ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-04-24 03:11:24 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

Add tls parameter to redis module (#4207)

Browse source 
* Add tls parameter to redis module

* Rename changelog fragment to match PR

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

* Port redis module to redis auth module util

* Update changelogs/fragments/4207-add-redis-tls-support.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/database/misc/redis.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Undo reuse of redis auth doc fragment

* Use doc fragment.

Co-authored-by: Julian Faude <julian.faude@zweiacht.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
jcharlytown 2022-03-11 06:54:38 +01:00 committed by GitHub
parent 10ca62905f
commit 9a74ace1e4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 64 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

54
plugins/module_utils/redis.py
View file

@ -27,20 +27,20 @@ except ImportError:
HAS_CERTIFI_PACKAGE = False
def fail_imports(module):
def fail_imports(module, needs_certifi=True):
errors = []
traceback = []
if not HAS_REDIS_PACKAGE:
errors.append(missing_required_lib('redis'))
traceback.append(REDIS_IMP_ERR)
if not HAS_CERTIFI_PACKAGE:
if not HAS_CERTIFI_PACKAGE and needs_certifi:
errors.append(missing_required_lib('certifi'))
traceback.append(CERTIFI_IMPORT_ERROR)
if errors:
module.fail_json(errors=errors, traceback='\n'.join(traceback))
def redis_auth_argument_spec():
def redis_auth_argument_spec(tls_default=True):
return dict(
login_host=dict(type='str',
default='localhost',),
@ -50,7 +50,7 @@ def redis_auth_argument_spec():
),
login_port=dict(type='int', default=6379),
tls=dict(type='bool',
default=True),
default=tls_default),
validate_certs=dict(type='bool',
default=True
),
@ -58,6 +58,30 @@ def redis_auth_argument_spec():
)
def redis_auth_params(module):
login_host = module.params['login_host']
login_user = module.params['login_user']
login_password = module.params['login_password']
login_port = module.params['login_port']
tls = module.params['tls']
validate_certs = 'required' if module.params['validate_certs'] else None
ca_certs = module.params['ca_certs']
if tls and ca_certs is None:
ca_certs = str(certifi.where())
if tuple(map(int, redis_version.split('.'))) < (3, 4, 0) and login_user is not None:
module.fail_json(
msg='The option `username` in only supported with redis >= 3.4.0.')
params = {'host': login_host,
'port': login_port,
'password': login_password,
'ssl_ca_certs': ca_certs,
'ssl_cert_reqs': validate_certs,
'ssl': tls}
if login_user is not None:
params['username'] = login_user
return params
class RedisAnsible(object):
'''Base class for Redis module'''
@ -66,28 +90,8 @@ class RedisAnsible(object):
self.connection = self._connect()
def _connect(self):
login_host = self.module.params['login_host']
login_user = self.module.params['login_user']
login_password = self.module.params['login_password']
login_port = self.module.params['login_port']
tls = self.module.params['tls']
validate_certs = 'required' if self.module.params['validate_certs'] else None
ca_certs = self.module.params['ca_certs']
if tls and ca_certs is None:
ca_certs = str(certifi.where())
if tuple(map(int, redis_version.split('.'))) < (3, 4, 0) and login_user is not None:
self.module.fail_json(
msg='The option `username` in only supported with redis >= 3.4.0.')
params = {'host': login_host,
'port': login_port,
'password': login_password,
'ssl_ca_certs': ca_certs,
'ssl_cert_reqs': validate_certs,
'ssl': tls}
if login_user is not None:
params['username'] = login_user
try:
return Redis(**params)
return Redis(**redis_auth_params(self.module))
except Exception as e:
self.module.fail_json(msg='{0}'.format(str(e)))
return None