diff options
Diffstat (limited to 'roles/lib_openshift/library')
-rw-r--r-- | roles/lib_openshift/library/oc_route.py | 112 |
1 files changed, 68 insertions, 44 deletions
diff --git a/roles/lib_openshift/library/oc_route.py b/roles/lib_openshift/library/oc_route.py index 7c4fa1fbd..982a43ba3 100644 --- a/roles/lib_openshift/library/oc_route.py +++ b/roles/lib_openshift/library/oc_route.py @@ -145,6 +145,12 @@ options: required: false default: None aliases: [] + port: + description: + - The Name of the service port or number of the container port the route will route traffic to + required: false + default: None + aliases: [] author: - "Kenny Woodson <kwoodson@redhat.com>" extends_documentation_fragment: [] @@ -1324,7 +1330,8 @@ class RouteConfig(object): tls_termination=None, service_name=None, wildcard_policy=None, - weight=None): + weight=None, + port=None): ''' constructor for handling route options ''' self.kubeconfig = kubeconfig self.name = sname @@ -1336,6 +1343,7 @@ class RouteConfig(object): self.cert = cert self.key = key self.service_name = service_name + self.port = port self.data = {} self.wildcard_policy = wildcard_policy if wildcard_policy is None: @@ -1360,12 +1368,15 @@ class RouteConfig(object): if self.tls_termination: self.data['spec']['tls'] = {} + self.data['spec']['tls']['termination'] = self.tls_termination + + if self.tls_termination != 'passthrough': + self.data['spec']['tls']['key'] = self.key + self.data['spec']['tls']['caCertificate'] = self.cacert + self.data['spec']['tls']['certificate'] = self.cert + if self.tls_termination == 'reencrypt': self.data['spec']['tls']['destinationCACertificate'] = self.destcacert - self.data['spec']['tls']['key'] = self.key - self.data['spec']['tls']['caCertificate'] = self.cacert - self.data['spec']['tls']['certificate'] = self.cert - self.data['spec']['tls']['termination'] = self.tls_termination self.data['spec']['to'] = {'kind': 'Service', 'name': self.service_name, @@ -1373,11 +1384,16 @@ class RouteConfig(object): self.data['spec']['wildcardPolicy'] = self.wildcard_policy + if self.port: + self.data['spec']['port'] = {} + self.data['spec']['port']['targetPort'] = self.port + # pylint: disable=too-many-instance-attributes,too-many-public-methods class Route(Yedit): ''' Class to wrap the oc command line tools ''' wildcard_policy = "spec.wildcardPolicy" host_path = "spec.host" + port_path = "spec.port.targetPort" service_path = "spec.to.name" weight_path = "spec.to.weight" cert_path = "spec.tls.certificate" @@ -1423,6 +1439,10 @@ class Route(Yedit): ''' return host ''' return self.get(Route.host_path) + def get_port(self): + ''' return port ''' + return self.get(Route.port_path) + def get_wildcard_policy(self): ''' return wildcardPolicy ''' return self.get(Route.wildcard_policy) @@ -1494,9 +1514,23 @@ class OCRoute(OpenShiftCLI): skip = [] return not Utils.check_def_equal(self.config.data, self.route.yaml_dict, skip_keys=skip, debug=True) + @staticmethod + def get_cert_data(path, content): + '''get the data for a particular value''' + if not path and not content: + return None + + rval = None + if path and os.path.exists(path) and os.access(path, os.R_OK): + rval = open(path).read() + elif content: + rval = content + + return rval + # pylint: disable=too-many-return-statements,too-many-branches @staticmethod - def run_ansible(params, files, check_mode=False): + def run_ansible(params, check_mode=False): ''' run the idempotent asnible code params comes from the ansible portion for this module @@ -1508,6 +1542,30 @@ class OCRoute(OpenShiftCLI): } check_mode: does the module support check mode. (module.check_mode) ''' + files = {'destcacert': {'path': params['dest_cacert_path'], + 'content': params['dest_cacert_content'], + 'value': None, }, + 'cacert': {'path': params['cacert_path'], + 'content': params['cacert_content'], + 'value': None, }, + 'cert': {'path': params['cert_path'], + 'content': params['cert_content'], + 'value': None, }, + 'key': {'path': params['key_path'], + 'content': params['key_content'], + 'value': None, }, } + + if params['tls_termination'] and params['tls_termination'].lower() != 'passthrough': # E501 + + for key, option in files.items(): + if key == 'destcacert' and params['tls_termination'] != 'reencrypt': + continue + + option['value'] = OCRoute.get_cert_data(option['path'], option['content']) # E501 + + if not option['value']: + return {'failed': True, + 'msg': 'Verify that you pass a value for %s' % key} rconfig = RouteConfig(params['name'], params['namespace'], @@ -1520,7 +1578,8 @@ class OCRoute(OpenShiftCLI): params['tls_termination'], params['service_name'], params['wildcard_policy'], - params['weight']) + params['weight'], + params['port']) oc_route = OCRoute(rconfig, verbose=params['debug']) @@ -1604,20 +1663,6 @@ class OCRoute(OpenShiftCLI): # -*- -*- -*- Begin included fragment: ansible/oc_route.py -*- -*- -*- -def get_cert_data(path, content): - '''get the data for a particular value''' - if not path and not content: - return None - - rval = None - if path and os.path.exists(path) and os.access(path, os.R_OK): - rval = open(path).read() - elif content: - rval = content - - return rval - - # pylint: disable=too-many-branches def main(): ''' @@ -1644,6 +1689,7 @@ def main(): host=dict(default=None, type='str'), wildcard_policy=dict(default=None, type='str'), weight=dict(default=None, type='int'), + port=dict(default=None, type='int'), ), mutually_exclusive=[('dest_cacert_path', 'dest_cacert_content'), ('cacert_path', 'cacert_content'), @@ -1651,30 +1697,8 @@ def main(): ('key_path', 'key_content'), ], supports_check_mode=True, ) - files = {'destcacert': {'path': module.params['dest_cacert_path'], - 'content': module.params['dest_cacert_content'], - 'value': None, }, - 'cacert': {'path': module.params['cacert_path'], - 'content': module.params['cacert_content'], - 'value': None, }, - 'cert': {'path': module.params['cert_path'], - 'content': module.params['cert_content'], - 'value': None, }, - 'key': {'path': module.params['key_path'], - 'content': module.params['key_content'], - 'value': None, }, } - - if module.params['tls_termination']: - for key, option in files.items(): - if key == 'destcacert' and module.params['tls_termination'] != 'reencrypt': - continue - - option['value'] = get_cert_data(option['path'], option['content']) - - if not option['value']: - module.fail_json(msg='Verify that you pass a value for %s' % key) - results = OCRoute.run_ansible(module.params, files, module.check_mode) + results = OCRoute.run_ansible(module.params, module.check_mode) if 'failed' in results: module.fail_json(**results) |