1}'".format( kind, component) raise errors.AnsibleFilterError(msg) + return persistent_volume + + +# pylint: disable=too-many-branches, too-many-nested-blocks, too-many-statements +def oo_persistent_volumes(hostvars, groups, persistent_volumes=None): + """ Generate list of persistent volumes based on oo_openshift_env + storage options set in host variables. + """ + if not issubclass(type(hostvars), dict): + raise errors.AnsibleFilterError("|failed expects hostvars is a dict") + if not issubclass(type(groups), dict): + raise errors.AnsibleFilterError("|failed expects groups is a dict") + if persistent_volumes is not None and not issubclass(type(persistent_volumes), list): + raise errors.AnsibleFilterError("|failed expects persistent_volumes is a list") + + if persistent_volumes is None: + persistent_volumes = [] + if 'hosted' in hostvars['openshift']: + for component in hostvars['openshift']['hosted']: + persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'hosted', component) + if persistent_volume is not None: + persistent_volumes.append(persistent_volume) + + if 'logging' in hostvars['openshift']: + persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'logging') + if persistent_volume is not None: + persistent_volumes.append(persistent_volume) + if 'loggingops' in hostvars['openshift']: + persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'loggingops') + if persistent_volume is not None: + persistent_volumes.append(persistent_volume) + if 'metrics' in hostvars['openshift']: + persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'metrics') + if persistent_volume is not None: + persistent_volumes.append(persistent_volume) + if 'prometheus' in hostvars['openshift']: + persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'prometheus') + if persistent_volume is not None: + persistent_volumes.append(persistent_volume) + if 'alertmanager' in hostvars['openshift']['prometheus']: + persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'prometheus', 'alertmanager') + if persistent_volume is not None: + persistent_volumes.append(persistent_volume) + if 'alertbuffer' in hostvars['openshift']['prometheus']: + persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'prometheus', 'alertbuffer') + if persistent_volume is not None: + persistent_volumes.append(persistent_volume) return persistent_volumes +def oo_component_pv_claims(hostvars, component, subcomponent=None): + """ Generate list of persistent volume claims based on oo_openshift_env + storage options set in host variables for a speicific component. + """ + if not issubclass(type(hostvars), dict): + raise errors.AnsibleFilterError("|failed expects hostvars is a dict") + + if component in hostvars['openshift']: + if subcomponent is not None: + storage_component = hostvars['openshift'][component][subcomponent] + else: + storage_component = hostvars['openshift'][component] + + if 'storage' in storage_component: + params = storage_component['storage'] + kind = params['kind'] + if 'create_pv' in params: + if 'create_pvc' in params: + create_pv = params['create_pv'] + create_pvc = params['create_pvc'] + if kind not in [None, 'object'] and create_pv and create_pvc: + volume = params['volume']['name'] + size = params['volume']['size'] + access_modes = params['access']['modes'] + persistent_volume_claim = dict( + name="{0}-claim".format(volume), + capacity=size, + access_modes=access_modes) + return persistent_volume_claim + return None + + def oo_persistent_volume_claims(hostvars, persistent_volume_claims=None): """ Generate list of persistent volume claims based on oo_openshift_env storage options set in host variables. @@ -810,20 +902,34 @@ def oo_persistent_volume_claims(hostvars, persistent_volume_claims=None): persistent_volume_claims = [] if 'hosted' in hostvars['openshift']: for component in hostvars['openshift']['hosted']: - if 'storage' in hostvars['openshift']['hosted'][component]: - params = hostvars['openshift']['hosted'][component]['storage'] - kind = params['kind'] - create_pv = params['create_pv'] - create_pvc = params['create_pvc'] - if kind not in [None, 'object'] and create_pv and create_pvc: - volume = params['volume']['name'] - size = params['volume']['size'] - access_modes = params['access']['modes'] - persistent_volume_claim = dict( - name="{0}-claim".format(volume), - capacity=size, - access_modes=access_modes) - persistent_volume_claims.append(persistent_volume_claim) + persistent_volume_claim = oo_component_pv_claims(hostvars, 'hosted', component) + if persistent_volume_claim is not None: + persistent_volume_claims.append(persistent_volume_claim) + + if 'logging' in hostvars['openshift']: + persistent_volume_claim = oo_component_pv_claims(hostvars, 'logging') + if persistent_volume_claim is not None: + persistent_volume_claims.append(persistent_volume_claim) + if 'loggingops' in hostvars['openshift']: + persistent_volume_claim = oo_component_pv_claims(hostvars, 'loggingops') + if persistent_volume_claim is not None: + persistent_volume_claims.append(persistent_volume_claim) + if 'metrics' in hostvars['openshift']: + persistent_volume_claim = oo_component_pv_claims(hostvars, 'metrics') + if persistent_volume_claim is not None: + persistent_volume_claims.append(persistent_volume_claim) + if 'prometheus' in hostvars['openshift']: + persistent_volume_claim = oo_component_pv_claims(hostvars, 'prometheus') + if persistent_volume_claim is not None: + persistent_volume_claims.append(persistent_volume_claim) + if 'alertmanager' in hostvars['openshift']['prometheus']: + persistent_volume_claim = oo_component_pv_claims(hostvars, 'prometheus', 'alertmanager') + if persistent_volume_claim is not None: + persistent_volume_claims.append(persistent_volume_claim) + if 'alertbuffer' in hostvars['openshift']['prometheus']: + persistent_volume_claim = oo_component_pv_claims(hostvars, 'prometheus', 'alertbuffer') + if persistent_volume_claim is not None: + persistent_volume_claims.append(persistent_volume_claim) return persistent_volume_claims @@ -862,10 +968,8 @@ def oo_pods_match_component(pods, deployment_type, component): raise errors.AnsibleFilterError("failed expects component to be a string") image_prefix = 'openshift/origin-' - if deployment_type in ['enterprise', 'online', 'openshift-enterprise']: + if deployment_type == 'openshift-enterprise': image_prefix = 'openshift3/ose-' - elif deployment_type == 'atomic-enterprise': - image_prefix = 'aep3_beta/aep-' matching_pods = [] image_regex = image_prefix + component + r'.*' @@ -994,6 +1098,100 @@ def oo_random_word(length, source='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRS return ''.join(random.choice(source) for i in range(length)) +def oo_contains_rule(source, apiGroups, resources, verbs): + '''Return true if the specified rule is contained within the provided source''' + + rules = source['rules'] + + if rules: + for rule in rules: + if set(rule['apiGroups']) == set(apiGroups): + if set(rule['resources']) == set(resources): + if set(rule['verbs']) == set(verbs): + return True + + return False + + +def oo_selector_to_string_list(user_dict): + """Convert a dict of selectors to a key=value list of strings + +Given input of {'region': 'infra', 'zone': 'primary'} returns a list +of items as ['region=infra', 'zone=primary'] + """ + selectors = [] + for key in user_dict: + selectors.append("{}={}".format(key, user_dict[key])) + return selectors + + +def oo_filter_sa_secrets(sa_secrets, secret_hint='-token-'): + """Parse the Service Account Secrets list, `sa_secrets`, (as from +oc_serviceaccount_secret:state=list) and return the name of the secret +containing the `secret_hint` string. For example, by default this will +return the name of the secret holding the SA bearer token. + +Only provide the 'results' object to this filter. This filter expects +to receive a list like this: + + [ + { + "name": "management-admin-dockercfg-p31s2" + }, + { + "name": "management-admin-token-bnqsh" + } + ] + + +Returns: + +* `secret_name` [string] - The name of the secret matching the + `secret_hint` parameter. By default this is the secret holding the + SA's bearer token. + +Example playbook usage: + +Register a return value from oc_serviceaccount_secret with and pass +that result to this filter plugin. + + - name: Get all SA Secrets + oc_serviceaccount_secret: + state: list + service_account: management-admin + namespace: management-infra + register: sa + + - name: Save the SA bearer token secret name + set_fact: + management_token: "{{ sa.results | oo_filter_sa_secrets }}" + + - name: Get the SA bearer token value + oc_secret: + state: list + name: "{{ management_token }}" + namespace: management-infra + decode: true + register: sa_secret + + - name: Print the bearer token value + debug: + var: sa_secret.results.decoded.token + + """ + secret_name = None + + for secret in sa_secrets: + # each secret is a hash + if secret['name'].find(secret_hint) == -1: + continue + else: + secret_name = secret['name'] + break + + return secret_name + + class FilterModule(object): """ Custom ansible filter mapping """ @@ -1034,5 +1232,8 @@ class FilterModule(object): "oo_openshift_loadbalancer_frontends": oo_openshift_loadbalancer_frontends, "oo_openshift_loadbalancer_backends": oo_openshift_loadbalancer_backends, "to_padded_yaml": to_padded_yaml, - "oo_random_word": oo_random_word + "oo_random_word": oo_random_word, + "oo_contains_rule": oo_contains_rule, + "oo_selector_to_string_list": oo_selector_to_string_list, + "oo_filter_sa_secrets": oo_filter_sa_secrets, } diff --git a/filter_plugins/openshift_node.py b/filter_plugins/openshift_node.py deleted file mode 100644 index cad95ea6d..000000000 --- a/filter_plugins/openshift_node.py +++ /dev/null @@ -1,43 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -''' -Custom filters for use in openshift-node -''' -from ansible import errors - - -class FilterModule(object): - ''' Custom ansible filters for use by openshift_node role''' - - @staticmethod - def get_dns_ip(openshift_dns_ip, hostvars): - ''' Navigates the complicated logic of when to set dnsIP - - In all situations if they've set openshift_dns_ip use that - For 1.0/3.0 installs we use the openshift_master_cluster_vip, openshift_node_first_master_ip, else None - For 1.1/3.1 installs we use openshift_master_cluster_vip, else None (product will use kube svc ip) - For 1.2/3.2+ installs we set to the node's default interface ip - ''' - - if not issubclass(type(hostvars), dict): - raise errors.AnsibleFilterError("|failed expects hostvars is a dict") - - # We always use what they've specified if they've specified a value - if openshift_dns_ip is not None: - return openshift_dns_ip - - if bool(hostvars['openshift']['common']['use_dnsmasq']): - return hostvars['ansible_default_ipv4']['address'] - elif bool(hostvars['openshift']['common']['version_gte_3_1_or_1_1']): - if 'openshift_master_cluster_vip' in hostvars: - return hostvars['openshift_master_cluster_vip'] - else: - if 'openshift_master_cluster_vip' in hostvars: - return hostvars['openshift_master_cluster_vip'] - elif 'openshift_node_first_master_ip' in hostvars: - return hostvars['openshift_node_first_master_ip'] - return None - - def filters(self): - ''' returns a mapping of filters to methods ''' - return {'get_dns_ip': self.get_dns_ip} diff --git a/filter_plugins/openshift_version.py b/filter_plugins/openshift_version.py index 809e82488..c515f1a71 100644 --- a/filter_plugins/openshift_version.py +++ b/filter_plugins/openshift_version.py @@ -33,10 +33,10 @@ def legacy_gte_function_builder(name, versions): returns True/False """ version_gte = False - if 'enterprise' in deployment_type: + if deployment_type == 'openshift-enterprise': if str(version) >= LooseVersion(enterprise_version): version_gte = True - elif 'origin' in deployment_type: + else: if str(version) >= LooseVersion(origin_version): version_gte = True return version_gte |