mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-07-25 14:20:22 -07:00
VMware: Improve output of vmware_local_role_facts (#47871)
This commit is contained in:
parent
899e5645ed
commit
754c377dbd
3 changed files with 50 additions and 36 deletions
|
@ -108,6 +108,7 @@ Noteworthy module changes
|
||||||
* The ``win_get_url`` module has removed the deprecated ``skip_certificate_validation`` option, use the standardised
|
* The ``win_get_url`` module has removed the deprecated ``skip_certificate_validation`` option, use the standardised
|
||||||
``validate_certs`` option instead.
|
``validate_certs`` option instead.
|
||||||
|
|
||||||
|
* The ``vmware_local_role_facts`` module now returns a list of dicts instead of a dict of dicts for role information.
|
||||||
|
|
||||||
Plugins
|
Plugins
|
||||||
=======
|
=======
|
||||||
|
|
|
@ -27,6 +27,7 @@ author:
|
||||||
notes:
|
notes:
|
||||||
- Tested on ESXi 6.5
|
- Tested on ESXi 6.5
|
||||||
- Be sure that the ESXi user used for login, has the appropriate rights to view roles
|
- Be sure that the ESXi user used for login, has the appropriate rights to view roles
|
||||||
|
- The module returns a list of dict in version 2.8 and above.
|
||||||
requirements:
|
requirements:
|
||||||
- "python >= 2.6"
|
- "python >= 2.6"
|
||||||
- PyVmomi
|
- PyVmomi
|
||||||
|
@ -53,8 +54,8 @@ local_role_facts:
|
||||||
description: Facts about role present on ESXi host
|
description: Facts about role present on ESXi host
|
||||||
returned: always
|
returned: always
|
||||||
type: dict
|
type: dict
|
||||||
sample: {
|
sample: [
|
||||||
"AnsiUser1": {
|
{
|
||||||
"privileges": [
|
"privileges": [
|
||||||
"Alarm.Acknowledge",
|
"Alarm.Acknowledge",
|
||||||
"Alarm.Create",
|
"Alarm.Create",
|
||||||
|
@ -64,16 +65,18 @@ local_role_facts:
|
||||||
"role_id": -12,
|
"role_id": -12,
|
||||||
"role_info_label": "Ansible User",
|
"role_info_label": "Ansible User",
|
||||||
"role_info_summary": "Ansible Automation user",
|
"role_info_summary": "Ansible Automation user",
|
||||||
|
"role_name": "AnsiUser1",
|
||||||
"role_system": true
|
"role_system": true
|
||||||
},
|
},
|
||||||
"NoAccess": {
|
{
|
||||||
"privileges": [],
|
"privileges": [],
|
||||||
"role_id": -5,
|
"role_id": -5,
|
||||||
"role_info_label": "No access",
|
"role_info_label": "No access",
|
||||||
"role_info_summary": "Used for restricting granted access",
|
"role_info_summary": "Used for restricting granted access",
|
||||||
|
"role_name": "NoAccess",
|
||||||
"role_system": true
|
"role_system": true
|
||||||
},
|
},
|
||||||
"View": {
|
{
|
||||||
"privileges": [
|
"privileges": [
|
||||||
"System.Anonymous",
|
"System.Anonymous",
|
||||||
"System.View"
|
"System.View"
|
||||||
|
@ -81,9 +84,10 @@ local_role_facts:
|
||||||
"role_id": -3,
|
"role_id": -3,
|
||||||
"role_info_label": "View",
|
"role_info_label": "View",
|
||||||
"role_info_summary": "Visibility access (cannot be granted)",
|
"role_info_summary": "Visibility access (cannot be granted)",
|
||||||
|
"role_name": "View",
|
||||||
"role_system": true
|
"role_system": true
|
||||||
}
|
}
|
||||||
}
|
]
|
||||||
'''
|
'''
|
||||||
|
|
||||||
from ansible.module_utils.basic import AnsibleModule
|
from ansible.module_utils.basic import AnsibleModule
|
||||||
|
@ -91,31 +95,38 @@ from ansible.module_utils.vmware import PyVmomi, vmware_argument_spec
|
||||||
|
|
||||||
|
|
||||||
class VMwareLocalRoleFacts(PyVmomi):
|
class VMwareLocalRoleFacts(PyVmomi):
|
||||||
|
"""Class to manage local role facts"""
|
||||||
def __init__(self, module):
|
def __init__(self, module):
|
||||||
super(VMwareLocalRoleFacts, self).__init__(module)
|
super(VMwareLocalRoleFacts, self).__init__(module)
|
||||||
self.module = module
|
self.module = module
|
||||||
self.params = module.params
|
self.params = module.params
|
||||||
|
|
||||||
if self.content.authorizationManager is None:
|
if self.content.authorizationManager is None:
|
||||||
self.module.fail_json(msg="Failed to get local authorization manager settings.",
|
self.module.fail_json(
|
||||||
details="It seems that %s is a vCenter server "
|
msg="Failed to get local authorization manager settings.",
|
||||||
"instead of an ESXi server" % self.params['hostname'])
|
details="It seems that '%s' is a vCenter server instead of an ESXi server" % self.params['hostname']
|
||||||
|
)
|
||||||
|
|
||||||
def gather_local_role_facts(self):
|
def gather_local_role_facts(self):
|
||||||
results = dict()
|
"""Gather facts about local roles"""
|
||||||
|
results = list()
|
||||||
for role in self.content.authorizationManager.roleList:
|
for role in self.content.authorizationManager.roleList:
|
||||||
results[role.name] = dict(
|
results.append(
|
||||||
role_id=role.roleId,
|
dict(
|
||||||
privileges=[priv_name for priv_name in role.privilege],
|
role_name=role.name,
|
||||||
role_system=role.system,
|
role_id=role.roleId,
|
||||||
role_info_label=role.info.label,
|
privileges=[priv_name for priv_name in role.privilege],
|
||||||
role_info_summary=role.info.summary,
|
role_system=role.system,
|
||||||
|
role_info_label=role.info.label,
|
||||||
|
role_info_summary=role.info.summary,
|
||||||
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
self.module.exit_json(changed=False, local_role_facts=results)
|
self.module.exit_json(changed=False, local_role_facts=results)
|
||||||
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
|
"""Main"""
|
||||||
argument_spec = vmware_argument_spec()
|
argument_spec = vmware_argument_spec()
|
||||||
module = AnsibleModule(argument_spec=argument_spec,
|
module = AnsibleModule(argument_spec=argument_spec,
|
||||||
supports_check_mode=True)
|
supports_check_mode=True)
|
||||||
|
|
|
@ -2,6 +2,15 @@
|
||||||
# Copyright: (c) 2018, Abhijeet Kasurde <akasurde@redhat.com>
|
# Copyright: (c) 2018, Abhijeet Kasurde <akasurde@redhat.com>
|
||||||
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||||
|
|
||||||
|
- name: Set list of Roles in fact
|
||||||
|
set_fact:
|
||||||
|
role_list:
|
||||||
|
- Admin
|
||||||
|
- NoCryptoAdmin
|
||||||
|
- NoAccess
|
||||||
|
- Anonymous
|
||||||
|
- ReadOnly
|
||||||
|
|
||||||
- name: store the vcenter container ip
|
- name: store the vcenter container ip
|
||||||
set_fact:
|
set_fact:
|
||||||
vcsim: "{{ lookup('env', 'vcenter_host') }}"
|
vcsim: "{{ lookup('env', 'vcenter_host') }}"
|
||||||
|
@ -30,40 +39,33 @@
|
||||||
|
|
||||||
- debug: var=vcsim_instance
|
- debug: var=vcsim_instance
|
||||||
|
|
||||||
- name: Gather facts about local role on ESXi
|
- name: Gather Role facts
|
||||||
vmware_local_role_facts:
|
vmware_local_role_facts:
|
||||||
hostname: "{{ vcsim }}"
|
hostname: "{{ vcsim }}"
|
||||||
username: "{{ vcsim_instance['json']['username'] }}"
|
username: "{{ vcsim_instance['json']['username'] }}"
|
||||||
password: "{{ vcsim_instance['json']['password'] }}"
|
password: "{{ vcsim_instance['json']['password'] }}"
|
||||||
validate_certs: no
|
validate_certs: no
|
||||||
register: fact_details
|
register: role_details
|
||||||
|
|
||||||
- name: verify if role is defined
|
- name: Test if role id is present for role
|
||||||
assert:
|
assert:
|
||||||
that:
|
that: "{{ role_details.local_role_facts | json_query(s_query) != [] }}"
|
||||||
- "{{ fact_details.changed == false }}"
|
vars:
|
||||||
- "{{ fact_details.local_role_facts['Admin']['privileges'] is defined }}"
|
s_query: "[?role_name == '{{ item }}'].role_id"
|
||||||
- "{{ fact_details.local_role_facts['Admin']['role_id'] is defined }}"
|
with_items: "{{ role_list }}"
|
||||||
- "{{ fact_details.local_role_facts['Admin']['role_info_label'] is defined }}"
|
|
||||||
- "{{ fact_details.local_role_facts['Admin']['role_info_summary'] is defined }}"
|
|
||||||
- "{{ fact_details.local_role_facts['Admin']['role_system'] is defined }}"
|
|
||||||
|
|
||||||
|
- name: Gather Role facts in check mode
|
||||||
- name: Gather facts about local role on ESXi in check mode
|
|
||||||
vmware_local_role_facts:
|
vmware_local_role_facts:
|
||||||
hostname: "{{ vcsim }}"
|
hostname: "{{ vcsim }}"
|
||||||
username: "{{ vcsim_instance['json']['username'] }}"
|
username: "{{ vcsim_instance['json']['username'] }}"
|
||||||
password: "{{ vcsim_instance['json']['password'] }}"
|
password: "{{ vcsim_instance['json']['password'] }}"
|
||||||
validate_certs: no
|
validate_certs: no
|
||||||
register: fact_details
|
register: role_details
|
||||||
check_mode: yes
|
check_mode: yes
|
||||||
|
|
||||||
- name: verify if role is defined in check mode
|
- name: Test if role id is present for role
|
||||||
assert:
|
assert:
|
||||||
that:
|
that: "{{ role_details.local_role_facts | json_query(s_query) != [] }}"
|
||||||
- "{{ fact_details.changed == false }}"
|
vars:
|
||||||
- "{{ fact_details.local_role_facts['Admin']['privileges'] is defined }}"
|
s_query: "[?role_name == '{{ item }}'].role_id"
|
||||||
- "{{ fact_details.local_role_facts['Admin']['role_id'] is defined }}"
|
with_items: "{{ role_list }}"
|
||||||
- "{{ fact_details.local_role_facts['Admin']['role_info_label'] is defined }}"
|
|
||||||
- "{{ fact_details.local_role_facts['Admin']['role_info_summary'] is defined }}"
|
|
||||||
- "{{ fact_details.local_role_facts['Admin']['role_system'] is defined }}"
|
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue