Rabbitmq: Enable communication to management API over HTTPS (#18437)

* Enable communication to management API over HTTPS. * Specify version added tags to new parameters * Set proper parameter type. * Corrected version_added numbers. * Extracted commons to ansible utils. * Fix PEP8 error * Fix documentation extension syntax. Fixes #22953
2025-04-26 20:31:27 -07:00 · 2018-10-10 06:25:08 +02:00 · 2018-10-10 06:25:08 +02:00 · e7ddff1928
commit e7ddff1928
parent 5e67981dd2
5 changed files with 142 additions and 110 deletions
--- a/lib/ansible/modules/messaging/rabbitmq_queue.py
+++ b/lib/ansible/modules/messaging/rabbitmq_queue.py
@ -34,27 +34,6 @@ options:
            - Only present implemented atm
        choices: [ "present", "absent" ]
        default: present
-    login_user:
-        description:
-            - rabbitMQ user for connection
-        default: guest
-    login_password:
-        description:
-            - rabbitMQ password for connection
-        type: bool
-        default: 'no'
-    login_host:
-        description:
-            - rabbitMQ host for connection
-        default: localhost
-    login_port:
-        description:
-            - rabbitMQ management api port
-        default: 15672
-    vhost:
-        description:
-            - rabbitMQ virtual host
-        default: "/"
    durable:
        description:
            - whether queue is durable or not
@ -95,6 +74,8 @@ options:
        description:
            - extra arguments for queue. If defined this argument is a key/value dictionary
        default: {}
+extends_documentation_fragment:
+    - rabbitmq
 '''

 EXAMPLES = '''
@ -120,18 +101,16 @@ except ImportError:

 from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.six.moves.urllib import parse as urllib_parse
+from ansible.module_utils.rabbitmq import rabbitmq_argument_spec


 def main():
-    module = AnsibleModule(
-        argument_spec=dict(
+
+    argument_spec = rabbitmq_argument_spec()
+    argument_spec.update(
+        dict(
            state=dict(default='present', choices=['present', 'absent'], type='str'),
            name=dict(required=True, type='str'),
-            login_user=dict(default='guest', type='str'),
-            login_password=dict(default='guest', type='str', no_log=True),
-            login_host=dict(default='localhost', type='str'),
-            login_port=dict(default='15672', type='str'),
-            vhost=dict(default='/', type='str'),
            durable=dict(default=True, type='bool'),
            auto_delete=dict(default=False, type='bool'),
            message_ttl=dict(default=None, type='int'),
@ -141,11 +120,12 @@ def main():
            dead_letter_routing_key=dict(default=None, type='str'),
            arguments=dict(default=dict(), type='dict'),
            max_priority=dict(default=None, type='int')
-        ),
-        supports_check_mode=True
+        )
    )
+    module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)

-    url = "http://%s:%s/api/queues/%s/%s" % (
+    url = "%s://%s:%s/api/queues/%s/%s" % (
+        module.params['login_protocol'],
        module.params['login_host'],
        module.params['login_port'],
        urllib_parse.quote(module.params['vhost'], ''),
@ -158,7 +138,8 @@ def main():
    result = dict(changed=False, name=module.params['name'])

    # Check if queue already exists
-    r = requests.get(url, auth=(module.params['login_user'], module.params['login_password']))
+    r = requests.get(url, auth=(module.params['login_user'], module.params['login_password']),
+                     verify=module.params['cacert'], cert=(module.params['cert'], module.params['key']))

    if r.status_code == 200:
        queue_exists = True
@ -244,10 +225,13 @@ def main():
                    "durable": module.params['durable'],
                    "auto_delete": module.params['auto_delete'],
                    "arguments": module.params['arguments']
-                })
+                }),
+                verify=module.params['cacert'],
+                cert=(module.params['cert'], module.params['key'])
            )
        elif module.params['state'] == 'absent':
-            r = requests.delete(url, auth=(module.params['login_user'], module.params['login_password']))
+            r = requests.delete(url, auth=(module.params['login_user'], module.params['login_password']),
+                                verify=module.params['cacert'], cert=(module.params['cert'], module.params['key']))

        # RabbitMQ 3.6.7 changed this response code from 204 to 201
        if r.status_code == 204 or r.status_code == 201:
@ -261,8 +245,10 @@ def main():
            )

    else:
-        result['changed'] = False
-        module.exit_json(**result)
+        module.exit_json(
+            changed=False,
+            name=module.params['name']
+        )


 if __name__ == '__main__':